TB 0.5 and MS exchange 2000
- yglodt
- Posts: 106
- Joined: May 25th, 2003, 7:30 am
- Location: Luxembourg
- Contact:
TB 0.5 and MS exchange 2000
Hello,
just got a new laptop here @work, and I decided to stay M$-free as far as possible. Gotta run
XP however for different reasons...
OOo 1.1 does a good job for office stuff, so far no problem.
Mail is also working great, just using TB 0.5 to connect to the exchange server via IMAP is
running fine.
But I also wanna use the addressbook from the exchange server, to benefit from autocomplete etc.
Our infrastructure is like this:
We have one windows 2000 server which does the domain controller and exchange server job.
Let's say it's hostname is i-server. The windows domain is called PALMA.
In xp, I am logged into that domain, as PALMA\joe.
In outlock, the company address book can be found in "Public Folders/Main Address List".
How must I set up "Base DN" and "Bind DN" to get the autocomplete work?
Are there other steps that must be taken?
Thank you and best regards
just got a new laptop here @work, and I decided to stay M$-free as far as possible. Gotta run
XP however for different reasons...
OOo 1.1 does a good job for office stuff, so far no problem.
Mail is also working great, just using TB 0.5 to connect to the exchange server via IMAP is
running fine.
But I also wanna use the addressbook from the exchange server, to benefit from autocomplete etc.
Our infrastructure is like this:
We have one windows 2000 server which does the domain controller and exchange server job.
Let's say it's hostname is i-server. The windows domain is called PALMA.
In xp, I am logged into that domain, as PALMA\joe.
In outlock, the company address book can be found in "Public Folders/Main Address List".
How must I set up "Base DN" and "Bind DN" to get the autocomplete work?
Are there other steps that must be taken?
Thank you and best regards
- yglodt
- Posts: 106
- Joined: May 25th, 2003, 7:30 am
- Location: Luxembourg
- Contact:
I also posted to the mail-news group and it seems nobody knows the answer...
IMHO seamless (as far as possible) operation with exchange servers is a very important point
for Moz/TB.
Moz could replace outlook immediately if it would work out-of-the-box with
exchange, using the addressbook over ldap plus the the calendar extension.
For mail it works very good over Imap, I had no problem so far.
I suggest if ever the settings for exchange-ldap are found, they could be left here as a sticky post.
The importance of Moz+exchange is somehow equal to Moz+java...
IMHO seamless (as far as possible) operation with exchange servers is a very important point
for Moz/TB.
Moz could replace outlook immediately if it would work out-of-the-box with
exchange, using the addressbook over ldap plus the the calendar extension.
For mail it works very good over Imap, I had no problem so far.
I suggest if ever the settings for exchange-ldap are found, they could be left here as a sticky post.
The importance of Moz+exchange is somehow equal to Moz+java...
-
- Posts: 26
- Joined: December 21st, 2003, 5:57 am
Hello yglodt,
We use TB and LDAP to accces our Exchange GAL. I must confess it took me some time to figure it out, not knowing much about LDAP!
Your settings will depend on how your Active Directory is configured. I would recommend downloading a copy of the Softerra LDAP Browser, which will allow you to browse the LDAP directory to help troubleshoot and diagnose your LDAP setup and configuration.
Just as an example for you, I have setup all our Exchange users in an Organisational Unit within AD named 'Departments'. This contains further OUs with the names of departments, and then the users themselves. If you wish to access the address details etc without specifying a username and password to the LDAP server (anonymous bind), you will need to grant read access to the Everyone group for that OU (and all child objects). I don't know whether you are the sysadmin so can change this or not....
Anyway, in your TB directory server properties, the base DN will look something like this:
OU=Departments, DC=subdomain, DC=mycompany, DC=com
depending on your config as above. This is where the Softerra LDAP browser comes in useful if you don't know this already.
Bind DN basically means 'username' to connect to the LDAP server as - if permissions are granted for anonymous bind, you can leave this blank. Otherwise, specifiy a username with permission to read the directory, you'll be prompted for the password at the first lookup.
Also, in the Advanced tab, in the search filter I have:
(objectclass=User)
which means only users email addresses are returned in the LDAP lookups, rather than system objects (well, thats what I think it does anyway!)
Let me know if you need more help setting this up....
