# $OpenLDAP$
-# Copyright 1999-2000, The OpenLDAP Foundation, All Rights Reserved.
+# Copyright 1999-2006 The OpenLDAP Foundation, All Rights Reserved.
# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
H1: Building and Installing OpenLDAP Software
-This chapter details how to build and install the {{ORG:OpenLDAP}}
-Software package including {{slapd}}(8), the stand-alone LDAP
-daemon and {{slurpd}}(8), the stand-alone update replication daemon.
-Building and installing OpenLDAP requires several steps: installing
-prerequisite software, configuring OpenLDAP itself, making, and finally
-installing. The following sections describe this process in detail.
+This chapter details how to build and install the {{PRD:OpenLDAP}}
+Software package including {{slapd}}(8), the stand-alone LDAP daemon
+and {{slurpd}}(8), the stand-alone update replication daemon.
+Building and installing OpenLDAP Software requires several steps:
+installing prerequisite software, configuring OpenLDAP Software
+itself, making, and finally installing. The following sections
+describe this process in detail.
H2: Obtaining and Extracting the Software
{{URL: ftp://ftp.openldap.org/pub/OpenLDAP/}}.
The project makes available two series of packages for {{general
-use}}. The project makes {{releases}} as new features and bug
-fixes come available. Though the project takes steps to improve
-stablity of these releases, it is common for problems to arise
-only after {{release}}. The latest {{release}} which has
-demonstrated stability through general use.
+use}}. The project makes {{releases}} as new features and bug fixes
+come available. Though the project takes steps to improve stablity
+of these releases, it is common for problems to arise only after
+{{release}}. The {{stable}} release is the latest {{release}} which
+has demonstrated stability through general use.
Users of OpenLDAP Software can choose, depending on their desire
-for the {{latest features}} versus {{demonstrated stability}},
-the most appropriate series to install.
+for the {{latest features}} versus {{demonstrated stability}}, the
+most appropriate series to install.
After downloading OpenLDAP Software, you need to extract the
-distribution from the compressed archive file and change your
-working directory to the top directory of the distribution:
+distribution from the compressed archive file and change your working
+directory to the top directory of the distribution:
.{{EX:gunzip -c openldap-VERSION.tgz | tar xf -}}
.{{EX:cd openldap-VERSION}}
You'll have to replace {{EX:VERSION}} with the version name of
the release.
-You should now review the {{F:COPYRIGHT}}, {{F:LICENSE}},
-{{F:README}} and {{F:INSTALL}} documents provided with the
-distribution. The {{F:COPYRIGHT}} and {{F:LICENSE}} provide
-information on acceptable use, copying, and limitation of warranty
-of OpenLDAP software. The {{F:README}} and {{F:INSTALL}} documents
-provide detailed information on prerequisite software and
-installation procedures.
+You should now review the {{F:COPYRIGHT}}, {{F:LICENSE}}, {{F:README}}
+and {{F:INSTALL}} documents provided with the distribution. The
+{{F:COPYRIGHT}} and {{F:LICENSE}} provide information on acceptable
+use, copying, and limitation of warranty of OpenLDAP Software. The
+{{F:README}} and {{F:INSTALL}} documents provide detailed information
+on prerequisite software and installation procedures.
H2: Prerequisite software
OpenLDAP Software relies upon a number of software packages distributed
-by third parties. Depending on the features you intend to use,
-you may have to download and install a number of additional
-software packages. This section details commonly needed third party
-software packages you might have to install. Note that some of
-these third party packages may depend on additional software
-packages. Install each package per installation instructions
-provided with it.
+by third parties. Depending on the features you intend to use, you
+may have to download and install a number of additional software
+packages. This section details commonly needed third party software
+packages you might have to install. However, for an up-to-date
+prerequisite information, the {{F:README}} document should be
+consulted. Note that some of these third party packages may depend
+on additional software packages. Install each package per the
+installation instructions provided with it.
H3: {{TERM[expand]TLS}}
OpenSSL is available from {{URL: http://www.openssl.org/}}.
-OpenLDAP will not be fully LDAPv3 compliant unless OpenLDAP's
+OpenLDAP Software will not be fully LDAPv3 compliant unless OpenLDAP's
{{EX:configure}} detects a usable OpenSSL installation.
-H3: Kerberos Authentication Services
-
-OpenLDAP clients and servers support Kerberos-based authentication
-services.
-In particular, OpenLDAP supports {{TERM:SASL}}/{{TERM:GSSAPI}}
-authentication mechanism using either {{PRD:Heimdal}} or
-{{PRD:MIT Kerberos}} V packages.
-If you desire to use Kerberos-based SASL/GSSAPI authentication,
-you should install either Heimdal or MIT Kerberos V.
-
-Heimdal Kerberos is available from {{URL:http://www.pdc.kth.se/heimdal/}}.
-MIT Kerberos is available from {{URL:http://web.mit.edu/kerberos/www/}}.
-
-Use of strong authentication services, such as those provided by
-Kerberos, is highly recommended.
-
-
H3: {{TERM[expand]SASL}}
-OpenLDAP clients and servers require installation of {{PRD:Cyrus}}'s
-{{PRD:SASL}} libraries to provide {{TERM[expand]SASL}} services. Though
+OpenLDAP clients and servers require installation of {{PRD:Cyrus SASL}}
+libraries to provide {{TERM[expand]SASL}} services. Though
some operating systems may provide this library as part of the
base system or as an optional software component, Cyrus SASL
often requires separate installation.
