2 # Copyright 1999-2000, The OpenLDAP Foundation, All Rights Reserved.
3 # COPYING RESTRICTIONS APPLY, see COPYRIGHT.
4 H1: Building and Installing OpenLDAP Software
6 This chapter details how to build and install the {{ORG:OpenLDAP}}
7 Software package including {{slapd}}(8), the stand-alone LDAP
8 daemon and {{slurpd}}(8), the stand-alone update replication daemon.
10 Building and installing OpenLDAP requires several steps: installing
11 prerequisite software, configuring OpenLDAP itself, making, and finally
12 installing. The following sections describe this process in detail.
14 In case you haven't already obtained OpenLDAP it is available at the following
15 location: {{URL: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release.tgz}}
17 The {{ORG[expand]OLP}} also maintains an extensive site
18 ({{URL:http://www.OpenLDAP.org/}}) on the World Wide Web. The site
19 makes available a number of resources which you may utilize to
20 properly install OpenLDAP Software. This includes:
22 !block table; align=Center; coltags="N,URL"; \
23 title="Table 4.1: Other OpenLDAP resources"
25 Frequently Asked Questions http://www.OpenLDAP.org/faq/
26 Issue Tracking System http://www.OpenLDAP.org/its/
27 Mailing Lists http://www.OpenLDAP.org/lists/
28 Software Pages http://www.OpenLDAP.org/software/
29 Support Page http://www.OpenLDAP.org/support/
32 H2: Prerequisite software
34 OpenLDAP relies a number of software packages distributed by third
35 parties. Depending on the features you intend to use, you may have
36 to download and install a number of additional software packages.
37 This section details commonly needed third party software packages
38 you might have to install. Note that some of these third party
39 packages may depend on additional software packages. Install each
40 package per installation instructions provided with it.
42 H3: {{TERM[expand]TLS}}
44 OpenLDAP clients and servers require installation of {{PRD:OpenSSL}}
45 {{TERM:TLS}} libraries to provide {{TERM[expand]TLS}} services. Though
46 some operating systems may provide these libraries as part of the
47 base system or as an optional software component, OpenSSL often
48 requires separate installation.
50 OpenSSL is available from {{URL: http://www.openssl.org/}}.
52 OpenLDAP will not be fully LDAPv3 compliant unless OpenLDAP's
53 {{EX:configure}} detects a usable OpenSSL installation.
56 H3: Kerberos Authentication Services
58 OpenLDAP clients and servers support Kerberos-based authentication
60 In particular, OpenLDAP supports {{TERM:SASL}}/{{TERM:GSSAPI}}
61 authentication mechanism using either {{PRD:Heimdal}} or
62 {{PRD:MIT Kerberos}} V packages.
63 If you desire to use Kerberos-based SASL/GSSAPI authentication,
64 you should install either Heimdal or MIT Kerberos V.
66 Heimdal Kerberos is available from {{URL:http://www.pdc.kth.se/heimdal/}}.
67 MIT Kerberos is available from {{URL:http://web.mit.edu/kerberos/www/}}.
69 Use of strong authentication services, such as those provided by
70 Kerberos, is highly recommended.
73 H3: {{TERM[expand]SASL}}
75 OpenLDAP clients and servers require installation of {{PRD:Cyrus}}
76 SASL libraries to provide {{TERM[expand]SASL}} services. Though
77 some operating systems may provide this library as part of the
78 base system or as an optional software component, Cyrus SASL
79 often requires separate installation.
81 Cyrus SASL is available from {{URL:http://asg.cmu.edu/cyrus/sasl/}}.
82 Cyrus SASL will make use of OpenSSL and Kerberos/GSSAPI libraries
85 OpenLDAP will not be fully LDAPv3 compliant unless OpenLDAP's
86 configure detects a usable Cyrus SASL installation.
91 OpenLDAP's {{slapd}}(8) primary database backend, {{TERM:LDBM}},
92 requires that a compatible database package for entry storage. LDBM
93 is compatible with {{ORG[expand]Sleepy}}'s {{PRD:BerkeleyDB}} (recommended)
94 or the {{ORG[expand]FSF}}'s {{PRD:GNU}} Database Manager ({{PRD:GDBM}}).
95 If neither of these packages are available at configure time,
96 you will not be able build slapd(8) with primary database backend.
98 Your operating system may provide one of these two packages in
99 in base system or as an optional software component. You may
100 need may need to obtain the software and install it yourself.
102 {{PRD:BerkeleyDB}} is available from {{ORG[expand]Sleepy}}'s
103 download page {{URL: http://www.sleepycat.com/download.html}}.
104 There are several versions available. At the time of this writing,
105 the latest release, version 3.1, is recommended.
107 {{PRD:GDBM}} is available from {{ORG:FSF}}'s download site
108 {{URL: ftp://ftp.gnu.org/pub/gnu/gdbm/}}.
