Skip to end of metadata
Go to start of metadata

How to use Jacobs University's LDAP resp. JACOBS Domain Active Directory for address lookup in email client.

There is a web-based ldap query page available which might substitute for an address book. See How to know your CampusNet user name for more. (login required)

Table of Content

This is not a well-established service yet, there is no experience in IT support for upcoming issues.

Not needed for Outlook+Exchange

If you use Outlook with the Exchange connector, this configuration is not necessary. The Outlook/Exchange address book uses this information already.

Basic Configuration Information

If you are using another client than Microsoft Outlook, you can use the following information to configure your LDAP connection:

Hostname:

jacobs.jacobs-university.de

Recommended Protocol/Port:

636 (standard for secure LDAP, aka LDAPS)

or Protocol/Port:

389 (standard for unsecure LDAP)

Search Base/Base DN:

ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de

Authentication is required

Authentication is required, using JACOBS account. The format of the user name to enter is either "JACOBS\username" or "username@jacobs.jacobs-university.de".

In addition, if requested by the client:

Search Scope:

Sub

Filter:

(none needed)

You have to use your CampusNet credentials to bind. The maximum result set size is limited. Connection is possible only from within Jacobs University's network (by being connected on campus, or by using VPN Access).

Microsoft Outlook

Requirements

Microsoft Outlook 2000, Outlook XP/2002 or 2003, latest service packs, english or german.

How to get it

No additional software installation is required, it's just configuration.

Here are the necessary click paths in various Outlook installations to configure it yourself:

Various Outlook Versions

Outlook 2003 english

In the Outlook main window, while viewing your personal mail folder:

  • Click: Tools
  • Click: E-mail Accounts
  • Click: Add a new Directory or Address Book
  • Click: Next
  • Click: Internet Directory Service (LDAP)
  • Click: Next
  • Enter text: in Server Name: jacobs.jacobs-university.de
  • Click: More Settings
  • Click: OK (pop up)
  • Enter text: in Display Name: Jacobs
  • Click: Search
  • Enter text: in Search base: ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de
  • Click: OK
  • Click: Next
  • Click: Finish
  • Exit Outlook
  • Wait a minute
  • Start Outlook

Outlook 2003 deutsch

In the Outlook main window, while viewing your personal mail folder:

  • Click: Extras
  • Click: E-Mail-Konten
  • Click: Ein neues Verzeichnis oder Adressbuch hinzufügen
  • Click: Weiter
  • Click: Internetverzeichnisdienst (LDAP)
  • Click: Weiter
  • Enter text: in Servername: jacobs.jacobs-university.de
  • Click: Weitere Einstellungen...
  • Click: OK (pop up)
  • Enter text: in Anzeigename: Jacobs
  • Click: Suche
  • Enter text: in Suchbasis: ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de
  • Click: OK
  • Click: Weiter
  • Click: Fertig stellen
  • Exit Outlook
  • Wait a minute
  • Start Outlook

Outlook 2000 english

  • Click: Tools
  • Click: Services
  • Click: Add
  • Click: Microsoft LDAP Directory
  • Click: OK
  • Enter: Directory Service Account: Jacobs
  • Enter: Server Hostname: jacobs.jacobs-university.de
  • Enter: Search Base: ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de
  • Click: OK
  • Click: OK (pop up)
  • Click: OK
  • Exit Outlook
  • Wait a minute
  • Start Outlook

Outlook 2000 german:

In the Outlook main window, while viewing your personal mail folder:

  • Click: Extras
  • Click: Dienste
  • Click: Hinzufügen
  • Click: Microsoft LDAP-Verzeichnis
  • Click: OK
  • Enter: Verzeichnisdienstkonto: Jacobs
  • Enter: Serverhostname: jacobs.jacobs-university.de
  • Enter: Suchbasis: ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de
  • Click: OK
  • Click: OK (pop up)
  • Click: OK
  • Exit Outlook
  • Wait a minute
  • Start Outlook

Test

Write a new email, enter part of a name in the email To:/An: field not existing in the Exchange server address book, e.g. "mostaf". Force name lookup by either clicking the "Check Names" Icon or by selecting menu "Tools -> Check Names". The full name (e.g., "Afgani, Mostafa (nnn)") of the intended user should appear.

