FreeIPA only as ldap server

N. J

3/8/24, 8:53 AM

I want to try setup FreeIPA in my home lab, but I do not want any more additonal stuff like, Certificates and DNS. I just want the IPA to work as a LDAP server.

Does the FreeIPA installation support such feature, so I can disable these functionalities?

226

1 + 0

freeipa

Score:1

Server

abbra

3/8/24, 12:58 PM

No it does not. You can look at 389-ds which is the directory server FreeIPA is using. It has own setup tooling that makes configuring it easy these days. See https://www.port389.org/docs/389ds/howto/quickstart.html for more details.

+ 4

N. J

3/8/24, 1:40 PM

however I can treat it as a ldap server? Without using DNS or as a CA authority

abbra

3/8/24, 1:45 PM

389-ds is the LDAP server.

N. J

3/9/24, 4:21 PM

OK,however @abbra. Can I unenroll existing hosts from IPA and just configure them as LDAP-AUTH to the IPA server? And which order should this be done? 1. Unenroll 2. Ldap-auth or oppsite?

abbra

3/10/24, 7:23 AM

I am not sure what exactly you want to achieve. If you already have IPA deployment that you control, sure you can dump it and create anything else you want. You can also connect hosts to LDAP server as you wish. You have originally asked a question how to uninstall individual IPA features; this is not possible and not supported.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: FreeIPA only as ldap server

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.