[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap up; can't db_stat



On Thu, 22 Jul 2004, Tony Earnshaw wrote:

> The latter. I chose not to install the 2.0.27 server rpms, did install
> the client rpms because of library dependencies. I mved /usr/lib/sasl2
> to sasl2.orig

Ick.

I avoided that, and problems getting Heimdal compiled without pollution by
system bdb and openssl libs, by giving up and going --without-sasl. I have
a custom bdb rooted in /usr/local/openldap, but am able to use the
RedHat-supplied openssl. I regret not having the option to use kerberised
binds against Active Directory, but I considered maintainability more
important.

> with up2date and its DB is minimized. Openldap 2.0.27 clients have to be
> renamed

I am happy with RedHat's 2.0.27 clients. Only their servers are horribly
broken.  I build br-openldap and br-openldap-servers RPMs rooted in
/usr/local/openldap, and set them to conflict only with openldap-servers.
This allows me to use the stock RedHat sendmail, etc.

My SRPM is 
http://people.brandeis.edu/~rcgraves/br-openldap-2.2.14-9brandeis.src.rpm 
and some implementation notes are at 
http://web.brandeis.edu/pages/view/Network/LdapCutover

Critiques very welcome. I went into production with it last Friday, and it 
looks good thus far.
-- 
Rich Graves <rcgraves@brandeis.edu>
UNet Systems Administrator