By default, FreeIPA does not allow anonymous binds. So create a service account with no permissions to login, and just to bind, we're going to have to get down and dirty with LDAP.
ldapmodify -x -D 'cn=Directory Manager' -W < service_accountdn: uid=CHANGE_THIS_WITH_THE_USERNAME,cn=sysaccounts,cn=etc,dc=ubnetdef,dc=net changetype: add objectclass: account objectclass: simplesecurityobject uid: CHANGE_THIS_WITH_THE_USERNAME userPassword: put-a-good-password-here passwordExpirationTime: 20380119031407Z nsIdleTimeout: 0