Ben
We use TB and LDAP to accces our Exchange GAL. I must confess it took me some time to figure it out, not knowing much about LDAP!
Your settings will depend on how your Active Directory is configured. I would recommend downloading a copy of the Softerra LDAP Browser, which will allow you to browse the LDAP directory to help troubleshoot and diagnose your LDAP setup and configuration.
Just as an example for you, I have setup all our Exchange users in an Organisational Unit within AD named 'Departments'. This contains further OUs with the names of departments, and then the users themselves. If you wish to access the address details etc without specifying a username and password to the LDAP server (anonymous bind), you will need to grant read access to the Everyone group for that OU (and all child objects). I don't know whether you are the sysadmin so can change this or not....
Anyway, in your TB directory server properties, the base DN will look something like this:
OU=Departments, DC=subdomain, DC=mycompany, DC=com
depending on your config as above. This is where the Softerra LDAP browser comes in useful if you don't know this already.
Bind DN basically means 'username' to connect to the LDAP server as - if permissions are granted for anonymous bind, you can leave this blank. Otherwise, specifiy a username with permission to read the directory, you'll be prompted for the password at the first lookup.
Also, in the Advanced tab, in the search filter I have:
(objectclass=User)
which means only users email addresses are returned in the LDAP lookups, rather than system objects (well, thats what I think it does anyway!)
Let me know if you need more help setting this up....
Ben
-
- Posts: 54
- Joined: January 23rd, 2003, 4:37 pm
yglodt, I've made these instructions generic. I'll do another post with settings that would seem to fit your setup.
My LDAP entry for Exchange 2K/Active Directory (in my example the AD domain name is company.com, the "short" version of the domain name is company, and the username is username) looks like this:
Name: Company (whatever you want it called is fine)
Hostname: IP Address or hostname of Active Directory Global Catalog Domain Controller (might be the same as the exchange server, but not usually)
Base DN: DC=company,DC=com
Port number: 3268
Bind DN: company\username
The advanced tab says (I believe these are default values)
Scope: Subtree
Search filter: (objectclass=*)
LDP.exe from the Win2k Resource Kit can tell you more info about your Base DN if the generic/obvious ones don't seem to work.
My LDAP entry for Exchange 2K/Active Directory (in my example the AD domain name is company.com, the "short" version of the domain name is company, and the username is username) looks like this:
Name: Company (whatever you want it called is fine)
Hostname: IP Address or hostname of Active Directory Global Catalog Domain Controller (might be the same as the exchange server, but not usually)
Base DN: DC=company,DC=com
Port number: 3268
Bind DN: company\username
The advanced tab says (I believe these are default values)
Scope: Subtree
Search filter: (objectclass=*)
LDP.exe from the Win2k Resource Kit can tell you more info about your Base DN if the generic/obvious ones don't seem to work.
Last edited by gerbig on February 29th, 2004, 2:06 pm, edited 1 time in total.
-
- Posts: 54
- Joined: January 23rd, 2003, 4:37 pm
- yglodt
- Posts: 106
- Joined: May 25th, 2003, 7:30 am
- Location: Luxembourg
- Contact:
benwillcox wrote:Hello yglodt,
Let me know if you need more help setting this up....
Ben
Ok first thank you very much for these details. I've come a step further!
I tried this configuration as suggested by the other post:
Name: Exchange
Hostname: i-server.vendor.lu
Base DN: DC=vendor,DC=lu
Port Number: 3268
Bind DN: palma\joe
With this I have autocomplete work, but only for the adresses that are also domain users, say our staff.
I tried this other base DN setting, but it does not return anything, so I guess it looks up in the wrong
directory:
CN=Main Address List,CN=Microsoft Exchange System Objects,DC=VENDOR,DC=LU
I've found this folder structure using the softerra ldap browser which you mentioned above
This CN is the only place where I found the GAL's name under. It does not appear under any OU.
Note that I have no admin access to this box.
I wonder if exchange exports the normal public folders content over ldap at all...
-
- Posts: 26
- Joined: December 21st, 2003, 5:57 am
yglodt wrote:
I wonder if exchange exports the normal public folders content over ldap at all...
