facebooktwittergoogle_plusredditpinterestlinkedinmail

Zimbra save all account and profile information on the LDAP database. Zimbra has no function for only import and export it’s account, although they have bundled Zimbra to Zimbra migration command. The Zimbra to Zimbra migration command export all mailbox and account while I only need a list of account with some primary fields like password, first name, full name, etc, especially for testing purpose only.

I decided to create a simple script that look for related information on Zimbra LDAP with the following algorithm :

  1. Check  Zimbra version, because Zimbra 5 and Zimbra 6 has different method for accessing LDAP and also these are a few changes on Zimbra CLI. Zimbra 6 need paramater for command while Zimbra 5 doesn’t need it, e.g, on Zimbra 5, running zmprov gaa will list all Zimbra account but on Zimbra 6 we must use zmprov -l gaa to display same result.
  2. Export all account profile to temporary parameter and loop for all account
  3. Skip all system account : admin, ham, spam, galsync and wiki. All these system account doesn’t need to be exported because Zimbra will create all system account on installation process.
  4. Get all account identity/fields from Zimbra LDAP by using  LDAPsearch command
  5. Create a text file with zmp extension. This file will contains  zmprov ca command with proper parameter from step 4
  6. Create ldif file for updating Zimbra LDAP password, because Zimbra LDAP using SSHA encryption and the better method for updating Zimbra LDAP password is using ldapmodify command.
  7. Finish

Algorithm for Import Account

  1. Check whether user are already on Zimbra user environment or not
  2. Check is there existing  zmp and ldif file (the result from export script)
  3. Import zmp file
  4. Run ldapmodify command to change Zimbra LDAP password by using  ldif data
  5. Finish

Please remember that you must running export  script by using root privilege  but the  import account must be run within  Zimbra user environment (su – zimbra).

Look at following example to run Zimbra Account export script :

su
cd /srv
wget -c http://vavai.com/wp-content/uploads/exim-acc-zcs.tar.gz
tar -zxvf exim-acc-zcs.tar.gz
cd exim-acc-zcs
./export-acc-zcs.sh

The above command will produce  zcs-acc-add.zmp and zcs-acc-mod.ldif file. Copy all four file (the last two are  script file) onto some folder on target server and run the following command to import the account and it’s profile :

su
su - zimbra
cd /home/vavai
./import-acc-zcs.sh

Script has been sucessfully tested on Zimbra 6.0.5, 6.0.6 dan 6.0.7 on SUSE Linux Enterprise Server 11 and openSUSE 11.

Download Zimbra Account Export-Import Script by click on the download icon belows :

Script for export :

#!/bin/sh

#Hapus Layar
clear

echo -e "###################################################################################"
echo -e "# Zimbra export-acc-zcs.sh ver 0.0.2                                              #"
echo -e "# Skrip untuk export account Zimbra berikut profile dan password                  #"
echo -e "# Masim 'Vavai' Sugianto - vavai@vavai.com - http://www.vavai.com                 #"
echo -e "# Untuk saran dan pertanyaan silakan menggunakan Milis Komunitas Zimbra Indonesia #"
echo -e "# Link Komunitas : http://www.zimbra.web.id - http://www.opensuse.or.id           #"
echo -e "###################################################################################"

# /* Variable untuk bold */
ibold="33[1m""n===> "
ebold="33[0m"

# /* Parameter */
echo ""
echo -n "Enter Domain Name (ex : vavai.com) : "
read NAMA_DOMAIN
echo -n "Enter path folder for exported account (ex : /home/vavai/) : "
read FOLDER

