Hello all, I’ve been pulling hair out in tufts over the last week
trying to get OpenLDAP 2.3.35 to build with Kerberos 5 support on a SLES9
machines (AMD64). I’ve spent hours searching the mailing lists and
Google. All I could find were messages from several years ago admonishing
people for not searching, or questions with no answers. Anyway, I finally got it, which leads to my question below. First, this machine is SLES9, Service Pack Three. SuSE
provides the Heimdal Kerberos implementation. It also has Cyrus SASL.
For some strange reason, the OpenLDAP packages SuSE supplies for SLES9 do not
have Kerberos compiled in, so I went and grabbed the openldap-2.3.35 tarball
and set about trying to build it. The biggest problem is the configure script completely
ignores the –with-kerberos option. Completely. I’ve
searched, and I can’t find any mention of why this is. Starting at line 18,158 in the configure script, I found
this block: ---- ol_link_kbind=no ol_link_krb5=no ol_link_krb4=no case $ol_with_kerberos in yes | auto
| k5 | k5only | k425) ---- Changing “ol_link_krb5”
to “yes” had no effect. But changing “ol_link_krb5”
to “yes” AND adding the line “ol_with_kerberos=yes”
right above the case statement got the configure script to actually start
looking for Kerberos libraries and headers. After that, it was just a
matter of setting the right CCFLAGS and LDFLAGS environment variables so
configure could find the headers and libraries. Once all that was in
place, it built like a champ and seems to be working. So my question is, why does “—with-kerberos”
not work anymore? Is this a conscious decision, or a bug? Thanks! Andrew Scott |