X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=doc%2Fguide%2Fadmin%2Finstall.sdf;h=1d4e7b5ab02f1aa183534c6b8787943fb30a51f0;hb=221e0f727be9967543ff6255c05d4221e70338f0;hp=db8d982f0180b251e9e19da172cd25ee74dd2f48;hpb=54570d22cad95fac606d845f82ed807e2a41c062;p=openldap diff --git a/doc/guide/admin/install.sdf b/doc/guide/admin/install.sdf index db8d982f01..1d4e7b5ab0 100644 --- a/doc/guide/admin/install.sdf +++ b/doc/guide/admin/install.sdf @@ -1,16 +1,15 @@ # $OpenLDAP$ -# Copyright 1999-2002, The OpenLDAP Foundation, All Rights Reserved. +# Copyright 1999-2007 The OpenLDAP Foundation, All Rights Reserved. # COPYING RESTRICTIONS APPLY, see COPYRIGHT. H1: Building and Installing OpenLDAP Software -This chapter details how to build and install the {{ORG:OpenLDAP}} -Software package including {{slapd}}(8), the stand-alone LDAP daemon -and {{slurpd}}(8), the stand-alone update replication daemon. -Building and installing OpenLDAP Software requires several steps: -installing prerequisite software, configuring OpenLDAP Software -itself, making, and finally installing. The following sections -describe this process in detail. +This chapter details how to build and install the {{PRD:OpenLDAP}} +Software package including {{slapd}}(8), the Standalone {{TERM:LDAP}} +Daemon. Building and installing OpenLDAP Software requires several +steps: installing prerequisite software, configuring OpenLDAP +Software itself, making, and finally installing. The following +sections describe this process in detail. H2: Obtaining and Extracting the Software @@ -22,7 +21,7 @@ directly from the project's {{TERM:FTP}} service at The project makes available two series of packages for {{general use}}. The project makes {{releases}} as new features and bug fixes -come available. Though the project takes steps to improve stablity +come available. Though the project takes steps to improve stability of these releases, it is common for problems to arise only after {{release}}. The {{stable}} release is the latest {{release}} which has demonstrated stability through general use. @@ -52,50 +51,36 @@ on prerequisite software and installation procedures. H2: Prerequisite software OpenLDAP Software relies upon a number of software packages distributed -by third parties. Depending on the features you intend to use, -you may have to download and install a number of additional -software packages. This section details commonly needed third party -software packages you might have to install. Note that some of -these third party packages may depend on additional software -packages. Install each package per the installation instructions -provided with it. +by third parties. Depending on the features you intend to use, you +may have to download and install a number of additional software +packages. This section details commonly needed third party software +packages you might have to install. However, for an up-to-date +prerequisite information, the {{F:README}} document should be +consulted. Note that some of these third party packages may depend +on additional software packages. Install each package per the +installation instructions provided with it. H3: {{TERM[expand]TLS}} -OpenLDAP clients and servers require installation of {{PRD:OpenSSL}} +OpenLDAP clients and servers require installation of either {{PRD:OpenSSL}} +or {{PRD:GnuTLS}} {{TERM:TLS}} libraries to provide {{TERM[expand]TLS}} services. Though some operating systems may provide these libraries as part of the -base system or as an optional software component, OpenSSL often -requires separate installation. +base system or as an optional software component, OpenSSL and GnuTLS often +require separate installation. OpenSSL is available from {{URL: http://www.openssl.org/}}. +GnuTLS is available from {{URL: http://www.gnu.org/software/gnutls/}}. OpenLDAP Software will not be fully LDAPv3 compliant unless OpenLDAP's -{{EX:configure}} detects a usable OpenSSL installation. - - -H3: Kerberos Authentication Services - -OpenLDAP clients and servers support Kerberos-based authentication -services. -In particular, OpenLDAP supports the {{TERM:SASL}}/{{TERM:GSSAPI}} -authentication mechanism using either {{PRD:Heimdal}} or -{{PRD:MIT Kerberos}} V packages. -If you desire to use Kerberos-based SASL/GSSAPI