# /* Membuat file hasil export dan mengisi nama domain */
NAMA_FILE="$FOLDER/zcs-acc-add.zmp"
LDIF_FILE="$FOLDER/zcs-acc-mod.ldif"

rm -f $NAMA_FILE
rm -f $LDIF_FILE

touch $NAMA_FILE
touch $LDIF_FILE

echo "createDomain $NAMA_DOMAIN" > $NAMA_FILE

# /* Check versi Zimbra yang digunakan */
VERSION=`su - zimbra -c 'zmcontrol -v'`;
ZCS_VER="/tmp/zcsver.txt"
# get Zimbra LDAP password
ZIMBRA_LDAP_PASSWORD=`su - zimbra -c "zmlocalconfig -s zimbra_ldap_password | cut -d ' ' -f3"`

touch $ZCS_VER
echo $VERSION > $ZCS_VER

echo -e $ibold"Retrieve Zimbra User.............................."$ebold

grep "Release 5." $ZCS_VER
if [ $? = 0 ]; then
USERS=`su - zimbra -c 'zmprov gaa'`;
LDAP_MASTER_URL=`su - zimbra -c "zmlocalconfig -s ldap_master_url | cut -d ' ' -f3"`
fi

grep "Release 6." $ZCS_VER
if [ $? = 0 ]; then
USERS=`su - zimbra -c 'zmprov -l gaa'`;
LDAP_MASTER_URL="ldapi:///"
fi

echo -e $ibold"Processing account, please wait.............................."$ebold
# /* Proses insert account kedalam file hasil export */
for ACCOUNT in $USERS; do
NAME=`echo $ACCOUNT`;
DOMAIN=`echo $ACCOUNT | awk -F@ '{print $2}'`;
ACCOUNT=`echo $ACCOUNT | awk -F@ '{print $1}'`;
ACC=`echo $ACCOUNT | cut -d '.' -f1`

if [ $NAMA_DOMAIN == $DOMAIN ] ;
then
OBJECT="(&(objectClass=zimbraAccount)(mail=$NAME))"
dn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep dn:`


displayName=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep displayName: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`


givenName=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep givenName: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

userPassword=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep userPassword: | cut -d ':' -f3 | sed 's/^ *//g' | sed 's/ *$//g'`

cn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep cn: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

initials=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep initials: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

sn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep sn: | cut -d ':' -f2 | sed 's/^ *//g' | sed 's/ *$//g'`

	if [ $ACC == "admin" ] || [ $ACC == "wiki" ] || [ $ACC == "galsync" ] || [ $ACC == "ham" ] || [ $ACC == "spam" ]; then
    		echo "Skipping system account, $NAME..."
	else
		echo "createAccount $NAME passwordtemp displayName '$displayName' givenName '$givenName' sn '$sn' initials '$initials' zimbraPasswordMustChange FALSE" >> $NAMA_FILE

    		echo "$dn
changetype: modify
replace: userPassword
userPassword:: $userPassword
" >> $LDIF_FILE
    		echo "Adding account $NAME"
	fi
else
	echo "Skipping account $NAME"
fi

done
echo -e $ibold"All account has been exported sucessfully into $NAMA_FILE and $LDIF_FILE..."$ebold

Script for import :

#!/bin/sh

#Hapus Layar
clear

echo -e '###################################################################################'
echo -e '# Zimbra import-zcs-acc.sh ver 0.0.1                                              #'
echo -e '# Skrip untuk import data account Zimbra                                          #'
echo -e '# Masim 'Vavai' Sugianto - vavai@vavai.com - http://www.vavai.com                 #'
echo -e '# Untuk saran dan pertanyaan silakan menggunakan Milis Komunitas Zimbra Indonesia #'
echo -e '# Link Komunitas : http://www.zimbra.web.id - http://www.opensuse.or.id           #'
echo -e '###################################################################################'

# /* Variable untuk bold */
ibold="33[1m""n===> "
ebold="33[0m"


if [ "$USER" != "zimbra" ]
then
        echo -e $ibold"You need to be user zimbra to run this script..."$ebold
	exit
fi

CURRENT_FOLDER=`pwd`;

echo ""
echo -e "Please verify that you have copied zcs-acc-add.zmp & zcs-acc-mod.ldif on current folder !"
echo -e "Current Folder : $CURRENT_FOLDER, Please change to your folder before running this script."
echo -e "Press ENTER to continue..."
read jawab

if [ -f ./zcs-acc-add.zmp ];
then
   if [ -f ./zcs-acc-add.zmp ];
	then
   		echo -e $ibold"Importing account..."$ebold

