[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7839) openldap libdb5 support

quanah@zimbra.com wrote:
> --On Thursday, April 17, 2014 2:55 PM +0000 marc.schildt@idealo.de wrote:
>> Full_Name: Marc Schildt
>> Version: 2.4.24 - 2.4.39
> The OpenLDAP project is in no way associated with the utterly broken builds
> provided by Debian.  I would note that you cannot simply change the version
> of BDB that OpenLDAP is linked to and expect your database to work.  You
> *must* slapcat your db using the old version of BDB, then upgrade openldap,
> then import with slapdd into the new build of OpenLDAP with the newer BDB.
> Nothing in your report specifically sounds like an issue with OpenLDAP
> itself.
> I've been using OpenLDAP with BDB 5.2 for many years, no issue.  This ITS
> will be closed.

As a footnote - you cannot have two versions of BDB linked into the same 
process and expect things to work. If changing the version of BDB that 
OpenLDAP is built with breaks SSSD, then you have a runtime linking problem, 
and again, that's something to take up with your distro. Not an OpenLDAP issue.

Further footnote - this is why we recommend nss-pam-ldapd or nssov, which 
fully isolates applications from the underlying nss/pam libraries. And why we 
don't recommend SSSD. A shame they had to go off and reinvent the wheel 
without actually fixing its underlying problems. Some people never learn.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/