Re. I installed the server like this :
### ipa-server-install -r <MYREALM> -n <mydomain> --hostname=<fqdn ipa server> -p '<pass1>' -a '<pass2>' --no-ntp --no-ssh --no-sshd -U ### And for the clients : ### ipa-client-install --domain=<mydomain> --realm=<MYREALM> --fixed-primary --server=<fqdn ipa server> --principal=admin --password='<pass2>' --mkhomedir --hostname=<fqdn client> --no-ntp --no-ssh --no-sshd --unattended --force-join ### And when I check the /etc/openldap/ldap.conf, indeed : ### #File modified by ipa-client-install URI ldaps://<fqdn ipa server> BASE dc=<MYREALM> TLS_CACERT /etc/ipa/ca.crt ### So yes it is already enabled ^_^. Thank you for your answer. Best regards. Bahan
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