Cyrus SASL will make use of OpenSSL and Kerberos/GSSAPI libraries
if preinstalled.
-OpenLDAP will not be fully LDAPv3 compliant unless OpenLDAP's
+OpenLDAP Software will not be fully LDAPv3 compliant unless OpenLDAP's
configure detects a usable Cyrus SASL installation.
-H3: Database Software
+H3: {{TERM[expand]Kerberos}}
-OpenLDAP's {{slapd}}(8) primary database backend, {{TERM:LDBM}},
-requires a compatible database package for entry storage. LDBM
-is compatible with {{ORG[expand]Sleepy}}'s {{PRD:BerkeleyDB}} (recommended)
-or the {{ORG[expand]FSF}}'s {{PRD:GNU}} Database Manager ({{PRD:GDBM}}).
-If neither of these packages are available at configure time,
-you will not be able build {{slapd}}(8) with primary database backend.
+OpenLDAP clients and servers support {{TERM:Kerberos}} authentication
+services. In particular, OpenLDAP supports the Kerberos V
+{{TERM:GSS-API}} {{TERM:SASL}} authentication mechanism known as
+the {{TERM:GSSAPI}} mechanism. This feature requires, in addition to
+Cyrus SASL libraries, either {{PRD:Heimdal}} or {{PRD:MIT Kerberos}}
+V libraries.
+
+Heimdal Kerberos is available from {{URL:http://www.pdc.kth.se/heimdal/}}.
+MIT Kerberos is available from {{URL:http://web.mit.edu/kerberos/www/}}.
+
+Use of strong authentication services, such as those provided by
+Kerberos, is highly recommended.
-Your operating system may provide one of these two packages in
-the base system or as an optional software component. You may
-need may need to obtain the software and install it yourself.
-{{PRD:BerkeleyDB}} is available from {{ORG[expand]Sleepy}}'s
-download page {{URL: http://www.sleepycat.com/download.html}}.
-There are several versions available. At the time of this writing,
-the latest release, version 3.1, is recommended.
-{{PRD:GDBM}} is available from {{ORG:FSF}}'s download site
-{{URL: ftp://ftp.gnu.org/pub/gnu/gdbm/}}.
-At the time of this writing, version 1.8 is the latest release.
+H3: Database Software
+
+OpenLDAP's {{slapd}}(8) {{TERM:BDB}} and {{TERM:HDB}} primary database backends
+require {{ORG[expand]Oracle}} {{PRD:Berkeley DB}}.
+If not available at configure time, you will not be able build
+{{slapd}}(8) with these primary database backends.
+
+Your operating system may provide a supported version of
+{{PRD:Berkeley DB}} in the base system or as an optional
+software component. If not, you'll have to obtain and
+install it yourself.
+
+{{PRD:Berkeley DB}} is available from {{ORG[expand]Oracle}}'s Berkeley DB
+download page
+{{URL: http://www.oracle.com/technology/software/products/berkeley-db/index.html}}. There are several versions available. Generally, the most recent
+release (with published patches) is recommended. This package is required
+if you wish to use the {{TERM:BDB}} or {{TERM:HDB}} database backends.
H3: Threads
H3: TCP Wrappers
-{{slapd}}(8) supports TCP wrappers (IP level access control filters)
-if preinstalled. Use of TCP wrappers or other IP-level access
+{{slapd}}(8) supports TCP Wrappers (IP level access control filters)
+if preinstalled. Use of TCP Wrappers or other IP-level access
filters (such as those provided by an IP-level firewall) is recommended
for servers containing non-public information.
> [[env] settings] ./configure [options]
-As an example, let's assume that we want install OpenLDAP with
-LDBM backend and TCP wrapper support. By default, LDBM
-is enabled and TCP wrappers is not. So, we just need to specify
-{{EX:--with-wrappers}} to include TCP wrapper support:
+As an example, let's assume that we want to install OpenLDAP with
+BDB backend and TCP Wrappers support. By default, BDB
+is enabled and TCP Wrappers is not. So, we just need to specify
+{{EX:--with-wrappers}} to include TCP Wrappers support:
> ./configure --with-wrappers
H2: Installing the Software
-One you have successfully tested the software, you are ready to install it.
-You will need to have write permission
-to the installation directories you specified when you ran configure.
-By default OpenLDAP is installed in {{F:/usr/local}}. If you changed this
-setting with the {{EX:--prefix}} configure option, it will be installed
-in the location you provided.
+Once you have successfully tested the software, you are ready to
+install it. You will need to have write permission to the installation
+directories you specified when you ran configure. By default
+OpenLDAP Software is installed in {{F:/usr/local}}. If you changed
+this setting with the {{EX:--prefix}} configure option, it will be
+installed in the location you provided.
-Typically, the installation typically requires super-user priviledges.
+Typically, the installation requires {{super-user}} privileges.
From the top level OpenLDAP source directory, type:
> su root -c 'make install'
+and enter the appropriate password when requested.
+
You should examine the output of this command carefully to make sure
everything is installed correctly. You will find the configuration files
for {{slapd}}(8) in {{F:/usr/local/etc/openldap}} by default. See the
-{{SECT:The slapd Configuration File}} chapter for additional information.
+chapter {{SECT:Configuring slapd}} for additional information.