Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

LDAP Administration Guide
Previous Page Home Next Page

4.2. Prerequisite software

OpenLDAP Software relies upon a number of software packages distributed by third parties. Depending on the features you intend to use, you may have to download and install a number of additional software packages. This section details commonly needed third party software packages you might have to install. However, for an up-to-date prerequisite information, the README document should be consulted. Note that some of these third party packages may depend on additional software packages. Install each package per the installation instructions provided with it.

4.2.1. Transport Layer Security

OpenLDAP clients and servers require installation of either OpenSSL or GnuTLS TLS libraries to provide Transport Layer Security services. Though some operating systems may provide these libraries as part of the base system or as an optional software component, OpenSSL and GnuTLS often require separate installation.

OpenSSL is available from https://www.openssl.org/. GnuTLS is available from https://www.gnu.org/software/gnutls/.

OpenLDAP Software will not be fully LDAPv3 compliant unless OpenLDAP's configure detects a usable TLS library.

4.2.2. Simple Authentication and Security Layer

OpenLDAP clients and servers require installation of Cyrus SASL libraries to provide Simple Authentication and Security Layer services. Though some operating systems may provide this library as part of the base system or as an optional software component, Cyrus SASL often requires separate installation.

Cyrus SASL is available from https://asg.web.cmu.edu/sasl/sasl-library.html. Cyrus SASL will make use of OpenSSL and Kerberos/GSSAPI libraries if preinstalled.

OpenLDAP Software will not be fully LDAPv3 compliant unless OpenLDAP's configure detects a usable Cyrus SASL installation.

4.2.3. Kerberos Authentication Service

OpenLDAP clients and servers support Kerberos authentication services. In particular, OpenLDAP supports the Kerberos V GSS-API SASL authentication mechanism known as the GSSAPI mechanism. This feature requires, in addition to Cyrus SASL libraries, either Heimdal or MIT Kerberos V libraries.

Heimdal Kerberos is available from https://www.pdc.kth.se/heimdal/. MIT Kerberos is available from https://web.mit.edu/kerberos/www/.

Use of strong authentication services, such as those provided by Kerberos, is highly recommended.

4.2.4. Database Software

OpenLDAP's slapd(8) BDB and HDB primary database backends require Oracle Corporation Berkeley DB. If not available at configure time, you will not be able build slapd(8) with these primary database backends.

Your operating system may provide a supported version of Berkeley DB in the base system or as an optional software component. If not, you'll have to obtain and install it yourself.

Berkeley DB is available from Oracle Corporation's Berkeley DB download page https://www.oracle.com/technology/software/products/berkeley-db/index.html.

There are several versions available. Generally, the most recent release (with published patches) is recommended. This package is required if you wish to use the BDB or HDB database backends.


Note: Please see Recommended OpenLDAP Software Dependency Versions for more information.

4.2.5. Threads

OpenLDAP is designed to take advantage of threads. OpenLDAP supports POSIX pthreads, Mach CThreads, and a number of other varieties. configure will complain if it cannot find a suitable thread subsystem. If this occurs, please consult the Software|Installation|Platform Hints section of the OpenLDAP FAQ https://www.openldap.org/faq/.

4.2.6. TCP Wrappers

slapd(8) supports TCP Wrappers (IP level access control filters) if preinstalled. Use of TCP Wrappers or other IP-level access filters (such as those provided by an IP-level firewall) is recommended for servers containing non-public information.


LDAP Administration Guide
Previous Page Home Next Page

 
 
  Published under the terms of the OpenLDAP Public License Design by Interspire