1

Topic: Problem with address book download in Thunderbird

==== Provide required information ====
- iRedMail 0.1.8 and backend LDAP
- Linux CentOS 6.2
====
Hello!

Unfortunately we have another one problem with LDAP address book download. I configured Thunderbird client as follows in
http://www.iredmail.org/wiki/index.php? … r.iRedMail

Here are settings:

tab General:
Name: Global LDAP Address Book
Hostname: 1.2.3.4
Base DN: domainName=domain1.ru,o=domains,dc=domain1,dc=ru
Port Number: 636
Bind DN: mail=test@domain1.ru,ou=Users,domainName=domain1.ru,o=domains,dc=domain1,dc=ru

tab Advanced:
Don't return more than xxx results: 100
Scope: Subtree.
Search filter: (&(enabledService=mail)(enabledService=deliver)(enabledService=displayedInGlobalAddressBook)(|(objectClass=mailList)(objectClass=mailAlias)(objectClass=mailUser)))
Login method: Simple.

I configured OpenLDAP to accept secure incoming connections in 636 port.
/etc/sysconfig/ldap
....
SLAPD_LDAPS=yes
....

636 port is listened and connection to it is established.

But when I push Download Now in tab Offline of Thunderbird I get Replication error.

In /var/log/openldap.log I following at that time:
Aug  3 11:04:39 mail slapd[1235]: daemon: read active on 15
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: connection_get(15)
Aug  3 11:04:39 mail slapd[1235]: connection_get(15): got connid=1162
Aug  3 11:04:39 mail slapd[1235]: connection_read(15): checking for input on id=1162
Aug  3 11:04:39 mail slapd[1235]: connection_read(15): TLS accept failure error=-1 id=1162, closing
Aug  3 11:04:39 mail slapd[1235]: connection_closing: readying conn=1162 sd=15 for close
Aug  3 11:04:39 mail slapd[1235]: connection_close: conn=1162 sd=15
Aug  3 11:04:39 mail slapd[1235]: daemon: removing 15
Aug  3 11:04:39 mail slapd[1235]: daemon: activity on 1 descriptor
Aug  3 11:04:39 mail slapd[1235]: conn=1162 fd=15 closed (TLS negotiation failure)
Aug  3 11:04:39 mail slapd[1235]: daemon: activity on:
Aug  3 11:04:39 mail slapd[1235]:
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
Aug  3 11:04:39 mail slapd[1235]: daemon: epoll: listen=11 active_threads=0 tvp=NULL

Could you help with this problem? Thanks a lot.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Problem with address book download in Thunderbird

Please use port 389 with TLS support instead.

3

Re: Problem with address book download in Thunderbird

Ok, but how can we configure it?

4

Re: Problem with address book download in Thunderbird

Use port number 389 instead of 636 please.

5

Re: Problem with address book download in Thunderbird

This mailsystem is in the Internet and we can't use unsecure connection.

6

Re: Problem with address book download in Thunderbird

Does port 636 work if you test on your local server with below command? Replace dc=example,dc=com by your real LDAP suffix below.

# ldapsearch -H ldaps://localhost:636 -D 'cn=Manager,dc=example,dc=com' -W -b 'o=domains,dc=example,dc=com' dn

Also, show me output of below command:

# ldapsearch -x -d 1 -Z -H ldaps://localhost:636 -D 'cn=Manager,dc=example,dc=com' -W -b 'o=domains,dc=example,dc=com' dn

if it doesn't work, please add below setting in /etc/openldap/ldap.conf and try again:

TLS_REQCERT never

7

Re: Problem with address book download in Thunderbird

UPDATE:

I googled and try all possible solutions i found, and tested with Thunderbird and Apple Mail.app, but i cannot get it fixed.
So sorry about this trouble. Please ask in OpenLDAP and/or Mozilla Thunderbird mailing list instead.