This Mobile module feature offers an LDAP Address Book to which Outlook clients may connect to access the system’s GAL, the user’s Address Books, and other Admin-defined Address Books.
As the endpoint to which Outlook clients connect, this service is at the heart of the LDAP Address Book functionality.
The service is available on all mailbox services’ port 8389 and employs the TLS encryption protocol.
To strengthen system security, this endpoint is read-only.
Using LDAP to Access the Address Book
Outlook clients can only access the LDAP Address Book using the same credentials used for the Exchange ActiveSync connection (email address and either their password or a special Mobile Password).
Clients can access the service by dialling port 8389 on the mailbox server that hosts their mailbox.
Another approach is to build custom firewall rules to redirect port 8389 from the proxy to the mailbox server, as described in the procedure below, which requires certain system files to be modified and assuming the mailbox server is located at local IP 10.129.67.1.
- Configure IPv4 forwarding.
- Add the following firewall rules to your proxy’s iptables script:
Address and Contact Books
The LDAP Address book offers access to the following objects by default:
- Address books and contacts saved by the user.
- The GAL of the user.
Address books from other users (such as shared ones) are not displayed in the LDAP Address Book.
The Administrator can expose additional Address Books at the domain and global levels using the zxsuite mobile addressBook subcommands.
- zxsuite mobile addressBook add – This command adds a new Address Book to the LDAP Address Book.
- zxsuite mobile phone numberBook list – returns a list of all currently exposed Address Books in the LDAP Address Book.
- zxsuite mobile addressBook delete – Removes an Address Book from the LDAP Address Book.
The first parameter of the addressBook add command is the scope of the Address Book, which might be “Global” or “Domain.”
Both commands also need the address book’s owner, either in email or zimbraID form, as well as the FolderID of the address book being added, e.g.
add global email@example.com to zxsuite mobile addressBook 7
- This will add the firstname.lastname@example.org user’s folder 2 (the usual /Contacts folder) to the LDAP Address Book of all users in the system.
- add domain example.com email@example.com to zxsuite mobile addressBook 7
This will add the firstname.lastname@example.org user’s folder 7 (the default /Contacts folder) to the LDAP Address Book of all users in the ”example.com” domain.
The addressBook remove command utilises the same syntax and parameters as the addressBook add command to remove an Address Book from the LDAP Address Book via the appropriate scope.
Additional Address Books will be displayed in Outlook’s LDAP Search by separating the owner’s Display Name and the Address Book name with a slash, for example, “John Doe/EMEA Distributors.”
Simply follow these procedures to access the LDAP Address Book from Outlook:
- Enter the “Address Books” tab and click “Add” in the “Account Settings” section.
- Select “Internet Directory Service (LDAP)” and then hit the “Next” button.
- Enter the mailbox server’s direct URL, then check the “This server requires me to log in” box and enter your email address and password (or Mobile Password if it already exists).
- Select “More Settings” from the drop-down menu.
- Enter the server’s URL as the Display Name and 8389 as the port in the “Connection” tab, then check the “Use Secure Socket Layer” box.
- Select “Custom” as the search base in the “Search” tab and leave the input field blank.
- To complete the procedure, click “Ok” to close the “More Options” window and “Next” to dismiss the “Add Account” page.
designating an address book
Own Address Books retrieved through LDAP in Outlook are titled with a slash character preceding the name of the folder, e.g. “/Contacts”.
GAL entries and Address Books also include the datasource name, such as “InternalGAL/_zimbra.”
Other users’ Address Books feature the owner’s Display Name and the folder name, for example, “John Doe/EMEA Partners.