[HEADS UP]: OpenLDAP+nss_ldap+nss_modules separated patch
andmore (SoC)
Tom McLaughlin
tmclaugh at sdf.lonestar.org
Fri Aug 25 23:22:15 UTC 2006
On Fri, 2006-08-25 at 10:14 +0400, Michael Bushkov wrote:
> Tom McLaughlin wrote:
> > Will it also be possible to build openldap in base with SASL support?
> > My understanding is Windows AD environments by default require all
> > connections to be authenticated via kerberos. (It's also a requirement
> > for the samba+openldap+krb5 setup I'm doing for work. ;) I saw a
> > comment about adding support for krb5_ccname in the config file. That's
> > a very useful option in the PADL version so I'm guessing this was
> > written with supporting SASL in mind? Thanks.
> >
> > tom
>
> Hi,
> sasl in OpenLDAP (and in nss_ldap) is supported in the way similar to
> Sendmail:
> CFLAGS+= ${OPENLDAP_CFLAGS}
> LDFLAGS+= ${OPENLDAP_LDFLAGS}
> LDADD+= ${OPENLDAP_LDADD}
>
> By defining,
> OPENLDAP_CFLAGS=-I/usr/local/include -DSASL
> OPENLDAP_LDFLAGS=-L/usr/local/lib
> OPENLDAP_LDADD=-lsasl
> you'll enable sasl support both for OpenLDAP and nss_ldap.
>
>
> BTW, I'll be able to implement and properly test krb5-ccname during the
> beginning of September.
>
> With best regards,
> Michael Bushkov
Sweet! Thanks a bunch for keeping this in mind and the good job. I can
now stop fretting about this on IRC. :)
tom
--
| tmclaugh at sdf.lonestar.org tmclaugh at FreeBSD.org |
| FreeBSD http://www.FreeBSD.org |
| BSD# http://www.mono-project.com/Mono:FreeBSD |
More information about the freebsd-current
mailing list