From owner-freebsd-ports@FreeBSD.ORG Wed Apr 16 07:56:17 2008 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 63AD7106566C for ; Wed, 16 Apr 2008 07:56:17 +0000 (UTC) (envelope-from rock_on_the_web@comcen.com.au) Received: from angel.comcen.com.au (angel.comcen.com.au [203.23.236.69]) by mx1.freebsd.org (Postfix) with ESMTP id 11EEE8FC24 for ; Wed, 16 Apr 2008 07:56:16 +0000 (UTC) (envelope-from rock_on_the_web@comcen.com.au) Received: from [192.168.0.198] (202-172-126-254.cpe.qld-1.comcen.com.au [202.172.126.254]) by angel.comcen.com.au (8.13.4/8.12.9) with ESMTP id m3G7ptmD065875 for ; Wed, 16 Apr 2008 17:52:00 +1000 (EST) From: Da Rock To: freebsd-ports@freebsd.org Content-Type: text/plain Date: Wed, 16 Apr 2008 17:51:45 +1000 Message-Id: <1208332305.16346.357.camel@laptop2.herveybayaustralia.com.au> Mime-Version: 1.0 X-Mailer: Evolution 2.12.3 (2.12.3-3.fc8) Content-Transfer-Encoding: 7bit X-comcen-MailScanner-Information: Please contact the ISP for more information X-comcen-MailScanner: Found to be clean X-comcen-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-16.394, required 4, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.41, BAYES_00 -15.00) X-comcen-MailScanner-From: rock_on_the_web@comcen.com.au Subject: Re: Openldap server install failure - openldap client conflict X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2008 07:56:17 -0000 On Wed, 2008-04-16 at 16:48 +1000, Da Rock wrote: > On Wed, 2008-04-16 at 07:03 +0100, Matthew Seaman wrote: > > Da Rock wrote: > > > I'm trying to install OpenLDAP as a server to "attempt" to try it out > > > for our network. The problem is the openldap client is already installed > > > for other apps as php, apache, asterisk, etc. So my question is: is it > > > possible to uninstall the client? Will the server include the client > > > required for these other apps? > > > > The client installs libldap.so and liblber.so (plus variants based on > > OpenLDAP version and ABI version) -- like so for OpenLDAP 2.3: > > > > /usr/local/lib/liblber-2.3.so > > /usr/local/lib/liblber-2.3.so.2 > > /usr/local/lib/liblber.a > > /usr/local/lib/liblber.la > > /usr/local/lib/liblber.so > > /usr/local/lib/libldap-2.3.so > > /usr/local/lib/libldap-2.3.so.2 > > /usr/local/lib/libldap.a > > /usr/local/lib/libldap.la > > /usr/local/lib/libldap.so > > /usr/local/lib/libldap_r-2.3.so > > /usr/local/lib/libldap_r-2.3.so.2 > > /usr/local/lib/libldap_r.a > > /usr/local/lib/libldap_r.la > > /usr/local/lib/libldap_r.so > > > > (OpenLDAP 2.4 does similarly except replace '2.3' with '2.4') If you > > force uninstall openldap-client, then everything depending on it will > > refuse to run because of the unfulfilled shlib dynamic linkage. > > > > One of the programs that depends on the client is OpenLDAP-server -- so > > just by typing > > > > portinstall net/openldap23-server > > > > you'll cause openldap23-client (or openldap23-sasl-client) to be installed > > as a normal consequence of ports dependency resolution. The problem comes > > if you've already got, say, openldap23-client installed and you want > > openldap24-client -- other applications: Apache, PHP etc. will work with > > just about any LDAP version but openldap-server needs the matching client > > version. The solution is something like this: > > > > # portupgrade -o net/openldap24-client -f openldap-client-2.3.41 > > # portupgrade -fr openldap-client-2.4.8 > > > > to switch from the 23 series to the 24 series. Also -- handy tip -- > > adding flags like the following to /etc/make.conf will generally enable > > LDAP and SASL capabilities for any ports that can support them. (SASL highly > > recommended for securing access to LDAP, and also LDAP highly recommended > > as a back-end for SASL...) > > > > WITH_SASL= yes > > WITH_LDAP= yes > > WANT_OPENLDAP_VER= 23 > > WANT_OPENLDAP_SASL= yes > > > > However, don't insert the 'WANT_OPENLDAP_VER' line into /etc/make.conf > > until /after/ you've got the right openldap-client port installed, as it > > screws up switching between versions. > > > > 23 is the default stable release, 24 is also available but still in beta. > > > > So my question was if I install the server I'll get the client, and > you're saying yes? If thats the case then, why is it stopping because > the client is already installed? Actually, let me clarify: The error message I get is openldap-sasl-server-2.3.40 conflicts with installed package openldap-client-2.3.40, they install files into the same place. Therefore, I cannot install openldap server 2.3.40 > > > > And while I'm here... I tried installing the odbc backend, but it > > > conflicts with other apps as well. How can I have both the libiodbc and > > > unixodbc at the same time for openldap server (requires libiodbc), php5, > > > etc? > > > > Do you really need the odbc *backend* for LDAP? That allows LDAP to store > > its data in a MSSQL database somewhere -- which implies the data store is on > > a different server to the OpenLDAP instance. That's not ideal for good > > performance. Unless you know you have a specific need for one of the particular > > back-ends and certainly if you are a beginner with openldap, I'd strongly > > recommend sticking with the default local storage based on Berkeley DB. > > > > Actually I thought it covered most sql servers not just mssql- if thats > the case then good bye for sure. I was interested in maybe mysql though- > this is not usable for that I take it? > > > If your aim is to interoperate with ActiveDirectory then I believe that is > > possible at the LDAP level via the usual delegation and referral mechanisms. > > It may even be possible to replicate either to or from AD or to use OpenLDAP > > (+ Kerberos + Samba v4 I think) as a drop in replacement for AD. I have no > > direct knowledge of that, but I'm sure a little Google action will turn up > > any number of HowTos on the subject. > > > > Replacing a Windows server would be a nice goal... I will succeed on > that one in the near future- just not this project. > > Thanks for the help.