Craig - using only autodetection (don't force the .hnw file) - I would
suggest you try using the 2.1.8 alpha release when it's announced in a
few days. ldap was quite experimental on 2.2, and with ssl and starttls
support, doubly so.
Bill
Craig L. Ching wrote:
Hi,
I'm trying to build an apache (2.0.54 on SunOS 7) that will be able to
interface with Novell e-Directory to authenticate users using
mod_auth_ldap. I have a build that works using the OpenLDAP libraries
and normal ldap://, but when we try to do the same thing using ldaps://,
I get errors that indicate that OpenLDAP doesn't support the DER
encoding for the certificate.
So I was thinking of using the Novell LDAP SDK, but that doesn't appear
to be straight-forward. Using the following options:
--with-ldap=ldapsdk \
--with-ldap-include=/export/home/cching/novell/cldap_2005.07.18/include
\
--with-ldap-lib=/export/home/cching/novell/cldap_2005.07.18/lib \
--enable-ldap=static \
--enable-auth-ldap=static \
I get the following compile error:
"util_ldap.c", line 1568: undefined symbol: LDAP_OPT_X_TLS_CACERTFILE
So, delving into this a bit further, I see a preprocessor macro:
APR_HAS_NOVELL_LDAPSDK
That looks interesting. AFAICT, the only way to turn this on is by
using srclib/apr-util/include/apr_ldap.hnw for apr_ldap.h. Copying that
over gets me further, except that I get these link errors:
ild: (undefined symbol) ldapssl_init -- referenced in the text segment
of modules/experimental/.libs/mod_ldap.a(util_ldap.o)
So, has anyone gotten the Novell LDAP SDK to work? Any other hints for
how I could go about making mod_auth_ldap work with Novell e-Dir?
Thanks for any help!
Cheers,
Craig
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]