TB 0.5 and MS exchange 2000

Discussion of general topics about Mozilla Thunderbird
User avatar
yglodt
Posts: 106
Joined: May 25th, 2003, 7:30 am
Location: Luxembourg
Contact:

TB 0.5 and MS exchange 2000

Post by yglodt »

Hello,

just got a new laptop here @work, and I decided to stay M$-free as far as possible. Gotta run
XP however for different reasons...
OOo 1.1 does a good job for office stuff, so far no problem.

Mail is also working great, just using TB 0.5 to connect to the exchange server via IMAP is
running fine.

But I also wanna use the addressbook from the exchange server, to benefit from autocomplete etc.
Our infrastructure is like this:
We have one windows 2000 server which does the domain controller and exchange server job.
Let's say it's hostname is i-server. The windows domain is called PALMA.
In xp, I am logged into that domain, as PALMA\joe.
In outlock, the company address book can be found in "Public Folders/Main Address List".

How must I set up "Base DN" and "Bind DN" to get the autocomplete work?
Are there other steps that must be taken?

Thank you and best regards
User avatar
yglodt
Posts: 106
Joined: May 25th, 2003, 7:30 am
Location: Luxembourg
Contact:

Post by yglodt »

I also posted to the mail-news group and it seems nobody knows the answer... :-(
IMHO seamless (as far as possible) operation with exchange servers is a very important point
for Moz/TB.

Moz could replace outlook immediately if it would work out-of-the-box with
exchange, using the addressbook over ldap plus the the calendar extension.

For mail it works very good over Imap, I had no problem so far.

I suggest if ever the settings for exchange-ldap are found, they could be left here as a sticky post.
The importance of Moz+exchange is somehow equal to Moz+java...
benwillcox
Posts: 26
Joined: December 21st, 2003, 5:57 am

Post by benwillcox »

Hello yglodt,

We use TB and LDAP to accces our Exchange GAL. I must confess it took me some time to figure it out, not knowing much about LDAP!

Your settings will depend on how your Active Directory is configured. I would recommend downloading a copy of the Softerra LDAP Browser, which will allow you to browse the LDAP directory to help troubleshoot and diagnose your LDAP setup and configuration.

Just as an example for you, I have setup all our Exchange users in an Organisational Unit within AD named 'Departments'. This contains further OUs with the names of departments, and then the users themselves. If you wish to access the address details etc without specifying a username and password to the LDAP server (anonymous bind), you will need to grant read access to the Everyone group for that OU (and all child objects). I don't know whether you are the sysadmin so can change this or not....

Anyway, in your TB directory server properties, the base DN will look something like this:

OU=Departments, DC=subdomain, DC=mycompany, DC=com

depending on your config as above. This is where the Softerra LDAP browser comes in useful if you don't know this already.

Bind DN basically means 'username' to connect to the LDAP server as - if permissions are granted for anonymous bind, you can leave this blank. Otherwise, specifiy a username with permission to read the directory, you'll be prompted for the password at the first lookup.

Also, in the Advanced tab, in the search filter I have:

(objectclass=User)

which means only users email addresses are returned in the LDAP lookups, rather than system objects (well, thats what I think it does anyway!)

Let me know if you need more help setting this up....

Ben
gerbig
Posts: 54
Joined: January 23rd, 2003, 4:37 pm

Post by gerbig »

yglodt, I've made these instructions generic. I'll do another post with settings that would seem to fit your setup.

My LDAP entry for Exchange 2K/Active Directory (in my example the AD domain name is company.com, the "short" version of the domain name is company, and the username is username) looks like this:
Name: Company (whatever you want it called is fine)
Hostname: IP Address or hostname of Active Directory Global Catalog Domain Controller (might be the same as the exchange server, but not usually)
Base DN: DC=company,DC=com
Port number: 3268
Bind DN: company\username

The advanced tab says (I believe these are default values)
Scope: Subtree
Search filter: (objectclass=*)

