Hello all,
I've been pulling hair out in tufts over the last week trying to get
OpenLDAP 2.3.35 to build with Kerberos 5 support on a SLES9 machines
(AMD64). I've spent hours searching the mailing lists and Google. All
I could find were messages from several years ago admonishing people for
not searching, or questions with no answers.
Anyway, I finally got it, which leads to my question below.
First, this machine is SLES9, Service Pack Three. SuSE provides the
Heimdal Kerberos implementation. It also has Cyrus SASL. For some
strange reason, the OpenLDAP packages SuSE supplies for SLES9 do not
have Kerberos compiled in, so I went and grabbed the openldap-2.3.35
tarball and set about trying to build it.
The biggest problem is the configure script completely ignores the
-with-kerberos option. Completely. I've searched, and I can't find any
mention of why this is.
Starting at line 18,158 in the configure script, I found this block:
----
ol_link_kbind=no
ol_link_krb5=no
ol_link_krb4=no
case $ol_with_kerberos in yes | auto | k5 | k5only | k425)
----
Changing "ol_link_krb5" to "yes" had no effect. But changing
"ol_link_krb5" to "yes" AND adding the line "ol_with_kerberos=yes" right
above the case statement got the configure script to actually start
looking for Kerberos libraries and headers. After that, it was just a
matter of setting the right CCFLAGS and LDFLAGS environment variables so
configure could find the headers and libraries. Once all that was in
place, it built like a champ and seems to be working.
So my question is, why does "-with-kerberos" not work anymore? Is this
a conscious decision, or a bug?
Thanks!
Andrew Scott
Louisville, KY