[Samba] Openldap for PDC

Craig White craigwhite at azapple.com
Fri Oct 21 03:04:30 GMT 2005

On Thu, 2005-10-20 at 21:40 -0500, Philip Washington wrote:
> I have been testing with openldap_2.2.13-2  and have experience on 2 
> occasions lockups where the ldap server does not respond (slapcat will 
> just hang).  I have upgraded to openldap_2.2.13-4.
> Is there a recommended version of openldap for SambaPDC?
> Does anyone have a system in production using openldap_2.2.13-2 or 
> openldap_2.2.13-4?
> I'm currently using samba3-20b  any recommendations for a production 
> system would be welcome.
you will get a lot of answers on this...

First, I think Samba tries to be indifferent to which version of LDAP
but I think if it reasonably implements LDAP v3, it's gonna work with

from openldap list - it would go something like that version is way out
of date and you need to upgrade (current is something like 2.2.28) Note,
2.2.x series is feature locked and only security issues are being
handled. They also have nearly stable 2.3.11 but that is a horse of
another color.

Most of my clients - I am happy with RHEL 2.2.13-x   It works, features
haven't really changed and I don't have to screw with it. A lot of my
clients though are small ( < 50 employees) and it's hard to justify all
the effort of compiling.

I have manually compiled openldap 2.2.23 and am using it - it wasn't
that hard (you really need to also download and compile heimdal
kerberos, openssl, cyrus-sasl and berkeley-db4) and yet deal with the
existing stuff that has dependencies.

My recommendation is, if it ain't broke, don't fix it. If you feel you
want to go the manual route, I would heavily recommend that you use
Quanah's web site at Stanford as a guide...


Note that there is now another alternative, Fedora Directory Server
which was formerly Netscape's Directory Server. I have no experience
with this and am enjoying whatever little free time I am having at the


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba mailing list