1 (edited by nurlan1992 2018-08-07 22:43:26)

Topic: Outlook not showing global address book

======== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  0.9.8
- Linux/BSD distribution name and version: Centos 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Outlook now showing global address book, made setup from this tutorial: https://docs.iredmail.org/use.openldap. … tlook.html

but from SOGo, everything is ok.

WTF?

using outlook 2013

Post's attachments

address book.PNG 41.15 kb, file has never been downloaded. 

address book2.PNG
address book2.PNG 13.47 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Outlook not showing global address book

You need to turn on debug mode in OpenLDAP to make sure LDAP settings in Outlook are correct.
And no more "WTF" please.

3

Re: Outlook not showing global address book

ZhangHuangbin wrote:

You need to turn on debug mode in OpenLDAP to make sure LDAP settings in Outlook are correct.
And no more "WTF" please.

how to turn off autodiscovery please? i dont have Pro edition.

Outlook searching not properly subdomains.

4

Re: Outlook not showing global address book

nurlan1992 wrote:

how to turn off autodiscovery please? i dont have Pro edition.

iRedMail doesn't have autodiscovery, you need to check your Outlook settings manually.

5

Re: Outlook not showing global address book

ZhangHuangbin wrote:
nurlan1992 wrote:

how to turn off autodiscovery please? i dont have Pro edition.

iRedMail doesn't have autodiscovery, you need to check your Outlook settings manually.

OpenLDAP logs here, maybe it's help us.

Aug  9 15:22:27 vps571665 slapd[23318]: slap_listener_activate(8):
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=7 active_threads=0 tvp=zero
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=8 busy
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=9 active_threads=0 tvp=zero
Aug  9 15:22:27 vps571665 slapd[23318]: >>> slap_listener(ldap:///)
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: listen=8, new connection on 11
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: added 11r (active) listener=(nil)
Aug  9 15:22:27 vps571665 slapd[23318]: conn=1010 fd=11 ACCEPT from IP=37.99.100.105:60012 (IP=0.0.0.0:389)
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: activity on 2 descriptors
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: activity on:
Aug  9 15:22:27 vps571665 slapd[23318]: 11r
Aug  9 15:22:27 vps571665 slapd[23318]:
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: read active on 11
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=7 active_threads=0 tvp=zero
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=8 active_threads=0 tvp=zero
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=9 active_threads=0 tvp=zero
Aug  9 15:22:27 vps571665 slapd[23318]: connection_get(11)
Aug  9 15:22:27 vps571665 slapd[23318]: connection_get(11): got connid=1010
Aug  9 15:22:27 vps571665 slapd[23318]: connection_read(11): checking for input on id=1010
Aug  9 15:22:27 vps571665 slapd[23318]: op tag 0x60, time 1533820947
Aug  9 15:22:27 vps571665 slapd[23318]: conn=1010 op=0 do_bind
