facebooktwittergoogle_plusredditpinterestlinkedinmail

Zimbra save all account and profile information on the LDAP database. Zimbra has no function for only import and export it’s account, although they have bundled Zimbra to Zimbra migration command. The Zimbra to Zimbra migration command export all mailbox and account while I only need a list of account with some primary fields like password, first name, full name, etc, especially for testing purpose only.

I decided to create a simple script that look for related information on Zimbra LDAP with the following algorithm :

  1. Check  Zimbra version, because Zimbra 5 and Zimbra 6 has different method for accessing LDAP and also these are a few changes on Zimbra CLI. Zimbra 6 need paramater for command while Zimbra 5 doesn’t need it, e.g, on Zimbra 5, running zmprov gaa will list all Zimbra account but on Zimbra 6 we must use zmprov -l gaa to display same result.
  2. Export all account profile to temporary parameter and loop for all account
  3. Skip all system account : admin, ham, spam, galsync and wiki. All these system account doesn’t need to be exported because Zimbra will create all system account on installation process.
  4. Get all account identity/fields from Zimbra LDAP by using  LDAPsearch command
  5. Create a text file with zmp extension. This file will contains  zmprov ca command with proper parameter from step 4
  6. Create ldif file for updating Zimbra LDAP password, because Zimbra LDAP using SSHA encryption and the better method for updating Zimbra LDAP password is using ldapmodify command.
  7. Finish

Algorithm for Import Account

  1. Check whether user are already on Zimbra user environment or not
  2. Check is there existing  zmp and ldif file (the result from export script)
  3. Import zmp file
  4. Run ldapmodify command to change Zimbra LDAP password by using  ldif data
  5. Finish

Please remember that you must running export  script by using root privilege  but the  import account must be run within  Zimbra user environment (su – zimbra).

Look at following example to run Zimbra Account export script :

su
cd /srv
wget -c http://vavai.com/wp-content/uploads/exim-acc-zcs.tar.gz
tar -zxvf exim-acc-zcs.tar.gz
cd exim-acc-zcs
./export-acc-zcs.sh

The above command will produce  zcs-acc-add.zmp and zcs-acc-mod.ldif file. Copy all four file (the last two are  script file) onto some folder on target server and run the following command to import the account and it’s profile :

su
su - zimbra
cd /home/vavai
./import-acc-zcs.sh

Script has been sucessfully tested on Zimbra 6.0.5, 6.0.6 dan 6.0.7 on SUSE Linux Enterprise Server 11 and openSUSE 11.

Download Zimbra Account Export-Import Script by click on the download icon belows :

Script for export :

#!/bin/sh

#Hapus Layar
clear

echo -e "###################################################################################"
echo -e "# Zimbra export-acc-zcs.sh ver 0.0.2                                              #"
echo -e "# Skrip untuk export account Zimbra berikut profile dan password                  #"
echo -e "# Masim 'Vavai' Sugianto - vavai@vavai.com - http://www.vavai.com                 #"
echo -e "# Untuk saran dan pertanyaan silakan menggunakan Milis Komunitas Zimbra Indonesia #"
echo -e "# Link Komunitas : http://www.zimbra.web.id - http://www.opensuse.or.id           #"
echo -e "###################################################################################"

# /* Variable untuk bold */
ibold="33[1m""n===> "
ebold="33[0m"

# /* Parameter */
echo ""
echo -n "Enter Domain Name (ex : vavai.com) : "
read NAMA_DOMAIN
echo -n "Enter path folder for exported account (ex : /home/vavai/) : "
read FOLDER

# /* Membuat file hasil export dan mengisi nama domain */
NAMA_FILE="$FOLDER/zcs-acc-add.zmp"
LDIF_FILE="$FOLDER/zcs-acc-mod.ldif"

rm -f $NAMA_FILE
rm -f $LDIF_FILE

touch $NAMA_FILE
touch $LDIF_FILE

echo "createDomain $NAMA_DOMAIN" > $NAMA_FILE

# /* Check versi Zimbra yang digunakan */
VERSION=`su - zimbra -c 'zmcontrol -v'`;
ZCS_VER="/tmp/zcsver.txt"
# get Zimbra LDAP password
ZIMBRA_LDAP_PASSWORD=`su - zimbra -c "zmlocalconfig -s zimbra_ldap_password | cut -d ' ' -f3"`

touch $ZCS_VER
echo $VERSION > $ZCS_VER

echo -e $ibold"Retrieve Zimbra User.............................."$ebold

grep "Release 5." $ZCS_VER
if [ $? = 0 ]; then
USERS=`su - zimbra -c 'zmprov gaa'`;
LDAP_MASTER_URL=`su - zimbra -c "zmlocalconfig -s ldap_master_url | cut -d ' ' -f3"`
fi

