Some further helpful suggestions from Philip Brown, of UUASC

Phil wrote most of this as a follow up to a recent meeting of the LA chapter of UUASC, where we talked about LDAP. He was kind enough to give permission to add this to the presentation from that night. You can send him email at phil at bolthole dot com (email harvesters suck).

The official OpenLDAP Admin guide

For those people interested in integrating java with LDAP, javasoft already has an API for it: javax.naming.ldap


If you want to COMPILE openldap on Solaris, its a different matter.

And No, this isn't because Solaris is broken. It's because the developers of cyrus/openldap/berkeleydb did a lousy job of autoconfiguration.

The maintainers of BerkeleyDB did such a good job of picking where they think their software should be installed, that every single OS that ships with it, changes the default install.

It comes in /usr/lib or /usr/local/lib in *BSD or linux, I believe. But if you just do a "./configure ; install" for db-3.1.17, it will install in /usr/local/BerkeleyDB.3.1. Which makes life interesting, because NONE of the programs I've found that like to have berkeleydb, bother to LOOK in that directory!!!

You have to manually do:

cp /usr/local/BerkeleyDB.3.1/lib/* /usr/local/lib
cp /usr/local/BerkeleyDB.3.1/include/* /usr/local/include

and then other progs should find your libdb stuff. You can also do it my way, which is to edit the configure.in file in the dist directory to point to /usr/local instead of /usr/local/BerkeleyDB-LotsOfStuff.

On top of that, there is a problem with detecting the Cyrus SASL libs. I dont know what's up with that. It detected the include files, but not the library. So I had to do the following, at the top of the openldap tree

      ./configure   #This will pick up most things except SASL
      for f in `find . -name Makefile -print` ; do
        sed 's/^SASL_LIBS = $/SASL_LIBS = -lsasl/' $f >$f.new; mv $f.new $f
      done
    

I confess that I didn't have these problems on machines that I've used, but if you seem to have the same difficulties as Phil, his script may prove quite useful to you.

If you still have problems with openldap picking up openSSL+db+SASL, I suggest doing the following additional hack:

    make distclean
    export LDFLAGS='-L/usr/local/lib -L/whereever/else'
    export CPPFLAGS='-I/usr/local/include -I/whereever/else'
    ./configure
    

and then if neccessary, the find trick again.

This should get openldap to build with all the bells-n-whistles under solaris. I now have a binary for x86.

PS: if you want a shared library for the berkeleydb stuff, don't forget to use:

configure --enable-shared


Etaoin Shrdlu
Last modified: Sun Oct 31 08:45:05 PST 2004