Aug  9 15:22:27 vps571665 slapd[23318]: >>> dnPrettyNormal: <mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk>
Aug  9 15:22:27 vps571665 slapd[23318]: <<< dnPrettyNormal: <mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk>, <mail=nurlan@acesy.co.uk,ou=users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk>
Aug  9 15:22:27 vps571665 slapd[23318]: conn=1010 op=0 BIND dn="mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk" method=128
Aug  9 15:22:27 vps571665 slapd[23318]: do_bind: version=3 dn="mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk" method=128
Aug  9 15:22:27 vps571665 slapd[23318]: ==> mdb_bind: dn: mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk
Aug  9 15:22:27 vps571665 slapd[23318]: mdb_dn2entry("mail=nurlan@acesy.co.uk,ou=users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk")
Aug  9 15:22:27 vps571665 slapd[23318]: => mdb_dn2id("mail=nurlan@acesy.co.uk,ou=users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk")
Aug  9 15:22:27 vps571665 slapd[23318]: <= mdb_dn2id: got id=0x12
Aug  9 15:22:27 vps571665 slapd[23318]: => mdb_entry_decode:
Aug  9 15:22:27 vps571665 slapd[23318]: <= mdb_entry_decode
Aug  9 15:22:27 vps571665 slapd[23318]: => access_allowed: result not in cache (userPassword)
Aug  9 15:22:27 vps571665 slapd[23318]: => access_allowed: auth access to "mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk" "userPassword" requested
Aug  9 15:22:27 vps571665 slapd[23318]: => acl_get: [1] attr userPassword
Aug  9 15:22:27 vps571665 slapd[23318]: => acl_mask: access to entry "mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk", attr "userPassword" requested
Aug  9 15:22:27 vps571665 slapd[23318]: => acl_mask: to value by "", (=0)
Aug  9 15:22:27 vps571665 slapd[23318]: <= check a_dn_pat: anonymous
Aug  9 15:22:27 vps571665 slapd[23318]: <= acl_mask: [1] applying auth(=xd) (stop)
Aug  9 15:22:27 vps571665 slapd[23318]: <= acl_mask: [1] mask: auth(=xd)
Aug  9 15:22:27 vps571665 slapd[23318]: => slap_access_allowed: auth access granted by auth(=xd)
Aug  9 15:22:27 vps571665 slapd[23318]: => access_allowed: auth access granted by auth(=xd)
Aug  9 15:22:27 vps571665 slapd[23318]: conn=1010 op=0 BIND dn="mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk" mech=SIMPLE ssf=0
Aug  9 15:22:27 vps571665 slapd[23318]: do_bind: v3 bind: "mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk" to "mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk"
Aug  9 15:22:27 vps571665 slapd[23318]: send_ldap_result: conn=1010 op=0 p=3
Aug  9 15:22:27 vps571665 slapd[23318]: send_ldap_result: err=0 matched="" text=""
Aug  9 15:22:27 vps571665 slapd[23318]: send_ldap_response: msgid=22 tag=97 err=0
Aug  9 15:22:27 vps571665 slapd[23318]: conn=1010 op=0 RESULT tag=97 err=0 text=
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: activity on 1 descriptor
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: activity on:
Aug  9 15:22:27 vps571665 slapd[23318]:
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=7 active_threads=0 tvp=zero
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=8 active_threads=0 tvp=zero
Aug  9 15:22:27 vps571665 slapd[23318]: daemon: epoll: listen=9 active_threads=0 tvp=zero