109 At the time of this writing, version 1.8 is the latest release.
114 OpenLDAP is designed to take advantage of threads. OpenLDAP
115 supports POSIX {{pthreads}}, Mach {{CThreads}}, and a number of
116 other varieties. {{EX:configure}} will complain if it cannot
117 find a suitable thread subsystem. If this occurs, please
118 consult the {{F:Software|Installation|Platform Hints}} section
119 of the OpenLDAP FAQ {{URL: http://www.openldap.org/faq/}}.
124 {{slapd}}(8) supports TCP wrappers (IP level access control filters)
125 if preinstalled. Use of TCP wrappers or other IP level access
126 filters (such as those provided by a IP-level firewall) is recommended
127 for servers containing non-public information.
130 H2: Running configure
132 If you haven't already done so, extra the distribution for the
133 compressed archive file and change directory to the top of the
136 .{{EX:gunzip -c openldap-VERSION.tgz | tar xf -}}
137 .{{EX:cd openldap-VERSION}}
139 Replacing {{EX:VERSION}} with the appropriate version string.
141 Note: If you intend to build OpenLDAP for multiple platforms from a
142 single source tree you should consult the {{F: INSTALL}} file in the
143 top level distribution directory before running {{EX:configure}}.
145 Now you should probably run the {{EX:configure}} script with the
146 {{EX:--help}} option.
147 This will give you a list of options that you can change when building
148 OpenLDAP. Many of the features of OpenLDAP can be enabled or disabled
149 using this method. Please see the appendix for a more detailed list
150 of configure options, and their usage.
151 .{{EX:./configure --help}}
153 The {{EX:configure}} script will also look at certain environment variables
154 for certain settings. These environment variables are:
156 !block table; align=Center; coltags="EX,N"; title="Table 4.1: Environment Variables"
158 CC Specify alternative C Compiler
159 CFLAGS Specify additional compiler flags
160 CPPFLAGS Specify C Preprocessor flags
161 LDFLAGS Specify linker flags
162 LIBS Specify additional libraries
165 Now run the configure script with any desired configure options or
166 environment variables.
168 > [[env] settings] ./configure [options]
170 As an example, lets assume that we want a copy of OpenLDAP configured to use the
171 LDBM backend, and the shell backend. The LDBM backend is turned on by default, so we don't need to do anything special to enable it.
173 Additionally, we've installed the BerkeleyDB database package.
174 {{EX:configure}} is smart enough to use BerkeleyDB automatically
175 if it can find it, but BerkeleyDB is installed by default in a
176 place {{EX:configure}} won't look at automatically. BerkeleyDB
177 is usually installed in {{F:/usr/local/BerkeleyDB.3.1}} (assuming
178 that version 3.1 is being used.)
180 The following example shows how to run {{EX:configure}} and specify where to
181 find BerkeleyDB and turn on the DNS-SRV backend. The example should be
182 entered on a single line (it has been split onto separate lines for clarity.)
184 > env CPPFLAGS="-I/usr/local/BerkeleyDB.3.1/include" \
185 > LDFLAGS="-L/usr/local/BerkeleyDB.3.1/lib" \
186 > ./configure --enable-dnssrv
188 Note: Some shells, such as those derived from the Bourne {{sh}}(1),
189 do not require use of the {{env}}(1) command. In some cases, environmental
190 variables have to be specified using alternative syntaxes.
192 For more information on backends see the chapter on configuration.
194 The {{EX:configure}} script will normally auto-detect appropriate settings.
195 If you have problems at this stage, consult any platform specific
196 hints and check your {{EX:configure}} options if any.
199 H2: Building the Software
201 Once you have run the {{EX:configure}} script the last line of output
203 > Please "make depend" to build dependencies
205 If the last line of output does not match, {{EX:configure}} has failed.
206 You should not proceed until {{EX:configure}} completes successfully.
208 To build dependencies, run:
211 Now build the software, this step will actually compile OpenLDAP.
214 You should examine the output of this command carefully to make sure
215 everything is built correctly. Note that this command builds the LDAP
216 libraries and associated clients as well as {{slapd}}(8) and {{slurpd}}(8).
219 H2: Testing the Software
221 Once the software has been properly configured and successfully
222 made, you should run the test suite to verify the build.
226 The test will run a number of tests.
229 H2: Installing the Software
231 One you have successfully tested the software, you are ready to install it.
232 You will need to have write permission
233 to the installation directories you specified when you ran configure.
234 By default OpenLDAP is installed in {{F:/usr/local}}. If you changed this
235 setting with the {{F:--prefix}} configure option, it will be installed
236 in the location you provided.
238 Typically, the installation is done as {{root}}. From the top level OpenLDAP
239 source directory, type:
243 You should examine the output of this command carefully to make sure
244 everything is installed correctly. You will find the configuration files
245 for slapd in {{F:/usr/local/etc/openldap}} by default. See chapter 5 for more
246 information on the configuration files.