Hi yglodt,
Sorry I assumed that all you needed to read was the Exchange GAL. I've done some Googling and it would appear that you cannot query contents of Public folders like this using LDAP, as the folder's information is stored in the Exchange Information Store, and NOT the Active Directory......It's a shame as I could have done with that working too!
What you could do I suppose if the addresses don't change very often, is copy the Public contacts to your local Contacts folder in Outlook, then import that into the Tb address book - of course I know that's not an ideal solution.
- yglodt
- Posts: 106
- Joined: May 25th, 2003, 7:30 am
- Location: Luxembourg
- Contact:
benwillcox wrote:yglodt wrote:
I wonder if exchange exports the normal public folders content over ldap at all...
Hi yglodt,
Sorry I assumed that all you needed to read was the Exchange GAL. I've done some Googling and it would appear that you cannot query contents of Public folders like this using LDAP, as the folder's information is stored in the Exchange Information Store, and NOT the Active Directory......It's a shame as I could have done with that working too!
yes
benwillcox wrote:What you could do I suppose if the addresses don't change very often, is copy the Public contacts to your local Contacts folder in Outlook, then import that into the Tb address book - of course I know that's not an ideal solution.
If only I had outlook installed... There is (and I hope it will stay like that) no M$ Office on my pc. Only OOo and the Moz-gang
Well I'm gonna see how I'll do. I am very happy that I have the internal contacts working.
Thank you very much for your information! And also big thanks to gerbig!
If ever I've news I'll post them here.
-
- Posts: 11
- Joined: April 6th, 2004, 5:23 pm
- Location: Melbourne, Australia
Hi Folks.
i'm still getting stuck trying to get the autocomplete to work in the thunderbird address book.
i've downloaded the free Softerra LDAP Browser 2.5, and have two profiles to LDAP directories.
1) Bob - 389
2) Bob - 3268
Bob == PDC / Active Directory (windows 2000 sever)
Exchance is located on another computer called Veloce (running exchange 5.5 i think)
With both profiles above, i get a huge list of CN's and for #2, also get some OU.
None-the-less, i have no idea how to connect to either one of these? i've done the following in my Address Book :-
o) New Directory Server
o) Name: Work Address Book
o) Hostname: bob
o) Base DN: DC=company,DC=com,DC=au
o) Port number: 3268
o) Bind DN: domainname\justina
but nothing happens
when i try to write an email, it says LDAP Initialisation failure (for the list of possible recipients).
i can provide screen shots of the LDAP Browser if u need .... just say what.
PLEASE HELP! this is slowing our mail migration out (moving people away from Outlook as we're having lots of trouble with Digital Certs while no other program has any problems at all).
i'm still getting stuck trying to get the autocomplete to work in the thunderbird address book.
i've downloaded the free Softerra LDAP Browser 2.5, and have two profiles to LDAP directories.
1) Bob - 389
2) Bob - 3268
Bob == PDC / Active Directory (windows 2000 sever)
Exchance is located on another computer called Veloce (running exchange 5.5 i think)
With both profiles above, i get a huge list of CN's and for #2, also get some OU.
None-the-less, i have no idea how to connect to either one of these? i've done the following in my Address Book :-
o) New Directory Server
o) Name: Work Address Book
o) Hostname: bob
o) Base DN: DC=company,DC=com,DC=au
o) Port number: 3268
o) Bind DN: domainname\justina
but nothing happens
when i try to write an email, it says LDAP Initialisation failure (for the list of possible recipients).
i can provide screen shots of the LDAP Browser if u need .... just say what.
PLEASE HELP! this is slowing our mail migration out (moving people away from Outlook as we're having lots of trouble with Digital Certs while no other program has any problems at all).
-
- Posts: 11
- Joined: April 6th, 2004, 5:23 pm
- Location: Melbourne, Australia
Damn - i got it working
using the settings above, i didn't know i had to SPECIFY in the IMAP account preferences to use the LDAP i've setup
What was confussing me was -> In the ADDRESS BOOK, there were NO CARDS in the LDAP account ..... until i typed something in the NAME OR EMAIL CONTAINS search field
then i started seeing some results! also, it filters by USERNAME or DISTRO .. not both.
for example. if i type 's' (no quotes) i the name or email contains, i get a list of all users with an 's' in the name .. but no distro's ... if i type 'sgt' then i get a filtered list of all the distro's but no users with 'sgt' in their name ...
is this a feature?
using the settings above, i didn't know i had to SPECIFY in the IMAP account preferences to use the LDAP i've setup
What was confussing me was -> In the ADDRESS BOOK, there were NO CARDS in the LDAP account ..... until i typed something in the NAME OR EMAIL CONTAINS search field
then i started seeing some results! also, it filters by USERNAME or DISTRO .. not both.
for example. if i type 's' (no quotes) i the name or email contains, i get a list of all users with an 's' in the name .. but no distro's ... if i type 'sgt' then i get a filtered list of all the distro's but no users with 'sgt' in their name ...
is this a feature?
