[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Installing openldap 2.2.19 on RHEL 3

Craig White:
> These are the steps that I used for installing openldap 2.2.19 on RHEL
> ES-3 system. It was easy enough for unlearned and unwashed such as me
> though it would have been nice to have these steps written down for me ;-)
> objectives were to leave openldap/db4/sasl stuff alone from RHEL install
> and completely build in /usr/local


This is good doco and should help many. Good, too, if it could be posted
on a web site somewhere that's permanent and easily accessible to all (the


> I added
> allow   bind_v2        #postfix needed this I think

Unless you have a really ancient Postfix version (Postfix is up to 2.1.5
stable) LDAP v3 is standard, but v2 can be specified as an exception.

Only a couple of things - I'm running RHAS3 with what you have - OL
2.2.17, but the procedure is the same:

- RHEL/RHAS3 already comes with Cyrus SASL2 2.1.15. The old /usr/lib/sasl2
should be moved to something else and a symlink created from
/usr/local/sasl2 to /usr/lib/sasl2;

- Red Hat's client libraries are needed for dependencies, but the server
rpms can safely be 'rpm -e'd - in which case the startup script will also
be rmpsaved;

- Old clients (ldapsearch and siblings) should be renamed, since they'll
often barf and anyway mostly have less functionality than the new versions
- and will always be called first, if the PATH variable chooses /usr
before /usr/local. Similarly, the man pages are "Old Hat" and should be
renamed or deleted;

- I don't see any mention of editing ld.so.conf or running ldconfig -
they're really necessary for the environment to find the new libraries;

- BDB 4.1 utilities (db_recover etc) should be renamed, or they'll barf
unless a full path name is given to the new utilities (a PITA). Moreover,
the new BDB utilities are now in a directory outside the PATH env
variable, so a symlink should be given to /usr/local/bin or sbin;

- Necessary exclusions should be made to /etc/sysconfig/rhn/up2date (use
the GUI, or all hell will break loose), including Openldap servers, devel,
BDB 4.1 and Cyrus SASL2, otherwise up2date will simply overwrite
everything - and it's *extremely important to use up2date to patch
production servers.

mail: tonye@billy.demon.nl