LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Blogs > kbscores
User Name
Password

Notices


Rate this Entry

Third time is a charm –

Posted 07-12-2012 at 05:11 PM by kbscores

Honestly it has been a fun and frustrating process. I have learned a lot about openldap as well as compiling programs. There are moments where I genuinely believed that it was not possible, but alas we have made it. Let me first mention that depending on the state of your Solaris server these instructions might change dramatically. Note this process was completed successfully on a fresh install of Solaris 10.
Here we go:


How to setup a Solaris 10 client for a Linux OpenLDAP server
1.) Verify the following packages have been installed: (If they are not present install them)
a. SUNWbinutils
b. SUNWarc
c. SUNWgcc
d. SUNWhea
e. SUNWopenssl-includes
f. SUNWopenssl-libraries
g. SUNWopenssl-commands
h. SUNWopensslr
i. SUNWgmake
j. -----LIKE MENTIONED ABOVE----- depending on the state of your machine more packages may be required. –MOZNSS is NOT required despite a very popular error that appears when configuring openldap. It just means that openldap cannot find ssl.h.


2.) Remove Native LDAP by Solaris:
a. It is important to remove NATIVE LDAP. If it is not removed nss and pam will try and use NATIVE LDAP Libraries, which will inevitably cause issues when compiling them. Save yourself the headache and just remove the package.
b. [root] # pkgrm SUNWlldap


3.) Verify the following libraries exist in specified location:
a. /usr/sfw/lib/libssl.so.0.9.7
b. /usr/sfw/lib/libcrypto.so.0.9.7
c. /usr/local/lib/libgcc_s.so.1


4.) Next add the following locations to the PATH variable:
a. /usr/ccs/bin
b. /usr/sfw/bin
c. .
d. [root] # export PATH=$PATH:/usr/ccs/bin:/usr/sfw/bin:.


5.) Next compile openldap:
a. Download openldap from http://www.openldap.org
b. Uncompress the files
c. Next cd to the openldap directory created
d. Next set following environment variables for installation:
i. LD_LIBRARY_PATH=/usr/lib:/usr/local/lib:/usr/sfw/lib
ii. LDFLAGS=”-L/usr/lib –L/usr/local/lib –L/usr/sfw/lib –R/usr/lib
-R/usr/local/lib –R/usr/sfw/lib”
iii. CPPFLAGS=”-I/usr/include –I/usr/local/include –I/usr/sfw/include”
e. FROM the openldap folder run the following command:
i. [root] # ./configure - -disable-slapd
f. ----ONCE AGAIN STATING---- 1) if you get errors it could be because of the status of your machine – if libraries have been moved or paths changed it could be looking in the wrong location for these files – Review the config.log file within the same openldap directory to see which header files or libraries that are missing. 2) If you get MOZNSS error DO NOT INSTALL MOZNSS – this configuration uses the SUNWopenssl packages – this simply means that it cannont find ssl.h – which by default should appear within one of the include directories listed in the CPPFLAGS with <PATH-VARIABLES>/openssl/ssl.h
g. Once configuration is successful run the following commands:
i. [root] # make clean
ii. [root] # make depend
iii. [root] # make
iv. [root] # make install
v. ---If you receive errors on any part of this process it could be because files, libraries or headers are missing -- A good example is if it comes back with libraries where symbols are referenced but the functions are not found – this could happen for several reasons –
1. The library/include is completely missing
2. The wrong library/include with the same name is being hit before the correct library/include.
3. Or possibly several other reasons


6.) Next unset the library env variables previously set:
a. [root] # unset LD_LIBRARY_PATH
b. [root] # unset LDFLAGS
c. [root] # unset CPPFLAGS
d. If these are still set PAM_LDAP and NSS_LDAP will fail to make
e. DO NOT UNSET PATH


7.) For some reason PAM and NSS have an issue with the location of sasl.h
a. If for some reason the file already exists where the link is made the following step is not necessary
b. [root] #cd /usr/include
c. [root] #ln –s sasl/sasl.h sasl.h


8.) Next install pam_ldap
a. Download pam_ldap from http://www.padl.com/
b. Uncompress the files
c. Next cd to the openldap directory created
d. Next run the following command to compile:
i. [root] # ./configure - -prefix=/usr/local - -with-ldap-dir=/usr/local
e. Once configuration is successful, run the following commands:
i. [root] # make clean
ii. [root] # make
iii. [root] # make install
iv. ---If you receive errors on any part of this process it could be because files, libraries or headers are missing -- A good example is if it comes back with libraries where symbols are referenced but the functions are not found – this could happen for several reasons –
1. The library/include is completely missing
2. The wrong library/include with the same name is being hit before the correct library/include.
3. Or possibly several other reasons


9.) Next install nss_ldap
a. Download nss_ldap from http://www.padl.com/
b. Uncompress the files
c. Next cd to the openldap directory created
d. Next run the following command to compile:
i. [root] # ./configure - -prefix=/usr/local - -with-ldap-dir=/usr/local
e. Once configuration is successful, run the following commands:
i. [root] # make clean
ii. [root] # make
iii. [root] # make install
iv. ---If you receive errors on any part of this process it could be because files, libraries or headers are missing -- A good example is if it comes back with libraries where symbols are referenced but the functions are not found – this could happen for several reasons –
1. The library/include is completely missing
2. The wrong library/include with the same name is being hit before the correct library/include.
3. Or possibly several other reasons


10.) At this point all three utilities should be installed and be ready for configuration.
a. Configurations are different depending on the functionality of LDAP being used.

Hopefully this helps someone with the installation process of openldap on a Solaris 10 machine. Sometime in the near future I will go over different configurations for ldap clients, but for now gogogo and install!
Posted in Uncategorized
Views 1062 Comments 0
« Prev     Main     Next »
Total Comments 0

Comments

 

  



All times are GMT -5. The time now is 12:41 AM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration