LDAPv3 How-To


These are my notes about how I got OpenLDAP (v2.0.7), OpenSSL (v0.9.5a), SASL (v1.5.24) and MIT KerberosV (v1.2.2) to work together. This combination (according to some RFC I can’t remember the number of) is what’s called LDAPv3.

I have since I initially wrote this HOWTO, upgraded some packages. The information about this can be found in the Updates section. At the time of this writing (Sunday, August 19, 2001) I have not successfully compiled and installed OpenLDAP v2.0.11! I’m still working heavily on this, it is at the top of my todo list, since I really (!!) need to upgrade because of a resent security alert.

You might want to read the section LDAPv3, why bother to see the reasoning for this quite complicated issue. It deals with all the discussed systems, such as SSL/TLS, SASL, LDAP and Kerberos, and why we should run such a complicated system in the first place.
Required knowledge

Reading and following this documentation will require a knowledge of LDAP in general, knowing how to create and install software ‘from scratch’ (i.e. building from source/tar balls) and also how to configure OpenLDAP and also how to administer it… This issue (LDAPv3) is not for the beginner, and I will usually not answer any questions in the format of ‘I get this when i try to configure/make/install this-or-that-software’! In short, you will be required to ‘read between the lines’ of this document, and draw you own (correct! 🙂 conclutions. That being said, it’s not as difficult as it might seem. If you belong to the group of people that I here call ‘beginner’, I recommend installing the software while reading the OpenLDAP web page on OpenLDAP administration.

Read more at www.bayour.com


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s