		ZIMBRA_LDAP_PASSWORD=`zmlocalconfig -s zimbra_ldap_password | cut -d ' ' -f3`

#		cat ./zcs-acc-add.zmp | su - zimbra -c zmprov
		zmprov < $CURRENT_FOLDER/zcs-acc-add.zmp

		echo -e $ibold"Modify password..."$ebold

                
                ldapmodify -f "$CURRENT_FOLDER/zcs-acc-mod.ldif" -x -H ldapi:/// -D cn=config -w $ZIMBRA_LDAP_PASSWORD
                
#		su - zimbra -c '$LDAP_CMD'

		echo -e $ibold"Zimbra account has been modified sucessfully ..."$ebold

	else
   		echo "Sorry, file $CURRENT_FOLDER/zcs-acc-mod.ldif does not exists, import process will not be continue..."
		exit
	fi
else
   echo "Sorry, file $CURRENT_FOLDER/zcs-acc-add.zmp does not exists, import process will not be continue..."
   exit
fi

13 Thoughts on “Script for Export-Import Zimbra Mail Server Account & Password

  1. Pingback: openSUSE News

  2. Pingback: Tips : Export-Import Zimbra Account Data Into LDAP Data | Spirit of Change

  3. merci bien pour ce script,
    il marche bien mais j’ai constaté pour quelque compte le mot de passe est incorrect

  4. Masim "Vavai" Sugianto on May 14, 2014 at 20:58 said:

    Did you try to restart the Zimbra services after importing account & password?

  5. Abhilash on May 15, 2014 at 00:56 said:

    Thanks for this script. After migration the password is incorrect. I tried restarting services too but its not helped.

  6. Abhilash on May 15, 2014 at 01:00 said:

    Ok, I found the issue. If you have a single domain only you don’t want to use the ‘user’@domain.com for the login username, just use the ‘user’ and that will work. If you have multiple domains you can use the email id as the login name. Thanks

  7. j’ai redémarrer zimbra, mais toujours le même pb,
    qlq comptes ne sont pas importer (nom utilisateur n’existe pas), qlq mot de passe ne sont pas correct

  8. Masim "Vavai" Sugianto on May 26, 2014 at 16:56 said:

    @Houria,

    Which Zimbra version and what is OS currently using for Zimbra?

  9. merci pour votre aide
    le 1er serveur son os est redhat entreprise 6 avec zimbra 7.1.4
    Release 7.1.4_GA_2555.RHEL5_20120105094627 RHEL5 FOSS edition, Patch 7.1.4_P1.

    le 2 eme serveur est
    Release 8.0.5.GA.5839.UBUNTU12.64 UBUNTU12_64 FOSS edition.

    l’exportation se déroule bien tous les comptes sont exportés j’ai 627 comptes
    le pb est dans l’importation j’ai juste 487 sont importé et parmi les comptes importés j’ai vérifié un compte son mot de passe est incorrect

  10. voila le message affiche
    ldap_modify: No such object (32) matched DN

  11. bonjour
    j’ai trouvé la solution le pb est dans un displayname qui contient un apostrophe , j’ai enlevé l’apostrophe et le transfert déroule bien mais le pb est dans le mot de passe tous les nouveau comptes leurs mot de passe est incorrect

  12. merci bien pour le script il marche très bien, même pour les mots de passe incorrect j’ai réglé le pb

  13. hasan on October 19, 2014 at 11:27 said:

    Pak Vavai..saya sudah coba dari export dari zimbra versi 7 ..dan sudah berhasil dalam exportnya… saya coba import di versi 8.. dan prosesnya sudah berhasil.

    tetapi ketika saya coba login error user dan password..
    servicenya sudah juga saya restart.. kira-kira salah dimana pak Vavai…

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Post Navigation