6

Re: Outlook not showing global address book

1: i don't understand the Russian(?) error message in Outlook in your screenshot.
2: According to the openldap log, seems ldap binding (auth) is ok.
3: Could you please show us some screenshots of your Outlook address book settings? We need to know the detailed settings like mentioned in our tutorial:
https://docs.iredmail.org/use.openldap. … tlook.html

7 (edited by nurlan1992 2018-08-10 14:21:44)

Re: Outlook not showing global address book

Please check my settings.

full login field: mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk

https://preview.ibb.co/doRxO9/gal.png

https://image.ibb.co/eMxMi9/gal1.png

8

Re: Outlook not showing global address book

The search base dn is wrong. Mentioned in our doc:

Choose 'Custom' and input the LDAP dn or your mail domain: ou=Users,domainName=testserver.com,o=domains,dc=testserver,dc=com

9 (edited by nurlan1992 2018-08-10 19:06:40)

Re: Outlook not showing global address book

didnt work for me, my custom field looks like that.

ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk

OpenLDAP connection logs

Aug 10 12:59:03 vps571665 slapd[10317]: => acl_mask: access to entry "mail=free.check1@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk", attr "entry" requested
Aug 10 12:59:03 vps571665 slapd[10317]: => acl_mask: to all values by "cn=vmail,dc=acesy,dc=co,dc=uk", (=0)
Aug 10 12:59:03 vps571665 slapd[10317]: <= check a_dn_pat: anonymous
Aug 10 12:59:03 vps571665 slapd[10317]: <= check a_dn_pat: self
Aug 10 12:59:03 vps571665 slapd[10317]: <= check a_dn_pat: cn=vmail,dc=acesy,dc=co,dc=uk
Aug 10 12:59:03 vps571665 slapd[10317]: <= acl_mask: [3] applying read(=rscxd) (stop)
Aug 10 12:59:03 vps571665 slapd[10317]: <= acl_mask: [3] mask: read(=rscxd)
Aug 10 12:59:03 vps571665 slapd[10317]: => slap_access_allowed: read access granted by read(=rscxd)
Aug 10 12:59:03 vps571665 slapd[10317]: => access_allowed: read access granted by read(=rscxd)
Aug 10 12:59:03 vps571665 slapd[10317]: conn=1024 op=1 ENTRY dn="mail=free.check1@acesy.co.uk,ou=users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk"
Aug 10 12:59:03 vps571665 slapd[10317]: <= send_search_entry: conn 1024 exit.
Aug 10 12:59:03 vps571665 slapd[10317]: send_ldap_result: conn=1024 op=1 p=3
Aug 10 12:59:03 vps571665 slapd[10317]: send_ldap_result: err=0 matched="" text=""
Aug 10 12:59:03 vps571665 slapd[10317]: send_ldap_response: msgid=2 tag=101 err=0
Aug 10 12:59:03 vps571665 slapd[10317]: conn=1024 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
Aug 10 12:59:03 vps571665 slapd[10317]: daemon: activity on 1 descriptor
Aug 10 12:59:03 vps571665 slapd[10317]: daemon: activity on:
Aug 10 12:59:03 vps571665 slapd[10317]: 16r
Aug 10 12:59:03 vps571665 slapd[10317]:
Aug 10 12:59:03 vps571665 slapd[10317]: daemon: read active on 16
Aug 10 12:59:03 vps571665 slapd[10317]: daemon: epoll: listen=7 active_threads=0 tvp=zero
Aug 10 12:59:03 vps571665 slapd[10317]: daemon: epoll: listen=8 active_threads=0 tvp=zero
Aug 10 12:59:03 vps571665 slapd[10317]: daemon: epoll: listen=9 active_threads=0 tvp=zero
Aug 10 12:59:03 vps571665 slapd[10317]: connection_get(16)
Aug 10 12:59:03 vps571665 slapd[10317]: connection_get(16): got connid=1019
Aug 10 12:59:03 vps571665 slapd[10317]: connection_read(16): checking for input on id=1019
Aug 10 12:59:03 vps571665 slapd[10317]: op tag 0x63, time 1533898743
Aug 10 12:59:03 vps571665 slapd[10317]: conn=1019 op=5 do_search
Aug 10 12:59:03 vps571665 slapd[10317]: >>> dnPrettyNormal: <o=domains,dc=acesy,dc=co,dc=uk>
Aug 10 12:59:03 vps571665 slapd[10317]: <<< dnPrettyNormal: <o=domains,dc=acesy,dc=co,dc=uk>, <o=domains,dc=acesy,dc=co,dc=uk>
Aug 10 12:59:03 vps571665 slapd[10317]: SRCH "o=domains,dc=acesy,dc=co,dc=uk" 2 0
Aug 10 12:59:03 vps571665 slapd[10317]:    0 0 0
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: AND
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter_list
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: EQUALITY
Aug 10 12:59:03 vps571665 slapd[10317]: end get_filter 0
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: EQUALITY
Aug 10 12:59:03 vps571665 slapd[10317]: end get_filter 0
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: NOT
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: EQUALITY
Aug 10 12:59:03 vps571665 slapd[10317]: end get_filter 0
Aug 10 12:59:03 vps571665 slapd[10317]: end get_filter 0
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: EQUALITY
Aug 10 12:59:03 vps571665 slapd[10317]: end get_filter 0
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: EQUALITY
Aug 10 12:59:03 vps571665 slapd[10317]: end get_filter 0
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter
Aug 10 12:59:03 vps571665 slapd[10317]: OR
Aug 10 12:59:03 vps571665 slapd[10317]: begin get_filter_list

10

Re: Outlook not showing global address book

ZhangHuangbin any help?

11

Re: Outlook not showing global address book

The latest log doesn't help either.

Try "ldapsearch" command on your iRedMail server like this:

ldapsearch -x \
    -D 'mail=nurlan@acesy.co.uk,ou=users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk' \
    -W \
    -b 'ou=users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk'

It will ask you to type password for user "nurlan@acesy.co.uk". If this one works, then Outlook should work.

Also, make sure OpenLDAP is listening on your public network interface, and firewall allows openldap access from external network.

12 (edited by nurlan1992 2018-08-12 20:37:43)

Re: Outlook not showing global address book

please check my search results.

