Connect Thunderbird to Nethserver Addressbook

v6
openldap
v7
mail

(Nicky) #1

NethServer Version: 6.9 & 7.3
Module: LDAP

Hi,

For testing LDAP Server, I have the version 7.3 installed (VM).

I connect with the following settings:
ldap_1

This will show me all entries.

what is the bind-password required for?

When I enter the value in Bind DN (cn=ldapservice,dc=directory,dc=nh), it asks me for the password. However, the displayed bind-password (mIhr5MHrPt5iSTfh) is not accepted. The same applies to the Admin-Password.
What am I doing wrong here?

I only use the version 6. I would like to know, if I can also connect to the NS address book here via LDAP??

Where can I find the connection data as well as the password if needed?

Last Question:
Is it possible to create entries from an external address book like Thunderbird?

Thanks for the support,

Nicky


(Markus Neuberger) #2

You don’t need user/password for showing the LDAP entries in Thunderbird but you can’t write entries. It should work on NS6 too.

You may use sogo with thunderbird:

https://wiki.nethserver.org/doku.php?id=sogo#mozilla_thunderbird_and_lightning


Change account provider setting / Re-install from scratch
(Nicky) #3

Hi Markus,

It dosnt work with NS 6.9. I have only changed the IP to NS 6.9.

I would like to connect with Thunderbird-Tools, without installing additional software.

I have run the Command:

[root@cloud tls]# ldapsearch -Y EXTERNAL

> SASL/EXTERNAL authentication started
> SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> SASL SSF: 0
> # extended LDIF
> #
> # LDAPv3
> # base <dc=directory,dc=nh> (default) with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
> 
> # directory.nh
> dn: dc=directory,dc=nh
> objectClass: top
> objectClass: dcObject
> objectClass: organization
> dc: directory
> o: Erhardt-IT
> 
> # People, directory.nh
> dn: ou=People,dc=directory,dc=nh
> objectClass: top
> objectClass: organizationalUnit
> ou: People
> 
> # Groups, directory.nh
> dn: ou=Groups,dc=directory,dc=nh
> objectClass: top
> objectClass: organizationalUnit
> ou: Groups

Are there any other ways to test the directory if it is possible to connect?
Everything works fine with version 7…

Nicky


(Nicky) #4

The program “Softerra LDAP Admin” can only connect to LDAP in NS 7.

Version 6 probably does not support LDAP.

Nicky

I have found this in the Manual:

Anonymous access:
Some LDAP clients and/or legacy environments may require anonymous bind to the LDAP accounts database. Currently only authenticated binds over TLS/SSL are granted access to the LDAP tree. But you can give access without bind with the following command:

perl -MNethServer::Directory -e ‘$l = NethServer::Directory->new(); $l->enforceAccessDirective(“by anonymous read”, “*”);’

This command is not easily reversible.

Does anyone know this command?

Nicky


(Markus Neuberger) #5

This command allows anonymous binds which makes Thunderbird work. I tried it and it worked.

The problem with Softerra LDAP Admin may be that it doesn’t allow the self-signed cert of NethServer. With ldapadmin you are asked to allow the cert and it works:

You may connect with a standard user like admin

uid=admin,ou=People,dc=directory,dc=nh

or with the ldap account libuser

cn=libuser,dc=directory,dc=nh

to port 389 with TLS enabled and following base DN:

dc=directory,dc=nh