Since OpenLDAP is such a robustly developed project, distribution versions are ALWAYS way behind the times. Just about any post to the Openldap-technical list that begins with “Hi, I’m using version 2.4.24 with RHEL 6″ and I’m having problems with replication, or whatever, is answered with “well, you need to use a stable version.”
(nevermind that the OpenLDAP web site lists 2.4.24 as the most recent ‘stable’ version; the fine folks behind OpenLdap are promising to change their terminology)
Since we use OpenLDAP heavily in a multimaster replicated setup, I need to keep it current. The current stable release is actually 2.4.36; there are a few distributions of it in src rpm format. The most common one is the openldap-ltb from http://ltb-project.org/wiki/documentation/openldap-rpm. That is built on CentOS 6 and it wouldn’t build for me on RHEL 6; the binary rpm works and is pretty good, but for a number of reasons I wanted a very simple package of my own. To that end I took the spec file for the RedHat’s openldap package, stripped out quite a lot of it, changed the package root to build into /usr/local, and built it against 2.4.30. It requires BerkelyDB from Oracle, so rather then depending on the Redhat db4 package I packaged the most recent version of BerkelyDB supported by OpenLDAP. Lastly and most importantly, it’s not build against the Mozilla NSS library but rather good old fashioned reliable OpenSSL.
This OpenLDAP package uses the RedHat slapd init script, patched to start slapd from /usr/local/sbin instead of /usr/sbin. Configuration is in /etc/openldap and /etc/sysconfig; database files go in /var/lib/ldap. It also includes all of the ldap client programs, so it’s a replacement for (and conflicts with, by design) openldap-servers and openldap-clients. However, it does not conflict with the base openldap package that is part of RHEL6’s base, so you don’t have to take your system’s core out of base RHEL. That’s largely why I took this approach instead of just rebuilding the RH openldap packages without changing the paths — I hate it when things break because I changed the core system. So leave the openldap-2.4.24 base package alone, you can install openldap-clarku and it won’t mess with anything.
OpenLdap 2.4.36 SRPMS:
Download the SRC RPM, rebuild it with rpmbuild –rebuild <file>. You’ll need to rebuild and install db5-clarku before rebuilding OpenLDAP-clarku.
Updated 10-30-2013 to 2.4.36.