Integrate Thunderbird with Active Directory 

Note: this tutorial is based on my post on linux.com, with added information.

To integrate Thunderbird to the AD, you must already have installed and configured Kerberos and Samba so that you can use the net ads to obtain the information you need. There are a lot of documentation out there to get to that point. I will just highlight the main points for the sake of completeness.

We will assume your realm is EXAMPLE.AD and your domain controller, called company_dc is at 172.22.1.34.

Kerberos

The configuration is often held in /etc/krb5.conf and should look like this:

[logging]
 default = FILE:/var/log/kerberos/krb5libs.log
 kdc = FILE:/var/log/kerberos/krb5kdc.log
 admin_server = FILE:/var/log/kerberos/kadmind.log
[libdefaults]
 default_realm = EXAMPLE.AD
[realms]
 EXAMPLE.AD = {
  kdc = company_dc
 }
[domain_realm]
 .company_dc = EXAMPLE.AD

Samba

On my system, the configuration file is found on /etc/samba/smb.conf and the relevant parts are:

  workgroup = YOURWORKGROUP ; it doesn't hurt to leave it in
  realm = EXAMPLE.AD
  netbios name = your_computer_name
  client signing = yes
  client use spnego = yes
  security = ADS
  password server = *
  encrypt passwords = yes
  smb passwd file = /etc/samba/smbpasswd
  username map = /etc/samba/smbusers
  idmap uid = 10000-20000
  idmap gid = 10000-20000
  winbind separator = +
  winbind use default domain = yes
  template homedir = /home/%D/%U
  ldap ssl = no
  unix charset = LOCALE

At this point, you should be able to type:

net ads info

On my machine, it returned:

LDAP server: 172.22.1.34
LDAP server name: company_dc
Realm: EXAMPLE.AD
Bind Path: dc=EXAMPLE,dc=AD
LDAP port: 389
Server time: Fri, 29 Sep 2006 11:21:57 GMT
KDC server: 172.22.1.34
Server time offset: -5

Bind DN

You need to figure out what your Bind DN is in order to login to the LDAP of your AD. You can get it with the following command (replace mydomainloginusername with your own):

net ads search '(sAMAccountName=mydomainloginusername)' userPrincipalName -U mydomainloginusername

Enter your domain login password and the result will be your Bind DN.

Configuring Thunderbird

Address Book

We now have all the information we need. In Thunderbird, open the addressbook with Tools -> Address Book and go to File -> New -> LDAP Directory and enter the following:

Name: My Company LDAP
Hostname: company_dc
Base DN: dc=EXAMPLE,dc=AD (same as Bind Path as returned by net ads info)
Port number: 3268 (the default port will work unreliably, causing lots of hanging and slowing down, while port 3268 will work perfectly)
Bind DN: yourbinddn_as_found_above
Use Secure connection (SSL): off

In the "Advanced" tab, I also selected subtree, but your results may vary

Email

Open the preference panel (Edit -> Preferences) and select the tab "Composition". Under the section Address Autocompletion, check Local Address Books and Directory Server and pick from the dropdown the one you just created (called My Company LDAP in the example). Accept the changes, compose an email and start typing the name of a recipient. It should prompt you for your domain login password, and you may elect to have Thunderbird remember it. Voilà, Autocompletion and address book from your AD in Thunderbird!