LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/LDAP-HOWTO/prereq.html

261 lines
5.4 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML
><HEAD
><TITLE
>Pre-Requirements</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="LDAP Linux HOWTO"
HREF="index.html"><LINK
REL="UP"
TITLE="Installing the LDAP Server"
HREF="installing.html"><LINK
REL="PREVIOUS"
TITLE="Installing the LDAP Server"
HREF="installing.html"><LINK
REL="NEXT"
TITLE="Downloading the Package"
HREF="download.html"></HEAD
><BODY
CLASS="section"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>LDAP Linux HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="installing.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 2. Installing the LDAP Server</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="download.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="section"
><H1
CLASS="section"
><A
NAME="PreReq"
></A
>2.1. Pre-Requirements</H1
><P
>To be fully LDAPv3 compliant, OpenLDAP clients and servers require installation
of some additional packages. For writing this document, I've used a Mandrake 9.0 box with
a 2.4.20 Kernel, manually installing the Berkeley BDB package and SASL libraries.</P
><P
><B
CLASS="command"
>OpenSSL TLS Libraries</B
></P
><P
>The OpenSSL TLS libraries are normally part of the base system or compose an
optional software component. The official OpenSSL url is:
<A
HREF="http://www.openssl.org"
TARGET="_top"
>http://www.openssl.org</A
></P
><P
><B
CLASS="command"
>Kerberos Authentication Services</B
></P
><P
>OpenLDAP clients and servers support Kerberos-based authentication services.
In particular, OpenLDAP supports SASL/GSSAPI authentication mechanism using
either Heimdal or MIT Kerberos V packages. If you desire to use Kerberos-based
SASL/GSSAPI authentication, you should install either Heimdal or MIT Kerberos V.
Heimdal Kerberos is available from <A
HREF="http://www.pdc.kth.se/heimdal"
TARGET="_top"
>http://www.pdc.kth.se/heimdal</A
>
MIT Kerberos is available from <A
HREF="http://web.mit.edu/kerberos/www"
TARGET="_top"
>http://web.mit.edu/kerberos/www</A
></P
><P
>The use of strong authentication services, such as those provided by Kerberos,
is highly recommended.</P
><P
><B
CLASS="command"
>Cyrus's Simple Authentication and Security Layer Libraries</B
></P
><P
>Cyrus's SASL libraries are normally part of the base system or compose an
optional software component. Cyrus SASL is available from <A
HREF="http://asg.web.cmu.edu/sasl/sasl-library.html"
TARGET="_top"
>http://asg.web.cmu.edu/sasl/sasl-library.html</A
>.
Cyrus SASL will make use of OpenSSL and Kerberos/GSSAPI libraries if preinstalled. By the time of this
writing, I've used Cyrus SASL 2.1.17.</P
><P
><B
CLASS="command"
>Database Software</B
></P
><P
>Slapd's primary database backend, BDB, requires
<A
HREF="http://www.sleepycat.com"
TARGET="_top"
>Sleepycat Software Berkeley DB</A
>, version 4.
If not available at configure time, you will not be able to build slapd with primary database backend.</P
><P
>Your operating system may provide Berkeley DB, version 4, in the base
system or as an optional software component. If not, there are several versions
available at <A
HREF="http://www.sleepycat.com/download.html"
TARGET="_top"
>Sleepycat</A
>.
At the time of this writing, the latest release, version 4.2.52, is recommended.
OpenLDAP's slapd LDBM backend supports a variety of database managers,
like Berkeley DB (version 3) and GDBM. GDBM is available from <A
HREF="http://www.fsf.org/"
TARGET="_top"
>FSF's</A
> download
site <A
HREF="ftp://ftp.gnu.org/pub/gnu/gdbm/"
TARGET="_top"
>ftp://ftp.gnu.org/pub/gnu/gdbm/</A
>.</P
><P
><B
CLASS="command"
>Threads</B
></P
><P
>Threads support are almost guaranteed to be part of your base Linux system.
OpenLDAP is designed to take advantage of threads. OpenLDAP supports POSIX
pthreads, Mach CThreads, and a number of other varieties. The <EM
>configure</EM
>
script will complain if it cannot find a suitable thread subsystem. If this occurs, please
consult the Software - Installation - Platform Hints section of the OpenLDAP FAQ:
<A
HREF="http://www.openldap.org/faq/"
TARGET="_top"
>http://www.openldap.org/faq/</A
>.</P
><P
><B
CLASS="command"
>TCP Wrappers</B
></P
><P
><EM
>Slapd</EM
> supports TCP wrappers (IP level access control filters) if
preinstalled. Use of TCP wrappers or other IP-level access filters (such as
those provided by an IP-level firewall) is recommended for servers containing
non-public information.</P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="installing.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="download.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Installing the LDAP Server</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="installing.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Downloading the Package</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink