[Diggity]

One major undocumented problem that I did not see in the patch notes involves openldap.

Specifically there is some error in generating a PID file in the system-d service call.

I solved the problem by removing/commenting out the run PID line in /usr/lib/systemd/system/slapd.service

[jlgaddis]

There are a few "known issues" with OpenLDAP [0] in the RHEL 7.5 release notes but I don't see that one mentioned.

ICYMI, the openldap-servers package is "deprecated and will not be included in a future major release of Red Hat Enterprise Linux".

For RHEL, that means it will remain in the 7.x versions but will not be included in 8.x when it is released (which should be Real Soon Now(tm)).

For CentOS, that also (likely) means that OpenLDAP will not be included in future (major) versions.

[0]: https://access.redhat.com/documentation/en-us/red_hat_enterp...

[patoh]

OpenLDAP-LTB provides up-to-date openldap packages for CentOS - http://ltb-project.org/documentation/openldap-rpm

openldap upstream suggest using these on CentOS / RHEL over the redhat packages, if operating the server components.

[vetinari]

Redhat ships with 389 directory server for several years already (former Netscape Directory) and when you install FreeIPA, you will get 389 by default. I don't think FreeIPA even works with OpenLDAP.