# nurlan@acesy.co.uk, Users, acesy.co.uk, domains, acesy.co.uk
dn: mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy
,dc=co,dc=uk
objectClass: inetOrgPerson
objectClass: mailUser
objectClass: shadowAccount
objectClass: amavisAccount
mail: nurlan@acesy.co.uk
userPassword:: e1NTSEF9TTlZeG50NFNRaUZza2ZJMEZ2N0RVYXp0OHZMNEdZWTZPSmt6Vnc9PQ=
=
uid: nurlan
storageBaseDirectory: /var/vmail
mailMessageStore: vmail1/acesy.co.uk/n/u/r/nurlan-2018.08.07.05.48.05/
homeDirectory: /var/vmail/vmail1/acesy.co.uk/n/u/r/nurlan-2018.08.07.05.48.05/
enabledService: mail
enabledService: deliver
enabledService: lda
enabledService: lmtp
enabledService: smtp
enabledService: smtpsecured
enabledService: pop3
enabledService: pop3secured
enabledService: pop3tls
enabledService: imap
enabledService: imapsecured
enabledService: imaptls
enabledService: managesieve
enabledService: managesievesecured
enabledService: sogo
enabledService: sieve
enabledService: sievesecured
enabledService: forward
enabledService: senderbcc
enabledService: recipientbcc
enabledService: internal
enabledService: lib-storage
enabledService: indexer-worker
enabledService: doveadm
enabledService: dsync
enabledService: shadowaddress
enabledService: displayedInGlobalAddressBook
enabledService: domainadmin
shadowLastChange: 0
amavisLocal: TRUE
mailQuota: 0
domainGlobalAdmin: yes
cn: nurlan
givenName: nurlan
sn: nurlan
preferredLanguage: en_US
accountStatus: active

# search result
search: 2
result: 0 Success

# numResponses: 6
# numEntries: 5

13

Re: Outlook not showing global address book

Did you use the "    -b 'ou=users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk'" with ldapsearch?

Please open file /etc/openldap/slapd.conf, find snippet like below and paste here:

access to dn.regex="domainName=([^,]+),dc=acesy,dc=co,dc=uk"
    ...
    by dn.regex="mail=[^,]+@$1,ou=Users,domainName=$1,dc=acesy,dc=co,dc=uk" read
    ...

It grants users in same domain the "read" privilege, so that the ldapsearch command will return all users in same domain.

14 (edited by nurlan1992 2018-08-13 00:08:23)

Re: Outlook not showing global address book

yes, i did

[root@acesy ~]# ldapsearch -x     -D 'mail=nurlan@acesy.co.uk,ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk'     -W     -b 'ou=Users,domainName=acesy.co.uk,o=domains,dc=acesy,dc=co,dc=uk'

slapd.conf

access to dn.regex="domainName=([^,]+),o=domains,dc=acesy,dc=co,dc=uk$"
    by anonymous                    auth
    by self                         write
    by dn.exact="cn=vmail,dc=acesy,dc=co,dc=uk"   read
    by dn.exact="cn=vmailadmin,dc=acesy,dc=co,dc=uk"  write
    by dn.regex="mail=[^,]+@$1,o=domainAdmins,dc=acesy,dc=co,dc=uk$" write
    by dn.regex="mail=[^,]+@$1,ou=Users,domainName=$1,o=domains,dc=acesy,dc=co,dc=uk$" read
    by users                        none

15

Re: Outlook not showing global address book

i'm tested on outlook 2010,2013 it's not working, but thunderbird LDAP address book  is working.

16

Re: Outlook not showing global address book

what we can do?

17

Re: Outlook not showing global address book

If Thunderbird works, that means server side is ok. i have no idea why Outlook doesn't work. Maybe you can try different Outlook versions for testing.

Also, is server using a self-signed ssl cert?

18

Re: Outlook not showing global address book

>Also, is server using a self-signed ssl cert?
We using LE.

>If Thunderbird works, that means server side is ok. i have no idea why Outlook doesn't work. Maybe you can try different Outlook versions for testing.

I'm tested on Outlook 2010,2013,but not working sad

19

Re: Outlook not showing global address book

I have no idea. sad

20

Re: Outlook not showing global address book

you have tested on other versions of outlook, expect Outlook 2007?

21

Re: Outlook not showing global address book

Search is working, just was needed to put search value in specific field.