# openldap does not provide back-ldap backend

## woodstock

Hi,

After emerging openldap (2.3.30-r2), the back-ldap backend is missing. Other backends are available in /usr/lib/openldap/openldap/ but unfortunately, not the backend I was looking for.

Does anyone know why this backend is missing?

I managed to work around this by copying the libs from a mandriva rpm, but if this could be fixed in the gentoo build, it would certainly make my life easier...

I do not know if this is related to this particular version of the ebuild.

Funny thing is that the man pages for this backend (slapd-ldap) are provided...just not the backend itself.

Cheers

----------

## overkll

Not sure what you mean here.  Are you looking for the ldap server executable?  If so, it's /usr/lib/openldap/slapd.  The server/backend is controlled with /etc/init.d/slapd.

----------

## woodstock

nono...openldap is working just fine.

I'm talking backends :

back_hdb

back_meta

back_monitor

back_relay

...

...

and back_ldap

Here below is a snipet of the man page I mentioned in my previous post. Makes things easier to understand.

```

SLAPD-LDAP(5)                                                    SLAPD-LDAP(5)

NAME

       slapd-ldap - LDAP backend to slapd

SYNOPSIS

       /etc/openldap/slapd.conf

DESCRIPTION

       The LDAP backend to slapd(8) is not an actual database; instead it acts

       as a proxy to forward incoming requests to another LDAP  server.  While

       processing requests it will also chase referrals, so that referrals are

       fully processed instead of being returned to the slapd client.

```

It appears all backends have been emerged/installed apart from back_ldap.

Just to be clear, I am not talking ldap server executable, nor how to start the service.

The server as you see it would be the front end which handles connection management, access control, and protocol interpretation.

The back ends handle database operations...

Cheers

----------

## overkll

"I see", said the blind man as he picked up his hammer and saw....    :Wink: 

Try adding "noclean" to "FEATURES" in /etc/make.conf and reemerging openldap.  The source and modules will be left behind after emerging and you can dig through the directories for the module(s).  It should be located in /var/tmp/portage/openldap-<version>/, unless you use a different temp dir for portage.

Maybe there is something in the ebuild that'll shed some light on this, i.e. configure options used to compile the ebuild.

----------

## overkll

Curiosity got the best of me.

/usr/portage/net-nds/openldap/openldap-2.3.30-r2.ebuild:

```
...

# extra backend stuff

myconf="${myconf} --enable-passwd=mod --enable-phonetic=mod"

myconf="${myconf} --enable-dnssrv=mod --enable-ldap"

myconf="${myconf} --enable-meta=mod --enable-monitor=mod"

myconf="${myconf} --enable-null=mod --enable-shell=mod"

myconf="${myconf} --enable-relay=mod"

myconf="${myconf} `use_enable perl perl mod`"

myconf="${myconf} `use_enable odbc sql mod`"

...
```

The second line contains "--enable-ldap".  So the back_ldap isn't a module, it's built in.

Per openldap configure options:

```
SLAPD Backend Options:

    --enable-backends     enable all available backends no|yes|mod

    --enable-bdb          enable Berkeley DB backend no|yes|mod [yes]

    --enable-dnssrv       enable dnssrv backend no|yes|mod [no]

    --enable-hdb          enable Hierarchical DB backend no|yes|mod [yes]

    --enable-ldap         enable ldap backend no|yes|mod [no]

    --enable-ldbm         enable ldbm backend no|yes|mod [no]

      --enable-ldbm-api   use LDBM API auto|berkeley|bcompat|mdbm|gdbm [auto]

      --enable-ldbm-type  use LDBM type auto|btree|hash [auto]

    --enable-meta         enable metadirectory backend no|yes|mod [no]

    --enable-monitor      enable monitor backend no|yes|mod [yes]

    --enable-null         enable null backend no|yes|mod [no]

    --enable-passwd       enable passwd backend no|yes|mod [no]

    --enable-perl         enable perl backend no|yes|mod [no]

    --enable-relay        enable relay backend no|yes|mod [yes]

    --enable-shell        enable shell backend no|yes|mod [no]

    --enable-sql          enable sql backend no|yes|mod [no]

```

I tested by changing "--enable-ldap" to "--enable-ldap=mod".  The result was that back_ldap was indeed built as a module.  Looks like Gentoo's default openldap configuration uses back_ldap built-in instead of a module.

----------

## woodstock

Wow! You sure deserve your l33t status  :Very Happy: 

The thing is I was fooled by my "experience"...Where I've been, the back_ldap back end was always compiled as a module. I actually thought it was not an option but always that way   :Confused: 

As I checked the portage logs for the openldap package, I saw it mentioned back_ldap, and not seeing the modules next to the others, I thought something was wrong.

When I first setup my proxy ldap server, I uncommented the back_ldap module ... which made slapd fail to start and my logs were showing :

 *Quote:*   

> 
> 
> Mar  4 10:31:28 feng slapd[32602]: @(#) $OpenLDAP: slapd 2.3.30 (Mar  4 2007 10:17:14) $ root@feng:/var/tmp/portage/net-nds/openldap-2.3.30-r2/work/openldap-2.3.30/servers/slapd
> 
> Mar  4 10:31:28 feng slapd[32602]: lt_dlopenext failed: (back_ldap.la) file not found
> ...

 

Thanks to your enlightenment, I realized my error(s)...

At the end, no need to uncomment the line "# moduleload    back_ldap.la" from the slapd.conf as you correctly pointed that it was built-in.

Which only leaves this database definition in /etc/openldap/slapd.conf :

```

database        ldap

uri             "ldap://zhong:389/o=isp"

suffix          "o=isp"

```

Many thanks for your help!

----------

## overkll

Your welcome.

----------