-Pure Krome-
[I Live therefore I am Happy; I am Happy therefore I Live.]
_____________________________________________________________________
[ What Nourishes Me Also Destorys Me - Angelina Jolie (Tattoo) ]
[I Live therefore I am Happy; I am Happy therefore I Live.]
_____________________________________________________________________
[ What Nourishes Me Also Destorys Me - Angelina Jolie (Tattoo) ]
- max.spicer
- Posts: 122
- Joined: July 2nd, 2003, 3:52 am
- Location: York, United Kingdom
This could definitely be useful as a sticky topic.
I've got thunderbird talking to our ad servers now, but have a few questions. Is it possible to change the attributes that tb searches on when looking up addresses? By snooping on port 389, it seems to use mail, cn, givenname and sn. This means that searching for "Max Spicer" returns no results as non of the fields contain my full name. For this, I think I need to include displayname in the searched attributes. Secondly, doing a search for spicer in the address book window returns "Max Spicer my.email@address.com" and then gives all the other information when clicked. This is great. However, when I type spicer into the to line of a compose window, I get "mspicer <my.email@address.com>" i.e. it displays my cn rather than my givenname followed by my sn. Is there any way of changing this? Calling someone by their userid is less than ideal and I never use the address book directly - I always rely on auto-complete.
I've got thunderbird talking to our ad servers now, but have a few questions. Is it possible to change the attributes that tb searches on when looking up addresses? By snooping on port 389, it seems to use mail, cn, givenname and sn. This means that searching for "Max Spicer" returns no results as non of the fields contain my full name. For this, I think I need to include displayname in the searched attributes. Secondly, doing a search for spicer in the address book window returns "Max Spicer my.email@address.com" and then gives all the other information when clicked. This is great. However, when I type spicer into the to line of a compose window, I get "mspicer <my.email@address.com>" i.e. it displays my cn rather than my givenname followed by my sn. Is there any way of changing this? Calling someone by their userid is less than ideal and I never use the address book directly - I always rely on auto-complete.
The wild things roared their terrible roars and gnashed their terrible teeth
and rolled their terrible eyes and showed their terrible claws
but Max stepped into his private boat and waved good-bye.
and rolled their terrible eyes and showed their terrible claws
but Max stepped into his private boat and waved good-bye.
- max.spicer
- Posts: 122
- Joined: July 2nd, 2003, 3:52 am
- Location: York, United Kingdom
Much searching and reading later and I still can't answer my own questions. However, I did find http://bugzilla.mozilla.org/show_bug.cgi?id=17888, which is about adding ui for lots of hidden ldap prefs. The bug links to http://developer.netscape.com:80/docs/m ... ust45.html and suggests that Mozilla supports the prefs described. Hovewer, I've tried and been totaly unsuccesful at getting Thunderbird to recognise them. Behaviour varied between crashing the moment I opened the address book, or simply removing any additions to prefs.js that I had made (and yes, I did close tb before editing the file).
The wild things roared their terrible roars and gnashed their terrible teeth
and rolled their terrible eyes and showed their terrible claws
but Max stepped into his private boat and waved good-bye.
and rolled their terrible eyes and showed their terrible claws
but Max stepped into his private boat and waved good-bye.
-
- Posts: 6
- Joined: December 28th, 2003, 5:08 pm
- Contact:
-
- Posts: 169
- Joined: June 29th, 2003, 10:35 am
I just want to thank all the folks who replied in this thread. I managed to connect to our Exchange Global Address List using the info her. Good stuff! Someone should make this stick. Or at least, glean the most important information in the posts and create a new sticky post called "How to use TB with MS Exchange".
L
L