Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 12 Aug 2011 10:32:19 +0000
From:      "Jeff Tipton" <>
Subject:   Zero results for Thunderbird addressbook client quering OpenLDAP server
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help

I installed an OpenLDAP server for an office LAN, and the first thing I wanted it do is a shared address book for e-mail clients. My OpenLDAP server responds ok on ldapsearch, it also can be browsed with phpldapadmin and jxplorer (from a LAN desktop) but I can't get anything from it with Thunderbird and Claws mail addressbooks.

The server OS is 7.4-RELEASE, OpenLDAP is 2.4.26.

To trace the problem, I stripped down all the configuration to a bare minimum, removed all ACLs, and opened the port 389 on the router, so that I can continue remotely (hope I won't need this hole for long). Here's my slapd.conf:

modulepath   /usr/local/libexec/openldap
include         /usr/local/etc/openldap/schema/core.schema
include       /usr/local/etc/openldap/schema/cosine.schema
include       /usr/local/etc/openldap/schema/inetorgperson.schema
database        hdb
suffix          "dc=domainname,dc=tld"
rootdn          "cn=Manager,dc=domainname,dc=tld"
directory       /var/db/openldap-data
index   objectClass,uid,uidNumber,gidNumber   eq
index   cn,mail,surname,givenname             eq,subinitial
rootpw {SSHA}95A/ZTBigrkvH349C6pM6WtI1TMoZRDe
loglevel 256

The database structure:

ldapsearch -W -H ldap://localhost/ -D cn=Manager,dc=domainname,dc=tld -b 'dc=domainname,dc=tld' '(objectclass=*)'
Enter LDAP Password: 
# extended LDIF
# LDAPv3
# base <dc=domainname,dc=tld> with scope subtree
# filter: (objectclass=*)
# requesting: ALL

# domainname.tld
dn: dc=domainname,dc=tld
objectClass: dcObject
objectClass: organization
o: domainname.tld
dc: domainname

# Manager, domainname.tld
dn: cn=Manager,dc=domainname,dc=tld
objectClass: organizationalRole
cn: Manager

# TBabook, domainname.tld
dn: ou=TBabook,dc=domainname,dc=tld
objectClass: organizationalUnit
objectClass: top
ou: TBabook

# John User, TBabook, domainname.tld
dn: cn=John User,ou=TBabook,dc=domainname,dc=tld
objectClass: inetOrgPerson
objectClass: top
objectClass: person
cn: John User
givenName: John
mail: john@domainname.tld
sn: User

# search result
search: 2
result: 0 Success

# numResponses: 5
# numEntries: 4

Now, on  thunderbird-3.1.11. FreeBSD 8.2 8.2-RELEASE (also tried from other OSes with Thunderbird 3 and Claws):
-made an account "john@domainname.tld"
-created a "New LDAP directory" with these settings:
Name: MyCompany Public
Hostname: mail.domainname.tld
Base DN: cn=TBabook,dc=domainname,dc=tld
Port number: 389 (that's open on the company's router, pointing to the OpenLDAP server, and I can make a remote ldapsearch successfully)
Bind DN: cn=Manager,dc=domainname,dc=tld
When, after these settings, I press "OK", nothing happens. When I go to the "Offline" tab and press "Download", Thunderbird prompts for a password. I fill in the Manager's (rootdn) password, check the "Remember" box, then "Ok", and Thunderbird responds with "Replication succeeded". But nothing appears in the addressbook. Meanwhile these rows were appended to the server's /var/log/debug.log:

Aug 12 12:04:36 server slapd[54734]: conn=1018 fd=14 ACCEPT from IP=xx.xx.xx.xx:65161 (IP=
Aug 12 12:04:36 server slapd[54734]: conn=1018 op=0 BIND dn="cn=Manager,dc=domainname,dc=tld" method=128
Aug 12 12:04:36 server slapd[54734]: conn=1018 op=0 BIND dn="cn=Manager,dc=domainname,dc=tld" mech=SIMPLE ssf=0
Aug 12 12:04:36 server slapd[54734]: conn=1018 op=0 RESULT tag=97 err=0 text=
Aug 12 12:04:36 server slapd[54734]: conn=1018 op=1 SRCH base="ou=TBabook,dc=domainname,dc=tld" scope=2 deref=0 filter="(objectClass=*)"
Aug 12 12:04:36 server slapd[54734]: conn=1018 op=1 SEARCH RESULT tag=101 err=0 nentries=2 text=
Aug 12 12:04:38 server slapd[54734]: conn=1018 op=2 UNBIND
Aug 12 12:04:38 server slapd[54734]: conn=1018 fd=14 closed

I also tried to add mozillaAbPersonAlpha.schema to my OpenLDAP and its objectClass to the "John User" but that didn't change anything. There's also a perhaps unrelated thing: the /usr/local/etc/rc.d/slapd script is only able to start openldap. In order to stop it, I have to kill it by PID.

So, very simple situation, but I can't get it work. Anyone has ideas of how to find the cause? Thanks in advance.

Want to link to this message? Use this URL: <>