Mozilla Thunderbird is an excellent free mail client, but it doesn’t work as smoothly with Microsoft Exchange as Outlook does. In a previous post, I showed how to connect Thunderbird to an Exchange mailbox using IMAP. Unfortunately, connecting to the mailbox doesn’t give you access to the Global Address List (GAL). In this article, I’ll show you how to search your organization’s Active Directory database (which is where the GAL comes from) using Thunderbird’s address book.

These instructions were written based on Mozilla Thunderbird 17.0. If I made any mistakes or left anything out, please let me know in the comments.

1. In Thunderbird, open the Address Book.
2. On the Tools menu, select Options.
3. Click on the Composition button and then on the Addressing tab.
4. Check the Directory Server box.
5. Click the Edit Directories button.
6. In the LDAP Directory Servers window, click on Add.
7. On the General tab of the Directory Server Properties window, fill in the fields as follows:
   • Name: You can put anything you want here.
   • Hostname: Enter the Fully Qualified Domain Name (FQDN) of a domain controller in your organization. This must be a domain controller that you can reach from your computer.
   • Base DN: Enter the full canonical name of the Active Directory Organizational Unit that contains your organization’s user accounts. In smaller organizations, this will usually be “cn=Users,dc=domain,dc=com”, where “domain” and “com” are the domain name and top level domain name of your domain. If you worked at Contoso and your user accounts were under an OU called Employees, your Base DN value would be “ou=Employees,dc=contoso,dc=com”.
   • Port Number: If you use SSL to connect to the domain controller, this port number will probably be 636. If you do not use SSL, it will probably be 389.
   • Bind DN: If you are not on a domain-joined computer, enter the full User Principal Name (UPN) of a user account that has access to the organization directory. Your own username will probably work. If you are logged onto a domain-joined computer with a domain user account, you can usually leave this field blank.
   • Use secure connection (SSL): I recommend you check this box. If you find you can’t connect, you can uncheck it later.
8. On the Advanced tab of the Directory Server Properties window, change the Login method to Kerberos (GSSAPI).
9. Click OK on the Directory Server Properties window and again on the LDAP Directory Servers window.
10. If you entered a UPN in the Bind DN field, you should be prompted for a password at this time.
11. Back in the Options window, click the drop down box next to Directory server and select your new directory server entry from the drop down list.

If everything is set up correctly, you should be able to use the search field in the Address Book to find entries from your Active Directory database.

Adding an LDAP address book to Thunderbird