Common Errors

Name of server "jacobs.jacobs-university.de" was not entered correctly, or search base "ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de" has typos. Please check, correct, copy&paste, exit Outlook, wait a minute, start Outlook, try again, contact Service Desk for Faculty and Staff.

Known Issues

  • LDAP/AD server is reachable only from within the university network. Using Outlook outside of Jacobs University will yield "ldap server is not reachable" errors (in addition to "MS Exchange server is not reachable error")!. Solution: use VPN Access.
  • If upon writing an email and klicking on "To:/An:" button the address list appears empty, you have to reset the previous addressbook as first for Outlook to look at. Solution: in the Outlook main window:

Click path (Outlook 2003, english):

  • Click: Tools
  • Click: Address Book
  • Click: Tools
  • Click: Options
  • at "Show this address list first:"
  • Select: Global Address List
  • Click: OK
  • Click: File
  • Click: Close

Click path (Outlook 2003, german):

  • Klick: Extras
  • Klick: Adressbuch
  • Klick: Extras
  • Klick: Optionen
  • at "Diese Adressliste zuerst anzeigen:"
  • Select: Globale Adressliste
  • Klick: OK
  • Klick: Datei
  • Klick: Schließen

Mozilla Thunderbird 1.5

Mozilla Thunderbird also supports using LDAP as a directory server. The following configuration information was provided by Afgani, Mostafa Zaman (thanks!):

1. Open the preferences/options dialog

Linux:

Edit -> Preferences

Windows:

Tools -> Options

2. Navigate to the "Composition -> Addressing" tab

3. Under "Address Autocompletion", check "Directory Server", and then click "Edit Directories..."

4. Click "Add"

5. Fill out the dialog as follows:

Name:

Jacobs University Directory

Hostname:

jacobs.jacobs-university.de

Base DN:

ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de

6. Click "OK" and then again "OK" to close the list of servers

7. Click "Close" to complete the LDAP configuration for Thunderbird.

Kontact 1.1.2

Kontact eg. on a SuSE 10 can easily be configured using the LDAP-Lookup

  • Select 'Settings' --> 'Configure Kontact'
  • Select 'Contact' --> 'LDAP Lookup' --> 'Add Host'
  • Host: jacobs.jacobs-university.de
  • Port: 389
  • DN: ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de

That's it.

Evolution

Apparently straightforward (untested, please comment!). Follow the steps as decribed here and use the information from above.

Kmail 1.13.5 on opensuse 11.3

  • Select 'Personal Settings' from the 'Main Menu' --> 'Advanced' --> 'KDE Resources' --> make sure the selection is on 'Contacts' --> 'Add' --> LDAP (Provides access to contacts stored in a LDAP directory server)
  • General:
    Bind DN: campusnetusername@jacobs.jacobs-university.de
    Password: yourcampusnetpassword
    Host: jacobs.jacobs-university.de
    Port: 389
    DN: ou=active,ou=users,ou=campusnet,DC=jacobs,DC=jacobs-university,DC=de
  • Security:
    Security: No
    Authentication: Simple

You can test the settings with the 'Offline Use' function, Just press 'Load into Cache'. You will need to restart Kmail in order to get it working.

23 Comments

  1. Hi,

    The lookup seems to take painfully long when i say "check names". Is there a way to make it work faster? Or is it just the server/connection?

    Thanks a lot,
    Mitul

    1. Actually, this happens from time to time and it is not clear yet why. Maybe due to the regular data update from CampusNet which happens every 15 minutes and requires retrieving and potentially rewriting the 1500+ accounts.

      1. With the switch from the Sun-based LDAP server to a clustered Active Directory, LDAP requests are now blazingly fast.

  2. Could you please post how to configure ldap with evolution? There are some extra options there like Search Filter and Port Options.

    Thanks
    Rahul

    1. I would recommend using thunderbird. At least this is what I use (on Linux, MacOS and Windows). Getting ldap for evolution should be relatively easy. It depends on the flavor of Linux your are using - try http://linux.cudeso.be/linuxdoc/ldap.php#evolution

      regards
      Vikram

    2. Port as given above. No Search Filter required.

  3. works for me (OL2003) only with old settings (ldap.iu-bremen.de) but takes a long time to find entries.

