--On Tuesday, April 17, 2007 4:22 PM -0400 Andrew Scott ascott@appriss.com wrote:
Hello all,
I've been pulling hair out in tufts over the last week trying to get OpenLDAP 2.3.35 to build with Kerberos 5 support on a SLES9 machines (AMD64). I've spent hours searching the mailing lists and Google. All I could find were messages from several years ago admonishing people for not searching, or questions with no answers.
The biggest problem is the configure script completely ignores the –with-kerberos option. Completely. I've searched, and I can't find any mention of why this is.
I think you are extremely confused. :)
Why would you want to link OpenLDAP against the kerberos libraries? Usually all the kerberos negotations are handled via Cyrus-SASL, which is what is linked against Heimdal (or MIT), not OpenLDAP. There is *no* option in the configure for OpenLDAP 2.3.35 that references kerberos at all:
ldap-uat00:/usr/local/build/openldap-2.3.35# ./configure --help | grep kerberos
What you are seeing are the remnants of the very old "kbind" stuff that was never part of any LDAP standard, was really only related to LDAP v2, and was completely replaced by the SASL/KERBEROSIV and SASL/GSSAPI mechanisms handled by SASL.
Does that help? :)
--Quanah
-- Quanah Gibson-Mount Senior Systems Software Developer ITS/Shared Application Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html