本文提供了一套详细的步骤指南,指导如何通过rpm和源码安装OpenLDAP,包括依赖软件安装、配置及验证过程。
最简单的安装方法rpm安装
# rpm -qa|grep openldap
openldap-debuginfo-2.4.23-32.el6_4.1.x86_64
openldap-2.4.23-32.el6_4.1.x86_64
compat-openldap-2.3.43-2.el6.x86_64
openldap-clients-2.4.23-32.el6_4.1.x86_64
openldap-servers-sql-2.4.23-32.el6_4.1.x86_64
openldap-servers-2.4.23-32.el6_4.1.x86_64
openldap-devel-2.4.23-32.el6_4.1.x86_64
以下是源码安装.
下载OpenLDAP的稳定版
# wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.39.tgz
安装依赖软件
为了全面兼容LDAPv3, 需要安装依赖软件, 这些软件的版本建议
1. TLS(Transport Layer Security) service 依赖包, OpenLDAP客户端和服务端都需要安装.
OpenSSL, GnuTLS, or MozNSS(三选一)
OpenSSL is available from http://www.openssl.org/.
GnuTLS is available from http://www.gnu.org/software/gnutls/.
Mozilla NSS is available from http://developer.mozilla.org/en/NSS.
安装openssl
# tar -zxvf openssl-1.0.1g.tar.gz
# cd openssl-1.0.1g
阅读INSTALL和README
# ./config --prefix=/usr/local --openssldir=/usr/local/ssl
# make
# make install
2. SASL(Simple Authentication and Security Layer) service
依赖包, OpenLDAP客户端和服务端都需要安装.
Cyrus SASL
安装sasl
# wget ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.25.tar.gz
# tar -zxvf cyrus-sasl-2.1.25.tar.gz
# cd cyrus-sasl-2.1.25
阅读INSTALL和README
# ./configure
# make
# make install
********************************************************
* WARNING:
* Plugins are being installed into /usr/local/lib/sasl2,
* but the library will look for them in /usr/lib/sasl2.
* You need to make sure that the plugins will eventually
* be in /usr/lib/sasl2 -- the easiest way is to make a
* symbolic link from /usr/lib/sasl2 to /usr/local/lib/sasl2,
* but this may not be appropriate for your site, so this
* installation procedure won't do it for you.
*
* If you don't want to do this for some reason, you can
* set the location where the library will look for plugins
* by setting the environment variable SASL_PATH to the path
* the library should use.
********************************************************
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/opt/soft_bak/cyrus-sasl-2.1.25'
make[1]: Leaving directory `/opt/soft_bak/cyrus-sasl-2.1.25'
[root@db-172-16-3-150 cyrus-sasl-2.1.25]# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
sasl版本不对可能导致slapd启动失败, 见/var/log/messages
slapd[15107]: auxpropfunc error version mismatch with plug-in
3. Kerberos Authentication Service
Heimdal or MIT Kerberos V libraries(二选一)
Heimdal Kerberos is available from http://www.pdc.kth.se/heimdal/.
MIT Kerberos is available from http://web.mit.edu/kerberos/www/.
安装MIT Kerberos V Libraries
# tar -xvf krb5-1.12.1-signed.tar
# tar -zxvf krb5-1.12.1.tar.gz
# cd krb5-1.12.1
# cd src
# ./configure
# make
# make install
4. Database Software
OpenLDAP's slapd BDB and HDB primary database backends require Oracle Corporation Berkeley DB
Berkeley DB download page http://www.oracle.com/technology/software/products/berkeley-db/index.html
下载
安装
# tar -zxvf db-6.0.30.tar.gz
# cd db-6.0.30
# cd dist/buildpkg
# cd build_unix
# ../dist/configure --prefix=/opt/bdb6 --enable-sql
# make
# make install
5. Threads
OpenLDAP supports POSIX pthreads, Mach CThreads, and a number of other varieties.
6. TCP Wrappers
slapd supports TCP Wrappers (IP level access control filters) if preinstalled.
7. 配置ld.so.conf
# vi /etc/ld.so.conf
include ld.so.conf.d/*.conf
/usr/local/lib
/usr/lib/sasl2
/opt/bdb6/lib
# ldconfig
安装openldap
# tar -zxvf openldap-2.4.39.tgz
# cd openldap-2.4.39
# ./configure --help
# ./configure --prefix=/opt/openldap-2.4.39 --with-threads --with-tls --with-cyrus-sasl
# make depend
# make
# make install
# export MANPATH=/opt/openldap-2.4.39/share/man:$MANPATH
# export MANPATH=/opt/openldap-2.4.39/bin:/opt/openldap-2.4.39/sbin:$PATH
1.
http://www.openldap.org/doc/admin24/index.html
14. 配置源码时支持的环境变量
| Variable | Description |
| CC | Specify alternative C Compiler |
| CFLAGS | Specify additional compiler flags |
| CPPFLAGS | Specify C Preprocessor flags |
| LDFLAGS | Specify linker flags |
| LIBS | Specify additional libraries |
扫一扫
1488
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