    1. Contrary to ldap.iu-bremen.de, the current system at jacobs.jacobs-university.de requires logon before requests are processed.

      Format of the user name has to be JACOBS\bgodde. Works here.

      Tip: If you are using Outlook for Email, you might want to use the Exchange connect. That includes access to the domain address book and you don't need the LDAP connect any more (it's "included" in the mailbox connect).

  4. For thunderbird, in the Bind DN: you need to put the username i.e. JACOBS\campusnetusername. Then, when you try to write an email it asks you to put in the password for the ldap server. This is when you use jacobs.jacobs-university.de for the server

  5. I can't get it to work with Kontact-4.2.2 and Kmail-4.2.2 - tried the settings mentioned for Kontact and did not work. Tried what Ravi mentioned and did not work.
    Could someone post the old settings, maybe they work?

  6. Is it only but with Mail for Mac OS X doesn't work? The details are exactly as in here but when I type in a partial address in the "to:" field, nothing comes up... :S

    1. This is a screenshot of how the application Address Book in Mac OSX needs to be set up for LDAP to work in the Address Book and Mail (at least it works for me, using Snow Leopard).
      IT, feel free to use this image. http://krupp-college.de/sites/default/files/addressbook.tiff

  7. If you are using SSL (which you should), you might have problems because the SSL Certificate
    has been issued for another name. With Thunderbird, you will not be able to connect (unless you use some plugins).

    So use sad01.jacobs.jacobs-university as hostname instead. The easiest way to check is to try to replicate (use the Offline tab) in configuration.

    1. We've updated the certificates. Could you please try again using jacobs.jacobs-university.de as hostname and tell of the results?

      Ref: Ticket#2010081211000236

      1. It doesn't work in Thunderbird 3.1.3 in any possible way/combination of settings. While jacobs.jacobs-university.de gives the invalid certificate error, sad01.jacobs.jacobs-university.de doesn't give any error but doesn't appear to search at all (I type people's names and no suggestions appear) same with unsecure connection.

        Can you please tell us if there is any problem with the directory?

        Best regards,
        Mihai

        1. Works with the following settings under Thunderbird 3.1.2 / Win XP:


          After you click on Download Now you will be asked for a password wich is your campusnet password.

          1. Well for me it doesn't, and I have tried it before my previous post here, also with same settings without SSL...
            here is the error message that I get: Certificate Error

            Thunderbird 3.1.3, Windows 7 Home Premium 64bit

            1. Just successfully tested with Windows 7 Enterprise x86 and Thunderbird 3.1.4.

            2. Now tested with Windows 7 Enterprise x64 and Thunderbird 3.1.4 and getting the same error message.

              Certificates are all there on Windows 7 x64. Same configuration as on Windows 7 x86.
              Run as administrator does not help.

              Seems that thunderbird has a problem with the 64bit version of Windows 7 and certificate management.

  8. to go through the ldap directory using unix tools, use a command like:

    ldapsearch -x -LLL -E pr=200/noprompt -p 389 -h jacobs.jacobs-university.de -D "jacobs\jdoe" -w mypassword -b "ou=users,ou=campusnet,dc=jacobs,dc=jacobs-university,dc=de"

  9. I just changed from the iu-bremen server to the Jacobs server. I noticed that it's no longer possible to search for people's first names. Somehow the string "Kulaksiz, Serkan (667)" <s.kulaksiz@jacobs-university.de> must be searched only starting with kul, and not serkan for example. Is there a setting for this? The good old system worked both ways (smile) (Using Thunderbird on XP currently).

    1. Did you try searching for "*serk"? But Thunderbird, I have no idea. I guess, Thunderbird is using prefix matching instead of infix.

      Outlook connected to Exchange finds your account if entering either "serk" in the To: field and hitting "Check Names", or via the "Address Book" search using "More Columns" (the default).

      Maybe you can make the Thunderbird search more fuzzy somehow?

      1. *serk worked! Still a bit more work than just typing the name of the person in the "to" field, which is what I'm used to on all other platforms and with the previous server with Thunderbird.