grep "Release 6." $ZCS_VER
if [ $? = 0 ]; then
USERS=`su - zimbra -c 'zmprov -l gaa'`;
LDAP_MASTER_URL="ldapi:///"
fi

echo -e $ibold"Processing account, please wait.............................."$ebold
# /* Proses insert account kedalam file hasil export */
for ACCOUNT in $USERS; do
NAME=`echo $ACCOUNT`;
DOMAIN=`echo $ACCOUNT | awk -F@ '{print $2}'`;
ACCOUNT=`echo $ACCOUNT | awk -F@ '{print $1}'`;
ACC=`echo $ACCOUNT | cut -d '.' -f1`

if [ $NAMA_DOMAIN == $DOMAIN ] ;
then
OBJECT="(&(objectClass=zimbraAccount)(mail=$NAME))"
dn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep dn:`


displayName=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep displayName: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`


givenName=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep givenName: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

userPassword=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep userPassword: | cut -d ':' -f3 | sed 's/^ *//g' | sed 's/ *$//g'`

cn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep cn: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

initials=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep initials: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

sn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep sn: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

	if [ $ACC == "admin" ] || [ $ACC == "wiki" ] || [ $ACC == "galsync" ] || [ $ACC == "ham" ] || [ $ACC == "spam" ]; then
    		echo "Skipping system account, $NAME..."
	else
		echo "createAccount $NAME passwordtemp displayName '$displayName' givenName '$givenName' sn '$sn' initials '$initials' zimbraPasswordMustChange FALSE" >> $NAMA_FILE

    		echo "$dn
changetype: modify
replace: userPassword
userPassword:: $userPassword
" >> $LDIF_FILE
    		echo "Adding account $NAME"
	fi
else
	echo "Skipping account $NAME"
fi

done
echo -e $ibold"All account has been exported sucessfully into $NAMA_FILE and $LDIF_FILE..."$ebold

Script for import :

#!/bin/sh

#Hapus Layar
clear

echo -e '###################################################################################'
echo -e '# Zimbra import-zcs-acc.sh ver 0.0.1                                              #'
echo -e '# Skrip untuk import data account Zimbra                                          #'
echo -e '# Masim 'Vavai' Sugianto - vavai@vavai.com - http://www.vavai.com                 #'
echo -e '# Untuk saran dan pertanyaan silakan menggunakan Milis Komunitas Zimbra Indonesia #'
echo -e '# Link Komunitas : http://www.zimbra.web.id - http://www.opensuse.or.id           #'
echo -e '###################################################################################'

# /* Variable untuk bold */
ibold="33[1m""n===> "
ebold="33[0m"


if [ "$USER" != "zimbra" ]
then
        echo -e $ibold"You need to be user zimbra to run this script..."$ebold
	exit
fi

CURRENT_FOLDER=`pwd`;

echo ""
echo -e "Please verify that you have copied zcs-acc-add.zmp & zcs-acc-mod.ldif on current folder !"
echo -e "Current Folder : $CURRENT_FOLDER, Please change to your folder before running this script."
echo -e "Press ENTER to continue..."
read jawab

if [ -f ./zcs-acc-add.zmp ];
then
   if [ -f ./zcs-acc-add.zmp ];
	then
   		echo -e $ibold"Importing account..."$ebold

		ZIMBRA_LDAP_PASSWORD=`zmlocalconfig -s zimbra_ldap_password | cut -d ' ' -f3`

#		cat ./zcs-acc-add.zmp | su - zimbra -c zmprov
		zmprov < $CURRENT_FOLDER/zcs-acc-add.zmp

		echo -e $ibold"Modify password..."$ebold

                
                ldapmodify -f "$CURRENT_FOLDER/zcs-acc-mod.ldif" -x -H ldapi:/// -D cn=config -w $ZIMBRA_LDAP_PASSWORD
                
#		su - zimbra -c '$LDAP_CMD'

		echo -e $ibold"Zimbra account has been modified sucessfully ..."$ebold

	else
   		echo "Sorry, file $CURRENT_FOLDER/zcs-acc-mod.ldif does not exists, import process will not be continue..."
		exit
	fi
else
   echo "Sorry, file $CURRENT_FOLDER/zcs-acc-add.zmp does not exists, import process will not be continue..."
   exit
fi

2 Thoughts on “Script for Export-Import Zimbra Mail Server Account & Password

  1. Pingback: openSUSE News

  2. Pingback: Tips : Export-Import Zimbra Account Data Into LDAP Data | Spirit of Change

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Post Navigation