LDAP Search base settings for Mac OS X Address Book

Posted on 2009-12-29
Last Modified: 2013-12-19
OS: Mac OS X 10.5.8
Mac OS X Address Book 4.1.2
LDAP server does not use SSL and is on a separate server from our exchange server
Exchange Server: OS - Windows 2003, Member Server

Hello. I'm trying to get the Mac OX X Address Book to do an ldap lookup of our active directory users starting at the following Ou:   DOMAIN NAME/SALES/SALES USERS.

I can create the Ldap server (Address Book-Preferences-LDAP - screenshot LDAP LOOKUP attached). I can see entry I've created listed in the address book directories but it is empty (ldap directory screenshot attached) so it's not pulling  in the names and addresses. I've rebooted the laptop and restarted Mail and Address Book applications.

The account I'm using has permissions to look at our AD via ldap as we've used this account for ldap lookup for other applications (canon uniFlow).

I suspect that I've entered the wrong data in the Search Base field. I've tried having a playaround with the DN and OU/distinguished name listings in that field but without any luck. If someone could advise on what I need to enter in the search base field I would be grateful.

Apologies if I haven't given enough info. If you need more info please let me know. Thanks in advance, Paul.
Question by:bamford_sup
    LVL 35

    Accepted Solution

    Im not a mac guy here at all so I will see if i can help you out anyways. The Search base look alright form what is shown but i cant see it all. I would suggest the easiest way to get the correct search base would be to download ADexplorer and run in on a windows machine.

    This does not have to be ran on a DC or anything special a regular xp machine will work. Using this tool you can connect to one of your AD servers and then browse visually to the correct OU. Selecting that OU will display information in the right hand pane. One of the pieces of info will be the distinguished name of the OU. From here you can double click the distinguished name value and copy it.

    Doing it this way will ensure you have the right distinguished name for the search base.

    Besides that what are the other options for scope and authentication? Do you happen to have a plaintext authentication available?

    Author Comment

    Hi xxdcmast. Thanks for your reply. I downloaded and ran it. Interestingly/annoyingly, I was getting a logon error message using the assetbank-webapp account. Put in a different set of credentials and it all loaded up on my home machine and saw the DN for the OU so thanks for that.

    After putting in the DN and the different credentials I saved the ldap settings. The names and email addresses didn't populate in the LDAP LOOKUP directory in Address Book straightaway. I restarted mail and address book but still the directory is empty. Can you possibly advise how long it takes to do the import and if it happens automatically or is there some manual setting I then have to click?

    Author Comment

    Hi xxdcmast. Just removed the ldap:// prefix from the server field and saved it and it all worked fine. Thank you so much for your help - the ad explorer is handy. I'll be sending the points to you. Thanks, Paul.

    Author Closing Comment

    Thanks once again! Take care.
    LVL 35

    Expert Comment

    by:Joseph Daly
    More than likely the address book important should have come instantly if everything worked. If this address book is similar to others I have set up u should be able to do a search on a user as soon as you entered the ldap settings.

    What other options for scope and authentication do you have?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    This article describes some very basic things about SQL Server filegroups.
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    6 Experts available now in Live!

    Get 1:1 Help Now