[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Outlook browsing LDAP?

At 12:18 12/18/2002, Todd Baker wrote:
I finally got a working openLDAP server running on my Linux box and everything seems to work fine. I can add, search, etc entries from both the command line as well as from other programs like Softerras LDAP Administrator. Now, Im trying to get Outlook XP to work with it. I set up the entry in Tools>Accounts and everything works fine. I can go to the address book and search for names and that works fine. BUT when I open up the address book I dont see any entries under the LDAP server. The only way I can get some to show up there is to first search for them. Is there some way to get all of the names to show up in the contact list without searching for them first?

When I sent the following email a few days ago, I knew I was making a mistake by not posting it to the list... this was the topic of a very recent discussion.

At 07:15 12/17/2002, Rob wrote:

I am DEFINITELY interested in the details how you made this thing working !!
Can I please (!) have the procedure for both OE and Outlook, as well as
any necessary changes on the side of the (open-)LDAP server (config,
schema, you name it) ?

Here's what I know so far -- and it's not much because I'm still learning LDAP, but I do know a good bit about Windows.

To Outlook-enable your LDAP schema, you need to read http://www.openldap.org/faq/data/cache/293.html and http://www.openldap.org/faq/data/cache/294.html and make the necessary adjustments.

Once the schema is right, you can use IE to test connectivity. Now... LDAP URL's have no security whatsoever, so "browsing" to an address book entry will only work if you have read access set up for the anonymous user on the LDAP server. I wouldn't suggest you run this way permanently, but it's awfully handy when checking to see if MS can digest the information in your openldap directory. On my server, I have the DN ou=contacts,dc=theotherbell,dc=com... in my address book, I have the contact DN cn=Bell Brenda,ou=contacts,dc=theotherbell,dc=com. From IE (or Netscape, the address bar or the Run box), the url ldap://ldap.theotherbell.com/cn=Bell%20Brenda,ou=contacts,dc=theotherbell,dc=com will display the contact properties just as if the contact were stored in ActiveDirectory.

If you can connect through IE, you should be able to do a search from OE. To set up the directory:

Launch OE and go to Tools->Accounts. Click the Add button and select Directory Service. Enter the FQN for your LDAP server; if you choose to use secured access (I didn't), you'll need to enter the right DN and password for the connection. Click Next, check Yes (do you want to check addresses using this directory service), click Next and click Finish.

On the Accounts dialog, click on the All or Directory Service tab, select the directory you just added and click the properties button. Click on the Advanced tab, enter the base DN for the search -- mine is ou=contacts,dc=theotherbell,dc=com. I left the simple search button unchecked, but you may have to play with it to see what works best for you.

To test it, click the Addresses button on the toolbar -- or go to Tools->Address Book. Clicn the Find People button. Select the directory you just added, click the Advanced tab, enter some search criteria, e.g., Name contains Bell and click the Find Now button. You should see some data.

On to Outlook -- and this is where everything is broken as far as I'm concerned.

First, Outlook runs in two modes: Internet or Corporate/Workgroup. You can easily determine which mode you're in by launching the Mail applet in the control panel. If it displays the Internet Accounts dialog, you're in Internet mode, otherwise, you're in Workgroup mode.

If you're in Internet mode, you have the same level of functionality as OE... you can follow the procedure above to add a Directory Service. But I have yet to get Outlook to actually return data... no matter what I do, it always says "there are no entries that match your search criteria".

If you're in Workgroup mode, you can add a Directory Service via the Mail applet on the control panel. This will cause your LDAP directory to correctly show up in the address book drop down. However, I haven't been able to get this configuration to connect at all.

IMHO, Outlook's LDAP access is broken... but maybe you'll pick up on something I missed.

Important note: if you change your Outlook mode and it doesn't automatically close Outlook, do it manually... otherwise, the changes don't quite kick in and you end up in a really weird state. You also have to be careful with your accounts when you reconfigure things. There's one place where Outlook sets up a default POP3 account which will automatically download all your email and delete it from the server. I use IMAP so the default is definitely not what I want... if you're going to play, best to do it with a test account that won't muck with your real email.


Henniker (the only one on earth), NH (the state with five seasons -- tourist, foliage, ski, mud and black-fly)