[HEADS UP]: OpenLDAP+nss_ldap+nss_modules separated patch
andmore (SoC)
Michael Bushkov
bushman at rsu.ru
Fri Aug 25 06:15:52 UTC 2006
Tom McLaughlin wrote:
> Will it also be possible to build openldap in base with SASL support?
> My understanding is Windows AD environments by default require all
> connections to be authenticated via kerberos. (It's also a requirement
> for the samba+openldap+krb5 setup I'm doing for work. ;) I saw a
> comment about adding support for krb5_ccname in the config file. That's
> a very useful option in the PADL version so I'm guessing this was
> written with supporting SASL in mind? Thanks.
>
> tom
Hi,
sasl in OpenLDAP (and in nss_ldap) is supported in the way similar to
Sendmail:
CFLAGS+= ${OPENLDAP_CFLAGS}
LDFLAGS+= ${OPENLDAP_LDFLAGS}
LDADD+= ${OPENLDAP_LDADD}
By defining,
OPENLDAP_CFLAGS=-I/usr/local/include -DSASL
OPENLDAP_LDFLAGS=-L/usr/local/lib
OPENLDAP_LDADD=-lsasl
you'll enable sasl support both for OpenLDAP and nss_ldap.
BTW, I'll be able to implement and properly test krb5-ccname during the
beginning of September.
With best regards,
Michael Bushkov
More information about the freebsd-current
mailing list