LDAP in Thunderbird

Configuring LDAP in Thunderbird

If you would like to check that your mail program is correctly set up for accessing Hermes, please see the page on configuring Thunderbird for Hermes.

Note. The University LDAP Directory is only available to mail clients on computers on the Cambridge network. If you are away from Cambridge and wish to use the University LDAP Directory then you will need to use the VPN service so that your computer appears to be on the Cambridge network. Alternatively you can use Hermes Webmail.

The instructions on this page are for configuring the University LDAP Directory for use with your Cambridge account, rather than as a global setting. This will leave you free, if you have other accounts, to set different LDAP directories for use with these where relevant.

For Thunderbird (depending on operating system and Thunderbird version) select Tools > Account Settings or Edit > Account Settings

• Under your Cambridge email account name (you may need to first select the arrow to see the options), select Composition & Addressing
• Select the box by Use a different LDAP Server to add a tick
• Select the Edit Directories... button and in the LDAP Directory Servers window that appears click the Add button
• In the Directory Server Properties window that appears, under:
  • Name: Give your directory entry a suitable name, e.g. University directory to make it easy to recognize
  • Hostname: Type ldap.lookup.cam.ac.uk
  • Base DN: Type ou=people,o=University of Cambridge,dc=cam,dc=ac,dc=uk (be sure to type it exactly as it appears on this page)
  • The University LDAP server supports secure LDAP connections. Use of secure connections is good practice to secure the personal data provided by the service. To set this, check the Use secure connection (SSL) box; the port number automatically changes to 636.
    Note: If you intend to use the Lapwing wireless service you must use this setting since Lapwing does not allow insecure LDAP connections.
  • Select OK to save the changes
• Select OK to exit the LDAP Directory Servers window
• From the pull-down menu under the Use a different LDAP Server select the name of the server (e.g. University directory)
• Select OK to exit the Account Settings window.

On some more recent versions of Thunderbird, this may not work correctly, and Thunderbird will be unable to connect to LDAP when using a secure connection. If this happens, the following additional steps may be required to make it work:

• Open the main Thunderbird preferences  and navigate to Advanced > Certificates.
• In those settings, uncheck the option named Query OCSP responder servers to confirm the current validity of certificates.

Using the LDAP Directory to find an address

• Open a new Compose window
• In the To: field start typing the family name (or partial name) of the person you want to search for. Where possible use 4 or more characters as this will make the search more efficient
• If the search returns just the right person the name and address will be added to the recipient list of your email. If the search returns a list of names, scroll down until you highlight the correct name which will then be added
• Repeat this procedure until you have added all the required recipients to your message.