[Date Prev][Date Next] [Chronological] [Thread] [Top]

Building OpenLDAP 3.3.35 with Kerberos on SLES9



Hello all,

I’ve been pulling hair out in tufts over the last week trying to get OpenLDAP 2.3.35 to build with Kerberos 5 support on a SLES9 machines (AMD64).  I’ve spent hours searching the mailing lists and Google.  All I could find were messages from several years ago admonishing people for not searching, or questions with no answers.

 

Anyway, I finally got it, which leads to my question below.

 

First, this machine is SLES9, Service Pack Three.  SuSE provides the Heimdal Kerberos implementation.  It also has Cyrus SASL.  For some strange reason, the OpenLDAP packages SuSE supplies for SLES9 do not have Kerberos compiled in, so I went and grabbed the openldap-2.3.35 tarball and set about trying to build it.

 

The biggest problem is the configure script completely ignores the –with-kerberos option.  Completely.  I’ve searched, and I can’t find any mention of why this is.

 

Starting at line 18,158 in the configure script, I found this block:

----

ol_link_kbind=no

ol_link_krb5=no

ol_link_krb4=no

 

case $ol_with_kerberos in yes | auto | k5 | k5only | k425)

----

 

Changing “ol_link_krb5” to “yes” had no effect.  But changing “ol_link_krb5” to “yes” AND adding the line “ol_with_kerberos=yes” right above the case statement got the configure script to actually start looking for Kerberos libraries and headers.  After that, it was just a matter of setting the right CCFLAGS and LDFLAGS environment variables so configure could find the headers and libraries.  Once all that was in place, it built like a champ and seems to be working.

 

So my question is, why does “—with-kerberos” not work anymore?  Is this a conscious decision, or a bug?

 

 

Thanks!

Andrew Scott

Louisville, KY