There are three elements that you would mostly be interested in: email, calendar and contacts. This quick howto deals with getting Address Book to work with LDAP (Microsoft Active Directory in our case).
Step 1: Determine the default naming context (base dn) for the search
- Fire up Terminal and issue an ldapsearch to determine the default naming context:
$ldapsearch -h your.exchange.server -x -b '' -s base '(objectclass=*)' 'namingContexts'
- Search for the lines beginning with "namingContexts":
namingContexts: DC=mycompany,DC=com
namingContexts: CN=Configuration,DC=mycompany,DC=com
namingContexts: CN=Schema,CN=Configuration,DC=mycompany,DC=com
The result you are looking for is the "base/root" and that is the shortest one in the case of Exchange (btw - this will work on other LDAP servers too), ie. DC=mycompany,DC=com.
Step 2: Configure Address Book to query the server
- Fire up Address Book and go to the Preferences (Command + ,). Select the LDAP tab.
- Hit the "+" to add a new server.
- In the "Server" field complete the hostname of your Exchange server or Active Directory domain controller in the case of larger companies.- In the "Search Base" use the information that you retrieved from "ldapsearch" earlier. It will be in the format DC=company,DC=com.
- Choose "Simple" authentication.
- "User Name" should be your normal Windows logon.
- "Password" again, your Windows password.
Step 3: Searching your Global Address list.
- Address Book will automatically query the server whenever you search for a name.
This will also happen whenever you type new addresses into Mail.app when composing emails.
Hope this helps!
27 comments:
You rock. Thanks. Worked like a charm.
I've been trying to get this to work for so long. Thanks so much!
This is exactly what I was looking for. Thanks!!
Hi! I installed a fresh OSX 10.5 yesterday, after my 10.4 installation got on my nerves. Under 10.4 I used Mail and AddressBook in parrallel to Entourage. All of these apps worked fine with my company's global Exchange address book.
Now only Entourage works. I tried your Howto and got this:
----------
ldapsearch -h ablncen301 -x -b '' -s base '(objectclass=*)' 'namingContexts'
# extended LDIF
#
# LDAPv3
# base <> with scope baseObject
# filter: (objectclass=*)
# requesting: namingContexts
#
#
dn:
namingContexts: CN=Configuration,DC=asv-root,DC=local
namingContexts: CN=Schema,CN=Configuration,DC=asv-root,DC=local
namingContexts: DC=asv,DC=local
namingContexts: DC=ForestDnsZones,DC=asv-root,DC=local
namingContexts: DC=DomainDnsZones,DC=asv,DC=local
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
----------
After that I followed your Hwoto step by step. Tried adding and removing the LDAP server from my proxy exception list... nothing.
When I enter a name in AddressBook.app it searches for a couple seconds but never finds anything.
Any ideas?
Hi Lorenz,
Are you usingDC=asv,DC=local for the Search Base?
Also, double check the DOMAIN... if your case it probably is something like ASV.LOCAL\username...
Hope that helps...
"DC=asv,DC=local" - yes and no. Tried both.
Also as username I tried all possible combinations of asv, ASV, asv.local, ASV.LOCAL and my username in CAPS or small... triple checked the password. I'm lost here :)
I notice you are using port 389. My address book defaults to port 3268. Can you provide any pointers on that?
Is there a way to get to your personal contact list stored in exchang?e
"Professor" asks if there is a way to access your personal contact list from Exchange - you can set this up in Address Book preferences. You'll need the URL of your OWA (Outlook Web Access) server.
Hi man,
I have been trying to get this to work for quite some time now without any luck - but now it finally works!!! :)
Thanks,
brm
Lorenz: If I had to take a completely wild guess, it's because the top-level-domain of your forest is ".local"
For a long time Microsoft was advising people that if they didn't want to purchase a "real" domain name (like .org, .com, etc...) they should use .local but this conflicts with rendezvous / zeroconf.
Macs will (I believe) refuse to query DNS servers for .local addresses, relying on a broadcast-based zeroconf resolution instead.
All this said, I could be completely wrong.
"m prewitt" - 3268 should also work. It is the port of the "Global Catalog" and contains some information for Address Book purposes.
"m prewitt" - 3268 should also work. It is the port of the "Global Catalog" and contains some information for Address Book purposes.
In the following, "abcd" and "company" are text replacements. In my case, terminal returns
namingContexts: CN=Configuration,DC=company,DC=com
namingContexts: CN=Schema,CN=Configuration,DC=company,DC=com
namingContexts: DC=abcd,DC=company,DC=com
namingContexts: DC=ForestDnsZones,DC=company,DC=com
namingContexts: DC=DomainDnsZones,DC=abcd,DC=company,DC=com
I used the third from the top, and it's not working. Also, as far as the server field goes, I've tried abcd.company.com and the name I use in Entourage for the LDAP server, which is cpwigc02.abcd.companyname.com
Address Book either comes back in seconds with no hits, or pinwheels (next to the search field) for about 3 minutes and has no hits. Any ideas?
Thanks for the tips! Port 387 would not work for me, but port 3268 worked like a charm!
I figured out the issue: My "domain" was not abcd.company.com, but just the abcd. I found some tips I wrote for myself for Mac Outlook, and I had had the same suggestions there.
Brilliant!
One little glitch: it displays first names only. Any idea to solve that? Entourage works pretty well with that.
endre, the only thing that comes to mind is that the LDAP/Exchange server does not contain the data captured correctly. Check with your Administrator.
I can setup Apple mail but I can't do Address Book.
Tried your setup but nothing.
Any idea?
Great !!! After different tried got it working
The trick for me was to put domain/usrname when I was trying before without domain
:-D
It took me days to figure this out but I eventually got it to work by using the IP address of my exchange box on port 3268. Thanks for the help.
Awesome, awesome, awesome. Take that, IT ignoramuses!
Doesn't work at all for me. The progress spins one or two seconds, but that's it.
Found this today. THANK YOU
added to my favs
Post a Comment