LDAP on HPUX-IPF (was RE: Where do I get the LDAP patches forsudo.)
Galen.Johnson at sas.com
Tue May 11 20:09:21 EDT 2004
I'll hopefully know better tomorrow if I'm going to be able to talk to our AD server ok (like pulling your own teeth). One thing, though. I noticed that on the todo you had indicated you were working on disabling local sudoers. Any progress on that front? It would make my security guys very happy (I am assuming that it looks at both for now).
From: sudo-users-bounces at sudo.ws on behalf of Aaron Spangler
Sent: Wed 4/28/2004 3:06 PM
To: Galen Johnson
Cc: sudo-users at sudo.ws
Subject: Re: LDAP on HPUX-IPF (was RE: Where do I get the LDAP patches forsudo.)
Thanks for the build tip. I gave you credit in 'README.LDAP'.
Galen Johnson wrote:
> Hey Aaron,
> I just did a make on HPUX 11.23 using gcc 3. I had to do the following (using the README.LDAP with minor mods).
> I had to configure with the following:
> CFLAGS="-D__10_10_compat_code" LDFLAGS="-L/opt/ldapux/lib" ./configure --with-ldap --with-pam
> You'll notice that I didn't have to use the includes (since they weren't under /opt/ldapux and noone knew where they might be)
> I then had to comment out the #define HAVE_LDAP_START_TLS_S in config.h along with the other changes recommended in the readme. It might be useful to have a --with-ldap-tls config option to enable this functionality rather than defaulting to enabled).
> Until our AD group can add the schema I won't know how successful I've been but I was at least able to compile it (which is usually half the battle).
> I'll keep you posted. (it'd be nice to get some idea of when 1.6.8 is planning to be released so I don't have to grab from CVS)
> -----Original Message-----
> From: Aaron Spangler [mailto:aaron at spangler.ods.org]
> Sent: Saturday, April 24, 2004 7:35 PM
> To: Galen Johnson
> Cc: as at insight.rr.com; Aaron Spangler; Leadbeter Jim; sudo-users at sudo.ws
> Subject: Re: Where do I get the LDAP patches for sudo.
> Any generic ldap client libraries should be fine communicating with LDAP.
> If you wanted to either do ldap_start_tls or LDAP over SSL(aka TLS) then
> you would want to use different client libraries. Also some modifications
> would be needed to be done to Active Directory. (Such as installing a
> - Aaron
> > It might also be worthwhile to note that the primary ldap server will be =
> > MS Active Directory but hopefully the calls should work ok.
> > =3DG=3D
> > -----Original Message-----
> > From: Aaron Spangler [mailto:as at insight.rr.com]
> > Sent: Fri 4/23/2004 3:14 PM
> > To: Galen Johnson; Aaron Spangler; Leadbeter, Jim
> > Cc: sudo-users at sudo.ws
> > Subject: Re: Where do I get the LDAP patches for sudo.
> > =20
> > I've never done Itanium before. (I've been an HP-UX junky since 6.5 & =
> > HP-UX=20
> > 8. I haven't used it much since 11.11 came out though).
> > If I remember right, ldapux installs itself in /opt (but I could be =
> > wrong).
> > That said, it should work if you include /opt/ldapux/include & =
> > /opt/ldapux/
> > lib . (The paths might be different, I am just guessing at this point.)
> > Please let me know if you run into any problems.
> > I would be glad to help in any way I can.
> > -Aaron
> > On Saturday 24 April 2004 01:52 am, Galen Johnson wrote:
> > Do you know if this will compile on HPUX/IPF (Itanium) with the ldapux=20
> > component of HP? I'll find out Monday, but I was jsut hoping you might =
> > know=20
> > of any gotchas.
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
More information about the sudo-users