Tuesday, January 18, 2011

Connecting Evolution to Exchange 2007 Global Address List via LDAP

I searched for quite awhile to piece this information together. I'm posting what I learned in the hope that it will help someone else connect to Exchange 2007 from Evolution.

First my specifics:

  1. I'm running Ubuntu 10.10 (Maverick).
  2. I'm using the stock Evolution version 2.30.3 that came with this distribution.
  3. My Exchange server is Microsoft Exchange Server 2007. Its FQDN is carl.fakedomain.com.
  4. The domain controller I chose to use is also a global catalog server. Its FQDN is dc1.fakedomain.com.
  5. I organize my Active Directory users into a hierarchy of Organizational Units (OU). The root of my users hierarchy is OU=Fake Domain Employees,DC=fakedomain,DC=com.
  6. My User Principal Name (UPN) -- i.e. the username I use to log in -- is fakeuser@fakedomain.com. It also happens to be my email address.
Here is how I configured Evolution to access contacts stored in Active Directory.
NOTE: This is not an exact clone of Outlook's Global Address List.

  1. Open Evolution.
  2. Click Contacts.
  3. Click File > New > Address Book.
  4. Change the Type to "On LDAP Servers".
  5. Name the Address Book whatever you would like. I chose Global Address List.
  6. Check Autocomplete with this address book.
  7. Enter the FQDN of your global catalog server. I used dc1.fakedomain.com.
  8. Use the default port 389 along with SSL encryption.
  9. Change Login method to "Use distinguished name (DN)".
  10. Enter your UPN (username) in the Login field. I entered fakeuser@fakedomain.com.
  11. Select the Details tab.
  12. Enter the Distinguished Name (DN) of the location where your users are located. I entered "OU=Fake Domain Employees,DC=fakedomain,DC=com" without the quotes. If you don't know this information you can click the "Find Possible Search Bases" button. You'll likely want to choose something like "DC=fakedomain,DC=com".
  13. Change the Search scope to "Sub". If you fail to do this then you won't see users nested deeper in the LDAP folder hierarchy.
  14. In an effort to show only users with email addresses, in the Search filter field I entered "(&(objectCategory=person)(objectClass=user)(mail=*))" without the quotes. Unfortunately in all my tests it didn't appear that this field had any effect on the displayed results.
  15. Adjust the timeout as you see fit.
  16. You may want to increase the Download limit if you have more than 100 users you would like to see.
  17. I selected Browse this book until limit reached. I have been unable to get an explanation of what this does.
  18. Click OK.
Posted by Anonymous at 10:52 AM 2 comments
Labels: , , ,
Subscribe to: Posts (Atom)