LDP.exe from the Win2k Resource Kit can tell you more info about your Base DN if the generic/obvious ones don't seem to work.
Last edited by gerbig on February 29th, 2004, 2:06 pm, edited 1 time in total.
gerbig
Posts: 54
Joined: January 23rd, 2003, 4:37 pm

Post by gerbig »

more specific for yglodt, not sure what the long version of your domain is in AD so I'll guess it's security.vendor.lu:
Name: Exchange
Hostname: i-server.security.vendor.lu
Base DN: DC=security,DC=vendor,DC=lu
Port Number: 3268
Bind DN: palma\joe
User avatar
yglodt
Posts: 106
Joined: May 25th, 2003, 7:30 am
Location: Luxembourg
Contact:

Post by yglodt »

benwillcox wrote:Hello yglodt,
Let me know if you need more help setting this up....

Ben



Ok first thank you very much for these details. I've come a step further!

I tried this configuration as suggested by the other post:
Name: Exchange
Hostname: i-server.vendor.lu
Base DN: DC=vendor,DC=lu
Port Number: 3268
Bind DN: palma\joe

With this I have autocomplete work, but only for the adresses that are also domain users, say our staff.


I tried this other base DN setting, but it does not return anything, so I guess it looks up in the wrong
directory:
CN=Main Address List,CN=Microsoft Exchange System Objects,DC=VENDOR,DC=LU

I've found this folder structure using the softerra ldap browser which you mentioned above
This CN is the only place where I found the GAL's name under. It does not appear under any OU.
Note that I have no admin access to this box.

I wonder if exchange exports the normal public folders content over ldap at all...
benwillcox
Posts: 26
Joined: December 21st, 2003, 5:57 am

Post by benwillcox »

yglodt wrote:
I wonder if exchange exports the normal public folders content over ldap at all...


Hi yglodt,

Sorry I assumed that all you needed to read was the Exchange GAL. I've done some Googling and it would appear that you cannot query contents of Public folders like this using LDAP, as the folder's information is stored in the Exchange Information Store, and NOT the Active Directory......It's a shame as I could have done with that working too!

What you could do I suppose if the addresses don't change very often, is copy the Public contacts to your local Contacts folder in Outlook, then import that into the Tb address book - of course I know that's not an ideal solution.
User avatar
yglodt
Posts: 106
Joined: May 25th, 2003, 7:30 am
Location: Luxembourg
Contact:

Post by yglodt »

benwillcox wrote:
yglodt wrote:
I wonder if exchange exports the normal public folders content over ldap at all...


Hi yglodt,

Sorry I assumed that all you needed to read was the Exchange GAL. I've done some Googling and it would appear that you cannot query contents of Public folders like this using LDAP, as the folder's information is stored in the Exchange Information Store, and NOT the Active Directory......It's a shame as I could have done with that working too!


:-( yes

benwillcox wrote:What you could do I suppose if the addresses don't change very often, is copy the Public contacts to your local Contacts folder in Outlook, then import that into the Tb address book - of course I know that's not an ideal solution.


If only I had outlook installed... ;-) There is (and I hope it will stay like that) no M$ Office on my pc. Only OOo and the Moz-gang
Well I'm gonna see how I'll do. I am very happy that I have the internal contacts working.

Thank you very much for your information! And also big thanks to gerbig!

If ever I've news I'll post them here.
Historian
Posts: 1
Joined: April 1st, 2004, 5:42 am

Post by Historian »

Now this should be a sticky for a very sticky subject :)
Pure Krome
Posts: 11
Joined: April 6th, 2004, 5:23 pm
Location: Melbourne, Australia

Post by Pure Krome »

Hi Folks.

i'm still getting stuck trying to get the autocomplete to work in the thunderbird address book.

i've downloaded the free Softerra LDAP Browser 2.5, and have two profiles to LDAP directories.

1) Bob - 389
2) Bob - 3268

Bob == PDC / Active Directory (windows 2000 sever)
Exchance is located on another computer called Veloce (running exchange 5.5 i think)

With both profiles above, i get a huge list of CN's and for #2, also get some OU.

