At work we’ve got all of our user account information Active Directory running on MS Windows 2003 servers. Since Active Directory makes this data available via LDAP you can use it as an address book back end for Thunderbird, Outlook and Maill.app (the built in email client on Mac OS X). I recently wrote up step by step instructions on how to setup each of these and thought others might benefit from this.
The instructions below assume that your Active Directory forest was setup using the domain example.com and that your username is billg, so be sure to replace that with your own information. The instructions also assume that you haven’t setup SSL/TLS on your Active Directory servers. If you have then please make use of that.
Thunderbird (version 1.5)
Tools -> Options -> Composition -> Addressing
Address Autocompletion: check "Local Address Book" and "Directory Server"
Edit Directories -> Add
Base DN: cn=users,dc=example,dc=com
Port Number: 389
Bind DN: email@example.com
(SSL is left unchecked)
Make sure the new EXAMPLE.COM directory is selected for "Directory Server"
Tools -> Account Settings
(Under the EXAMPLE.COM users account section) -> Composition & Addressing
Addressing: select "Use a different LDAP server."
Set it to the new EXAMPLE.COM directory.
Address Book: Select the EXAMPLE.COM directory, perform a search.
It might prompt you for a password.
Outlook (version 2003 SP2)
Tools -> Email Accounts
Directory: Select "Add a new directory or address book"
Select "Internet Directory Server (LDAP)"
"Server Information": Server Name: ldap.example.com
"Logon Information": Check "This server requires me to log on"
"User Name": billg
Click More Settings ...
(It will probably warn you about not being available until after your
restart Outlook. That is fine, click OK)
"Search" tab -> "Search Options": cn=users,dc=example,dc=com
(Close Outlook and open it up again)
Mail (Mail 2.0.5 / Mac OS X 10.4)
Mail -> Preferences -> Composing
"Addressing": Check "Automatically complete addresses"
Click Configure LDAP ...
"Search Base": cn=users,dc=example,dc=com
(leave "Use SSL" unchecked)
"User Name": firstname.lastname@example.org
Close the Preferences window
I noted the version of each software that I tried this on. It many cases these same instructions will work with other versions of the same software, but I can’t guarantee that. Please remember to substitute example.com along with the billg user account and password with your own details.
For those of you that are concerned about having to enter your password to access your Active Directory/LDAP address book, there is another method that I should mention. In order to get around this at work I created an Active Directory user called anonymous, with the password of anonymous. This account has limited abilities and doesn’t have permissions to any files or shares. The only thing this account does is provide a way to get LDAP user account info. Once you’ve created this account you can follow the same instructions as above substituting the username/password billg@example/B1lLGpW with email@example.com/anonymous.
If you have any other tips about this subject please leave a comment. If for some reason you don’t feel comfortable with that please drop me a note via my contact form and I’ll add the details to this article.