authentication, -you should install either Heimdal or MIT Kerberos V. - -Heimdal Kerberos is available from {{URL:http://www.pdc.kth.se/heimdal/}}. -MIT Kerberos is available from {{URL:http://web.mit.edu/kerberos/www/}}. - -Use of strong authentication services, such as those provided by -Kerberos, is highly recommended. +{{EX:configure}} detects a usable TLS library. H3: {{TERM[expand]SASL}} -OpenLDAP clients and servers require installation of {{PRD:Cyrus}}'s -{{PRD:SASL}} libraries to provide {{TERM[expand]SASL}} services. Though +OpenLDAP clients and servers require installation of {{PRD:Cyrus SASL}} +libraries to provide {{TERM[expand]SASL}} services. Though some operating systems may provide this library as part of the base system or as an optional software component, Cyrus SASL often requires separate installation. @@ -109,27 +94,40 @@ OpenLDAP Software will not be fully LDAPv3 compliant unless OpenLDAP's configure detects a usable Cyrus SASL installation. +H3: {{TERM[expand]Kerberos}} + +OpenLDAP clients and servers support {{TERM:Kerberos}} authentication +services. In particular, OpenLDAP supports the Kerberos V +{{TERM:GSS-API}} {{TERM:SASL}} authentication mechanism known as +the {{TERM:GSSAPI}} mechanism. This feature requires, in addition to +Cyrus SASL libraries, either {{PRD:Heimdal}} or {{PRD:MIT Kerberos}} +V libraries. + +Heimdal Kerberos is available from {{URL:http://www.pdc.kth.se/heimdal/}}. +MIT Kerberos is available from {{URL:http://web.mit.edu/kerberos/www/}}. + +Use of strong authentication services, such as those provided by +Kerberos, is highly recommended. + + + H3: Database Software -OpenLDAP's {{slapd}}(8) primary database backend, {{TERM:BDB}}, -requires {{ORG[expand]Sleepycat}} {{PRD:Berkeley DB}}, version 4. +OpenLDAP's {{slapd}}(8) {{TERM:BDB}} and {{TERM:HDB}} primary database backends +require {{ORG[expand]Oracle}} {{PRD:Berkeley DB}}. If not available at configure time, you will not be able build -{{slapd}}(8) with this primary database backend. - -Your operating system may provide {{PRD:Berkeley DB}}, version 4, -in the base system or as an optional software component. If not, -you'll have to obtain and install it yourself. +{{slapd}}(8) with these primary database backends. -{{PRD:Berkeley DB}} is available from {{ORG[expand]Sleepycat}}'s -download page {{URL: http://www.sleepycat.com/download.html}}. -There are several versions available. At the time of this writing, -the latest release, version 4.1, is recommended. This package is -required if you wish to use the {{TERM:BDB}} database backend. +Your operating system may provide a supported version of +{{PRD:Berkeley DB}} in the base system or as an optional +software component. If not, you'll have to obtain and +install it yourself. -OpenLDAP's {{slapd}}(8) LDBM backend supports a variety of data -base managers including {{PRD:Berkeley DB}} and {{PRD:GDBM}}. -{{PRD:GDBM}} is available from {{ORG:FSF}}'s download site {{URL: -ftp://ftp.gnu.org/pub/gnu/gdbm/}}. +{{PRD:Berkeley DB}} is available from {{ORG[expand]Oracle}}'s Berkeley DB +download page +{{URL: http://www.oracle.com/technology/software/products/berkeley-db/index.html}}. There are several versions available. Generally, the most recent +release (with published patches) is recommended. This package is required +if you wish to use the {{TERM:BDB}} or {{TERM:HDB}} database backends. H3: Threads @@ -222,8 +220,8 @@ Now build the software, this step will actually compile OpenLDAP. > make You should examine the output of this command carefully to make sure -everything is built correctly. Note that this command builds the LDAP -libraries and associated clients as well as {{slapd}}(8) and {{slurpd}}(8). +everything is built correctly. Note that this command builds the LDAP +libraries and associated clients as well as {{slapd}}(8). H2: Testing the Software @@ -257,5 +255,5 @@ and enter the appropriate password when requested. You should examine the output of this command carefully to make sure everything is installed correctly. You will find the configuration files for {{slapd}}(8) in {{F:/usr/local/etc/openldap}} by default. See the -chapter {{SECT:The slapd Configuration File}} for additional information. +chapter {{SECT:Configuring slapd}} for additional information.