[EMAIL PROTECTED] wrote:
On Saturday 20 April 2002 22:19, Stefan van der Eijk wrote:
I was hoping it would be as simple as installing openldap-server,
editing the configuration file (/etc/openldap/slapd.conf) and starting
the ldap service.
I did it few weeks ago, but I wanted to use kerberos authentication (via=20
gssapi), and that was more complex, but it succeeded.
I basically followed the guidelines in=20
http://www.bayour.com/LDAPv3-HOWTO.html, but if you don't want or need=20
kerberos, just skip those parts. It is quite lengthy, because it starts fr=
om=20
compiling each package.
I set this up quite a while back (on a 8.0 box so it must have been at least 6
months ago ...), and made some of my docs available at
http://ranger.dnsalias.com/mandrake/muo/connect/cldap.html
http://ranger.dnsalias.com/mandrake/muo/connect/cldap4.html
Install the openldap-migration package, ensure your slapd.conf file is ok, and then
cd /usr/share/openldap/migration and run the correct script.
BTW, you need to recompile some packages if you want the gssapi/kerberos to=
=20
work.=20=20
- cyrus-sasl is compiled without gssapi. I just enabled it and added a=20
package, and it worked out of the box.
- openldap is compiled without kerberos/kpasswd support. I just enabled it=
,=20
and everything was fine.
If anyone is interested, I can send the diffs to spec files.
If there is a good reason not to enable these on the default RPMs, yuo may want to
provide them as an option in the rpm (try rpm --rebuild samba-2.2.3a*.src.rpm -with
ldap to see what I mean).
It would also be nice if those two things were fixed in standard mdk packag=
es.
It would be nice to see Mandrake 8.3/9.0 have working enterprise authentication
services (ie Kerberos/LDAP + Samba/LDAP) and client-side support (ie LDAP setup
actually allowing RPMs to be installed without segfaults all until ldap is removed
from nsswitch.conf) configureable during install (LDAP is cool, just need Kerberos
and Winbind).
Buchan
