So I can use the loved Thunderbird again!
But opening up the IMAP is only half the way. You also need to get access to the address book. And here I ran against brick walls in the first step:
- Trying to open an LDAP address book pointing to the Exchange server failed in getting no connection (neither port 389 nor 3268 worked).
- I figured out the AD (Active Directory) server of the Windows world and used that. It connected immediately to port 389, however then had problems loading the contacts. As I know now, it is a matter of filtering to the correct entry set. However, after failing continously during my first attempts I tried
- exporting the global address list from within Outlook into ... well ... anything, I was about to even accept any CSV file, however styled. Completely failed in that too - you can export contacts but not the global address list. You can imagine how happy I was...
- directly using the global address book via LDAP directly from the server or
- use a local copy (export+import which you need to do manually from time to time to be up-to-date).
- Get the Apache Directory Studio or another LDAP browser tool of your choice that supports an LDIF export. In the Apache Studio case, just extract the package and start it (yes, it's that simple, it's a Java application that runs on Linux and Windows). You need this to first test your LDAP access, if you are not sure about the correct criteria.
- Now you need to find out where the AD is hosted. In my case I promised not to ask boring questions to IT (they were already nice enough to open up the IMAP just for me), so I had to find out on my own. I simply checked in to the Terminal Server Session and wrote a little batch file (directly going to the console is forbidden in the terminal server session due to security policies) of the content:
and just double-clicked it to find the entry "LogonServer", "UserDNSDomain" and "UserDomain".
- Now start the Apache Directory Studio and create a new LDAP connection. The connection parameters would be something like:
(using the information from LogonServer and UserDNSDomain, so e.g. "myserver.mycompany.com").
Port = 389
(default LDAP port).
Logon with UserDomain\yourUserName and your password.
Click on "Fetch base DNs" to find out the base DN to use - or guess it, it usually is:
so for example dc=microsoft,dc=com.
- Now you would find a lot of stuff browsing through the AD (assuming you have enough read permissions). To find the entries that are displayed in the Outlook address book, you need to filter the information. To do so, create a new search using the base DN above and the following search filter (click on "Filter Editor..." for better formatting):
(& (showInAddressBook=*) (mail=*) (mailNickname=*) (| (objectClass=person) (objectClass=group) (objectClass=groupOfNames) ) )
Here is the filter again as one-liner - this is how to use it in your Thunderbird:
In the Apache Directory Studio you can now set the option to "Follow referrals manually" or ignore them completely. Leaving it to automatic can produce errors - especially if AD not well configured (in my case loops are generated when automatically following all referrals). Search scope should be the complete subtree. Check the results by executing the search.
- Start Thunderbird and create a new IMAP account (if you didn't already) and create a new LDAP address book (Tools-Address book; File-New-LDAP Directory). Enter Hostname, Port, Base DN as in step 3 and in the "Advanced" tab choose subtree and enter the one-liner version of the filter as in step 4.
Now you have the direct access version. You now could change settings in Thunderbird (Edit-Preferences-Composition-Addressing) or even configure it for a single account (under Composition and Addressing) to use the LDAP directory for autocompletion, but I found that to be annoying because of the slow Exchange server in my particular case (YMMV). Hence I did not do this but pressed F9 in a new mail to show the contacts sidebar. There I switched to the LDAP address book and can now search and choose addresses if they are not already among my collected addresses. This is BTW the same you get, using Outlook - only those addresses, you already used get auto-completed and the others you need to search manually. A second annoyance is that Thunderbird takes a longer time to really disappear from memory when the LDAP search was used during runtime. So I was not really satisfied with that solution.
- Just for performance and to have all autocompleted, I wanted to have a local copy of the address book. I found that the Apache Directory Studio offers an LDIF export feature, which is really the best you can get. Even phone numbers and other properties from the LDAP directory finds the way into the imported address book in Thunderbird. Just right-click the search (it's in the tree on the left-hand side) and choose "Export-LDIF" from the context menu within the Studio and in Thunderbird you go to "Tools-Address Books" and choose "Tools-Import..." - done.
Oh, BTW: The local download of the LDAP directory did not work for me (it started but never finished - maybe because of the internal loops).
Hope this helps!
Related posts: Ignorance of the different, Popular Ubuntu Desktop myths, Apple worse than Microsoft, Outlook Calendar meetings, Maintaining multiple calendars.