None-the-less, i have no idea how to connect to either one of these? i've done the following in my Address Book :-
o) New Directory Server
o) Name: Work Address Book
o) Hostname: bob
o) Base DN: DC=company,DC=com,DC=au
o) Port number: 3268
o) Bind DN: domainname\justina

but nothing happens :(

when i try to write an email, it says LDAP Initialisation failure (for the list of possible recipients).

i can provide screen shots of the LDAP Browser if u need .... just say what.

PLEASE HELP! this is slowing our mail migration out :( (moving people away from Outlook as we're having lots of trouble with Digital Certs while no other program has any problems at all).
Pure Krome
Posts: 11
Joined: April 6th, 2004, 5:23 pm
Location: Melbourne, Australia

Post by Pure Krome »

Damn - i got it working :)

using the settings above, i didn't know i had to SPECIFY in the IMAP account preferences to use the LDAP i've setup :(

What was confussing me was -> In the ADDRESS BOOK, there were NO CARDS in the LDAP account ..... until i typed something in the NAME OR EMAIL CONTAINS search field :(

then i started seeing some results! also, it filters by USERNAME or DISTRO .. not both.

for example. if i type 's' (no quotes) i the name or email contains, i get a list of all users with an 's' in the name .. but no distro's ... if i type 'sgt' then i get a filtered list of all the distro's but no users with 'sgt' in their name ...

is this a feature?
-Pure Krome-
[I Live therefore I am Happy; I am Happy therefore I Live.]
_____________________________________________________________________
[ What Nourishes Me Also Destorys Me - Angelina Jolie (Tattoo) ]
User avatar
max.spicer
Posts: 122
Joined: July 2nd, 2003, 3:52 am
Location: York, United Kingdom

Post by max.spicer »

This could definitely be useful as a sticky topic.

I've got thunderbird talking to our ad servers now, but have a few questions. Is it possible to change the attributes that tb searches on when looking up addresses? By snooping on port 389, it seems to use mail, cn, givenname and sn. This means that searching for "Max Spicer" returns no results as non of the fields contain my full name. For this, I think I need to include displayname in the searched attributes. Secondly, doing a search for spicer in the address book window returns "Max Spicer my.email@address.com" and then gives all the other information when clicked. This is great. However, when I type spicer into the to line of a compose window, I get "mspicer <my.email@address.com>" i.e. it displays my cn rather than my givenname followed by my sn. Is there any way of changing this? Calling someone by their userid is less than ideal and I never use the address book directly - I always rely on auto-complete.
The wild things roared their terrible roars and gnashed their terrible teeth
and rolled their terrible eyes and showed their terrible claws
but Max stepped into his private boat and waved good-bye.
User avatar
max.spicer
Posts: 122
Joined: July 2nd, 2003, 3:52 am
Location: York, United Kingdom

Post by max.spicer »

Much searching and reading later and I still can't answer my own questions. However, I did find http://bugzilla.mozilla.org/show_bug.cgi?id=17888, which is about adding ui for lots of hidden ldap prefs. The bug links to http://developer.netscape.com:80/docs/m ... ust45.html and suggests that Mozilla supports the prefs described. Hovewer, I've tried and been totaly unsuccesful at getting Thunderbird to recognise them. Behaviour varied between crashing the moment I opened the address book, or simply removing any additions to prefs.js that I had made (and yes, I did close tb before editing the file).
The wild things roared their terrible roars and gnashed their terrible teeth
and rolled their terrible eyes and showed their terrible claws
but Max stepped into his private boat and waved good-bye.
senfo
Posts: 6
Joined: December 28th, 2003, 5:08 pm
Contact:

Post by senfo »

Does anybody know why the find button isn't active so I can find my base DN (version 0.7.1)?
lduperval
Posts: 169
Joined: June 29th, 2003, 10:35 am

Post by lduperval »

I just want to thank all the folks who replied in this thread. I managed to connect to our Exchange Global Address List using the info her. Good stuff! Someone should make this stick. Or at least, glean the most important information in the posts and create a new sticky post called "How to use TB with MS Exchange".

L
Post Reply