261 lines
5.4 KiB
HTML
261 lines
5.4 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Pre-Requirements</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="LDAP Linux HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Installing the LDAP Server"
|
|
HREF="installing.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Installing the LDAP Server"
|
|
HREF="installing.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Downloading the Package"
|
|
HREF="download.html"></HEAD
|
|
><BODY
|
|
CLASS="section"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>LDAP Linux HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="installing.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 2. Installing the LDAP Server</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="download.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="section"
|
|
><H1
|
|
CLASS="section"
|
|
><A
|
|
NAME="PreReq"
|
|
></A
|
|
>2.1. Pre-Requirements</H1
|
|
><P
|
|
>To be fully LDAPv3 compliant, OpenLDAP clients and servers require installation
|
|
of some additional packages. For writing this document, I've used a Mandrake 9.0 box with
|
|
a 2.4.20 Kernel, manually installing the Berkeley BDB package and SASL libraries.</P
|
|
><P
|
|
><B
|
|
CLASS="command"
|
|
>OpenSSL TLS Libraries</B
|
|
></P
|
|
><P
|
|
>The OpenSSL TLS libraries are normally part of the base system or compose an
|
|
optional software component. The official OpenSSL url is:
|
|
<A
|
|
HREF="http://www.openssl.org"
|
|
TARGET="_top"
|
|
>http://www.openssl.org</A
|
|
></P
|
|
><P
|
|
><B
|
|
CLASS="command"
|
|
>Kerberos Authentication Services</B
|
|
></P
|
|
><P
|
|
>OpenLDAP clients and servers support Kerberos-based authentication services.
|
|
In particular, OpenLDAP supports SASL/GSSAPI authentication mechanism using
|
|
either Heimdal or MIT Kerberos V packages. If you desire to use Kerberos-based
|
|
SASL/GSSAPI authentication, you should install either Heimdal or MIT Kerberos V.
|
|
Heimdal Kerberos is available from <A
|
|
HREF="http://www.pdc.kth.se/heimdal"
|
|
TARGET="_top"
|
|
>http://www.pdc.kth.se/heimdal</A
|
|
>
|
|
MIT Kerberos is available from <A
|
|
HREF="http://web.mit.edu/kerberos/www"
|
|
TARGET="_top"
|
|
>http://web.mit.edu/kerberos/www</A
|
|
></P
|
|
><P
|
|
>The use of strong authentication services, such as those provided by Kerberos,
|
|
is highly recommended.</P
|
|
><P
|
|
><B
|
|
CLASS="command"
|
|
>Cyrus's Simple Authentication and Security Layer Libraries</B
|
|
></P
|
|
><P
|
|
>Cyrus's SASL libraries are normally part of the base system or compose an
|
|
optional software component. Cyrus SASL is available from <A
|
|
HREF="http://asg.web.cmu.edu/sasl/sasl-library.html"
|
|
TARGET="_top"
|
|
>http://asg.web.cmu.edu/sasl/sasl-library.html</A
|
|
>.
|
|
Cyrus SASL will make use of OpenSSL and Kerberos/GSSAPI libraries if preinstalled. By the time of this
|
|
writing, I've used Cyrus SASL 2.1.17.</P
|
|
><P
|
|
><B
|
|
CLASS="command"
|
|
>Database Software</B
|
|
></P
|
|
><P
|
|
>Slapd's primary database backend, BDB, requires
|
|
<A
|
|
HREF="http://www.sleepycat.com"
|
|
TARGET="_top"
|
|
>Sleepycat Software Berkeley DB</A
|
|
>, version 4.
|
|
If not available at configure time, you will not be able to build slapd with primary database backend.</P
|
|
><P
|
|
>Your operating system may provide Berkeley DB, version 4, in the base
|
|
system or as an optional software component. If not, there are several versions
|
|
available at <A
|
|
HREF="http://www.sleepycat.com/download.html"
|
|
TARGET="_top"
|
|
>Sleepycat</A
|
|
>.
|
|
At the time of this writing, the latest release, version 4.2.52, is recommended.
|
|
OpenLDAP's slapd LDBM backend supports a variety of database managers,
|
|
like Berkeley DB (version 3) and GDBM. GDBM is available from <A
|
|
HREF="http://www.fsf.org/"
|
|
TARGET="_top"
|
|
>FSF's</A
|
|
> download
|
|
site <A
|
|
HREF="ftp://ftp.gnu.org/pub/gnu/gdbm/"
|
|
TARGET="_top"
|
|
>ftp://ftp.gnu.org/pub/gnu/gdbm/</A
|
|
>.</P
|
|
><P
|
|
><B
|
|
CLASS="command"
|
|
>Threads</B
|
|
></P
|
|
><P
|
|
>Threads support are almost guaranteed to be part of your base Linux system.
|
|
OpenLDAP is designed to take advantage of threads. OpenLDAP supports POSIX
|
|
pthreads, Mach CThreads, and a number of other varieties. The <EM
|
|
>configure</EM
|
|
>
|
|
script will complain if it cannot find a suitable thread subsystem. If this occurs, please
|
|
consult the Software - Installation - Platform Hints section of the OpenLDAP FAQ:
|
|
<A
|
|
HREF="http://www.openldap.org/faq/"
|
|
TARGET="_top"
|
|
>http://www.openldap.org/faq/</A
|
|
>.</P
|
|
><P
|
|
><B
|
|
CLASS="command"
|
|
>TCP Wrappers</B
|
|
></P
|
|
><P
|
|
><EM
|
|
>Slapd</EM
|
|
> supports TCP wrappers (IP level access control filters) if
|
|
preinstalled. Use of TCP wrappers or other IP-level access filters (such as
|
|
those provided by an IP-level firewall) is recommended for servers containing
|
|
non-public information.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="installing.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="download.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Installing the LDAP Server</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="installing.html"
|
|
ACCESSKEY="U"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Downloading the Package</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |