Corporate Email Address Completion

As almost everyone around here knows I'm refusing to use MS Outlook as my default mail client on my mail machine. Instead I'm currently running Mozilla Thunderbird.

Altough aving absolutely zero problems with viruses, worms, trojans and spam I have two minor drawbacks:

  • No support for meeting requests and appointments
  • No automatic autocomplete of email-addresses, server-side

Problem one doesn't bother me so much, I only get such requests every now and then so I'm able to track them in my head alone. I already tried once to solve problem two years ago by utilizing LDAP with our Exchange server but failed gracefully. I was just left with a somewhat halfbaked manual solution. At least better than nothing at all.

I was reminded on that issue when I read through the Mozille Thunderbird Beta 1 Release Notes. One of the new features is support for Kerberos Authentication and that reminded me of my issue in the past. Well, I decided to give LDAP another try...

This time I didn't contact our helpdesk, which can't help me with most issues anyway, but investigated a bit more myself. Using an LDAP-browser I found out that our mailserver indeed provided some LDAP access but it didn't show me the global recipients list. Guessing that it had something to do with my attempt to connect anonymously I tried some time to connect with propper authentication but couldn't bring up a valid login on my own. So, back to the Internet searching about Active Directory, Exchange and how to connect with username and password by LDAP.

During that search I stumbled over this comment in this blog.

It's explaining how to configure your Thunderbird to use Exchange's LDAP interface for querying recipients mail addresses. There is quite some knowledge in this comment which I wouldn't have found out in ages, if I only had found that comment earlier...

Well, done it and voi'la, perfect! Automatic email-address completion in Thunderbird, wonderful.

One sidenote: I tried this also with Thunderbird 1.0.7, but this didn't work out. Perhaps there is some more trickery inside but since it works for my current version, I didn't investigate further.

To make it easier to locate the solution in the future, this is how it works, cited from the comment mentioned above:

Here is how Mozilla/Thunderbird LDAP works with Exchange 2000-2003:

  • The default LDAP port for Active Directory is 3268 (not 389) so make sure you've got this port open thru the firewall, and make sure to configure it in your LDAP account settings in Mozilla/Thunderbird.
  • For Base DN, you MUST enter something like dc=yourdomain,dc=com (whereas Outlook Express lets you get away with putting NULL).
  • For Bind DN, you must enter a domain user which has permission to search the directory. You should enter it qualified by the NetBIOS domain name, for example: mydomain\username
  • For some reason, Thunderbird doesn't always seem to recognize that it needs to log on before querying. The easiest, most reliable way I have found to force it is to go to the Offline tab in the Directory Server Properties and click the Download button. This function seems to "see" that Active Directory wants a logon, so Thunderbird will display the logon dialog to let you enter your domain credentials. For the username, specify exactly the same thing you put into Bind DN.
  • Results are returned asynchronously to the Thunderbird Address Book, so you might see "No matches found" immediately after clicking the Search button. Wait a few seconds, and your results should show up.
  • Mozilla and Thunderbird default to a Search Filter of (objectclass=*) which will return lots of useless (non-email address) entries from Active Directory. You can override this with something like (objectclass=person) on the Advanced tab of Directory Service Properties. Depending on what kinds of addresses are in your Active Directory, you may need to refine this filter more (for example, if you've got mail-enabled Public Folders which you want to display).
  • The Address Book UI in Thunderbird is just clumsy. You CANNOT search an LDAP directory by simply selecting it on the left hand side and then entering your search in the "Name or Email contains" textbox. You MUST click the Advanced button to define an LDAP search. After you find your desired address(es) in LDAP, you "should" be able to copy it to your local addresses but the stupid UI only lets you look at the Properties or add it to the recipient list for a new message (by clicking the Write button).
|

Similar entries

These entries are similar to this posting (as of 2017-02-06):