Hi Team, Does latest release (openLDAP 2.4.56) is supported for Centos 7.8/7.9 ? I tried to install openLDAP rpms (openldap, openldap-servers, openldap-clients) on Centos 7.8 but observed lot of dependencies failures also observed same issue when I tried to upgrade existing Openldap(openldap-2.4.44-22.el7.x86_64) to this latest rpm.
Can someone help me on this. If this version is not supported then can we build and create rpm from openldap source code.
Thanks, Sachitanand
On 1/13/21 10:03 AM, shelke.sachitanand@gmail.com wrote:
Does latest release (openLDAP 2.4.56) is supported for Centos 7.8/7.9 ? I tried to install openLDAP rpms (openldap, openldap-servers, openldap-clients) on Centos 7.8 but observed lot of dependencies failures
Which RPMs did you try?
There are two options:
1. OpenLDAP for Linux by Symas: https://symas.com/linuxopenldap/
2. LTB project packages: https://ltb-project.org/documentation/openldap-rpm
For installing Æ-DIR (based on OpenLDAP) on CentOS I've switched from 2. to 1. recently.
Ciao, Michael.
Thanks Michael, Below are the rpm links I tried to install on centos 7.8,
Openldap : https://rpmfind.net/linux/rpm2html/search.php?query=openldap Client : https://rpmfind.net/linux/rpm2html/search.php?query=openldap-clients Server : https://rpmfind.net/linux/rpm2html/search.php?query=openldap-servers -------- wget https://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64... wget https://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64... wget https://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64...
On 1/14/21 5:22 AM, shelke.sachitanand@gmail.com wrote:
Below are the rpm links I tried to install on centos 7.8, [..] wget https://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64... wget https://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64... wget https://rpmfind.net/linux/fedora/linux/development/rawhide/Everything/x86_64...
Isn't "rawhide" Fedora's rolling release? I doubt that these packages will work in CentOS.
Ciao, Michael.
I suggest you try the LDAP Tool Box: https://ltb-project.org/
It creates a full OpenLDAP in /usr/local. This is done because of the dependency problems. If you try to build or install just the openldpa-server it might make the current OpenLDAP clients fail and there are dependencies on them for the authentication used by PAM, SSSD, etc.
There is also Symas OpenLDAP, but I can't find a reference right now.
The OpenLDAP code is being phased out of RedHat and derivatives. They intend to replace it with 389 Directory Server (aka Fedora DS, aka RedHat DS). 389 has some features that OpenLDAP does not, but OpenLDAP has features that 389 does not (proxy, etc). It would be best if RH decided to make the server choice independent of the client choice. Then EPEL could distribute both.
I'm here because I need to Proxy.
Gary
--On Thursday, January 14, 2021 6:41 PM +0000 gary.algier@mavenir.com wrote:
I suggest you try the LDAP Tool Box: https://ltb-project.org/
It creates a full OpenLDAP in /usr/local. This is done because of the dependency problems. If you try to build or install just the openldpa-server it might make the current OpenLDAP clients fail and there are dependencies on them for the authentication used by PAM, SSSD, etc.
Michael already provided the URI for Symas OpenLDAP for Linux: ;)
https://symas.com/linuxopenldap/
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Few queries I have for these openLDAP, 1) Does Symas OpenLDAP or LTB OpenLDAP supports rolling updates? 2) is there any way we can enable/disable SSL/Non-SSL mode for openldap.. a) I have installed symas openLDAP with default configuration and observed its running in Non-SSL mode and running on 389 port. b) I tried LTB openLDAP with default configuration and observed its going for SSL mode and observed its running on two ports 389 and 636
Please correct me if I am wrong :-)
Thanks, Sachitanand
--On Monday, January 18, 2021 3:52 AM +0000 shelke.sachitanand@gmail.com wrote:
Few queries I have for these openLDAP,
- Does Symas OpenLDAP or LTB OpenLDAP supports rolling updates?
Symas OpenLDAP on RHEL is a drop in replacement for the RHEL packages. You can use yum to update it when new builds are released.
- is there any way we can enable/disable SSL/Non-SSL mode for openldap..
Read the man pages and admin guide. Your question, however, is vague. Please expand on what you're asking. There's no such thing as an "SSL/Non_SSL" mode for the LDAP protocol. One can (optionally) use startTLS over ldap:///, one can require TLS with ldaps://, and one can mix the two. And it's possible to configure the slapd server to reject any connection that doesn't have a security factor of X.
a) I have installed symas openLDAP with default configuration andobserved its running in Non-SSL mode and running on 389 port.
That implies you don't understand the LDAP protocol.
b) I tried LTB openLDAP with default configuration and observed its going for SSL mode and observed its running on two ports 389 and 636
This also implies you don't understand the LDAP protocol.
Again, ldap:/// can be used both with or without startTLS. slapd can be configured to require all connections be encrypted, regardless of whether it's ldap:/// or ldaps:///
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
openldap-technical@openldap.org
-
gary.algier@mavenir.com -
Michael Ströder -
Quanah Gibson-Mount -
shelke.sachitanand@gmail.com