Global address book in Thunderbird

Address book in Thunderbird

This guide will show you how to make Thunderbird use the Active Directory Global Catalog as an addressbook in a sensible way.  Some advanced modifications of Thunderbird are required and will be explained below. This guide requires you to have an email account setup already. If you have not done this yet please use this guide.

 

The first thing that needs to be done is to add the certificate used to secure the communication with the Global Catalog servers. The certificate (AAU IES CA) can be downloaded here.

The certificate then needs to be imported into Thunderbird. Start by accessing Options from the Tools menu. 

Now select Advanced and then the tab Certificates. Here click View Certificates as shown below. 

Click on the Import button. 

Navigate to the folder where you downloaded the certificate to. Select it and click Open. 

Check off all three boxes and click OK. Close the Certificates menu and the Options menu. 

We will now add Global Catalog as an addressbook. First access the Account Settings via the Tools menu shown in the picture below.


Click the Composition & Addressing option for the account you wish to add Global Catalog to as marked in the picture below. Switch the When looking up addresses: option to Use a different LDAP server: and then click Edit Directories. 

You are now shown the dialog in the picture below. Click Add to open up the next part. 

Correctly entering the information in this dialog is very important. The information you need is as follows:

  • Name: A name you want for the addressbook (eg. Global Catalog)
  • Hostname: ad-rodc01.aau.dk OR ad-rodc02.aau.dk
  • Base DN: dc=aau,dc=dk
  • Port number: 3269
  • Bind DN: YourEmailAddress

Remember to check off the Use secure connection (SSL) option (note that when you check and uncheck the SSL option the port will change to the default port).

Click on the Advanced tab and in the search filter box erase all content and insert the following line (the line will be broken up in the box but will still work):

  • (|(&(objectClass=organizationalPerson)(mail=*))(&(objectClass=group)(mail=*)))

Click OK to finish. 

The following four steps are not necessarily needed but will speed up search. Mark the newly added LDAP server and click Edit. 

Click the Offline tab and click Download Now. 

If you have not searched Global Catalog as of yet you will be prompted to enter a password for your account as shown below. Enter password and set it to remember to avoid having to do so each time you search.

Once the replication is completed a text indicating this will be shown below the button as shown below. 

Return to the Account Settings dialog under Composition & Addressing. Here mark Use a different LDAP server: and select the LDAP server you just created. This is shown in the picture below. 

We will now be making some custom changes to Thunderbird that will make the use of Global Catalog more sensible. Thunderbird uses some default LDAP attributes to populate the address book. These attributes do not match with those used by IST and need to be remapped. Also we will set the autocomplete feature to search on the full name or email of a person or group instead of the username. Make sure that Thunderbird is not open when doing these customizations.

 

To do this customization we first need to locate the prefs.js file. This file is located in your users profile.

On Windows systems it is typically located in

  • C:\Users\USERNAME\appdata\Roaming\Thunderbird\Profiles\PROFILENAME
  • C:\Users\USERNAME\appdata\Local\Thunderbird\Profiles\PROFILENAME
  • C:\Documents and Settings\USERNAME\appdata\Thunderbird\Profiles\PROFILENAME

The AppData folder in your USERNAME folder may be hidden. To view the folder if it is hidden, you must go to your USERNAME folder and press alt. This will bring up the toolbar. Choose Tools and Folder Options. This will bring up a new window where you must choose the View tab and select the Show hidden files, folders, and drivers radio button. You should then be able to see the AppData folder even if it is hidden. 

On Mac it is typically located here:

  • ~/Library/Thunderbird/Profiles/<Profile name>/

The tilde character (~) refers to the current user's Home folder, so ~/Library is the
/Macintosh HD/Users/<username>/Library folder.

In the folder locate prefs.js as shown below. 

Open the file with notepad or another text editor. Locate the line that looks like the one marked below and which contains the name you gave the LDAP server when you set it up (eg. Global Catalog). In this line note the name given in the attribute between "servers" and "description" (eg. GlobalCatalog_1). We will need this name later. 

Now download this file which contains some additions to your prefs.js and copy its contents to the end of the prefs.js file on your computer. The two top lines of the prefs.js additions file have a part labeled SERVERNAME, replace this with the name located above (in the example: GlobalCatalog_1). Save your prefs.js file. 

Your Thunderbird is now configured to use the Global Catalog to fetch address information. The service is however a little slow due to the massive amount of data in Global Catalog. For this reason you will experience small delays from entering a search string until the result is shown. Also note that the autocomplete feature doesn't work well with typing a name fast which may lead to not result at all.

Note that when you view the address list, no contacts will be shown until you search for a contact.

Thunderbird also doesn't always shut down the secure communication channel when closing the program. This will result in the error shown below. If you experience this error please open up Task Manager and see if a Thunderbird process is still running and if so close it.