• Home
  • Free Stuff
  • About
  • Contact

Script for Export-Import Zimbra Mail Server Account & Password

August 6, 2010

Zimbra save all account and profile information on the LDAP database. Zimbra has no function for only import and export it’s account, although they have bundled Zimbra to Zimbra migration command. The Zimbra to Zimbra migration command export all mailbox and account while I only need a list of account with some primary fields like password, first name, full name, etc, especially for testing purpose only.

I decided to create a simple script that look for related information on Zimbra LDAP with the following algorithm :

  1. Check  Zimbra version, because Zimbra 5 and Zimbra 6 has different method for accessing LDAP and also these are a few changes on Zimbra CLI. Zimbra 6 need paramater for command while Zimbra 5 doesn’t need it, e.g, on Zimbra 5, running zmprov gaa will list all Zimbra account but on Zimbra 6 we must use zmprov -l gaa to display same result.
  2. Export all account profile to temporary parameter and loop for all account
  3. Skip all system account : admin, ham, spam, galsync and wiki. All these system account doesn’t need to be exported because Zimbra will create all system account on installation process.
  4. Get all account identity/fields from Zimbra LDAP by using  LDAPsearch command
  5. Create a text file with zmp extension. This file will contains  zmprov ca command with proper parameter from step 4
  6. Create ldif file for updating Zimbra LDAP password, because Zimbra LDAP using SSHA encryption and the better method for updating Zimbra LDAP password is using ldapmodify command.
  7. Finish

Algorithm for Import Account

  1. Check whether user are already on Zimbra user environment or not
  2. Check is there existing  zmp and ldif file (the result from export script)
  3. Import zmp file
  4. Run ldapmodify command to change Zimbra LDAP password by using  ldif data
  5. Finish

Please remember that you must running export  script by using root privilege  but the  import account must be run within  Zimbra user environment (su – zimbra).

Look at following example to run Zimbra Account export script :
[code language=’cpp’]
su
cd /srv
wget -c http://vavai.com/wp-content/uploads/exim-acc-zcs.tar.gz
tar -zxvf exim-acc-zcs.tar.gz
cd exim-acc-zcs
./export-acc-zcs.sh
[/code]

The above command will produce  zcs-acc-add.zmp and zcs-acc-mod.ldif file. Copy all four file (the last two are  script file) onto some folder on target server and run the following command to import the account and it’s profile :
[code language=’cpp’]
su
su – zimbra
cd /home/vavai
./import-acc-zcs.sh
[/code]

Script has been sucessfully tested on Zimbra 6.0.5, 6.0.6 dan 6.0.7 on SUSE Linux Enterprise Server 11 and openSUSE 11.

Download Zimbra Account Export-Import Script by click on the download icon belows :

Script for export :
[code language=’cpp’]
#!/bin/sh

#Hapus Layar
clear

echo -e “###################################################################################”
echo -e “# Zimbra export-acc-zcs.sh ver 0.0.2 #”
echo -e “# Skrip untuk export account Zimbra berikut profile dan password #”
echo -e “# Masim ‘Vavai’ Sugianto – vavai@vavai.com – http://www.vavai.com #”
echo -e “# Untuk saran dan pertanyaan silakan menggunakan Milis Komunitas Zimbra Indonesia #”
echo -e “# Link Komunitas : http://www.zimbra.web.id – http://www.opensuse.or.id #”
echo -e “###################################################################################”

# /* Variable untuk bold */
ibold=”33[1m””n===> ”
ebold=”33[0m”

# /* Parameter */
echo “”
echo -n “Enter Domain Name (ex : vavai.com) : ”
read NAMA_DOMAIN
echo -n “Enter path folder for exported account (ex : /home/vavai/) : ”
read FOLDER

# /* Membuat file hasil export dan mengisi nama domain */
NAMA_FILE=”$FOLDER/zcs-acc-add.zmp”
LDIF_FILE=”$FOLDER/zcs-acc-mod.ldif”

rm -f $NAMA_FILE
rm -f $LDIF_FILE

touch $NAMA_FILE
touch $LDIF_FILE

echo “createDomain $NAMA_DOMAIN” > $NAMA_FILE

# /* Check versi Zimbra yang digunakan */
VERSION=`su – zimbra -c ‘zmcontrol -v’`;
ZCS_VER=”/tmp/zcsver.txt”
# get Zimbra LDAP password
ZIMBRA_LDAP_PASSWORD=`su – zimbra -c “zmlocalconfig -s zimbra_ldap_password | cut -d ‘ ‘ -f3″`

touch $ZCS_VER
echo $VERSION > $ZCS_VER

echo -e $ibold”Retrieve Zimbra User…………………………”$ebold

grep “Release 5.” $ZCS_VER
if [ $? = 0 ]; then
USERS=`su – zimbra -c ‘zmprov gaa’`;
LDAP_MASTER_URL=`su – zimbra -c “zmlocalconfig -s ldap_master_url | cut -d ‘ ‘ -f3″`
fi

grep “Release 6.” $ZCS_VER
if [ $? = 0 ]; then
USERS=`su – zimbra -c ‘zmprov -l gaa’`;
LDAP_MASTER_URL=”ldapi:///”
fi

echo -e $ibold”Processing account, please wait…………………………”$ebold
# /* Proses insert account kedalam file hasil export */
for ACCOUNT in $USERS; do
NAME=`echo $ACCOUNT`;
DOMAIN=`echo $ACCOUNT | awk -F@ ‘{print $2}’`;
ACCOUNT=`echo $ACCOUNT | awk -F@ ‘{print $1}’`;
ACC=`echo $ACCOUNT | cut -d ‘.’ -f1`

if [ $NAMA_DOMAIN == $DOMAIN ] ;
then
OBJECT=”(&(objectClass=zimbraAccount)(mail=$NAME))”
dn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep dn:`

displayName=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep displayName: | cut -d ‘:’ -f2 | sed ‘s/^ *//g’ | sed ‘s/ *$//g’`

givenName=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep givenName: | cut -d ‘:’ -f2 | sed ‘s/^ *//g’ | sed ‘s/ *$//g’`

userPassword=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep userPassword: | cut -d ‘:’ -f3 | sed ‘s/^ *//g’ | sed ‘s/ *$//g’`

cn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep cn: | cut -d ‘:’ -f2 | sed ‘s/^ *//g’ | sed ‘s/ *$//g’`

initials=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep initials: | cut -d ‘:’ -f2 | sed ‘s/^ *//g’ | sed ‘s/ *$//g’`

sn=`/opt/zimbra/bin/ldapsearch -H $LDAP_MASTER_URL -w $ZIMBRA_LDAP_PASSWORD -D uid=zimbra,cn=admins,cn=zimbra -x $OBJECT | grep sn: | cut -d ‘:’ -f2 | sed ‘s/^ *//g’ | sed ‘s/ *$//g’`

if [ $ACC == “admin” ] || [ $ACC == “wiki” ] || [ $ACC == “galsync” ] || [ $ACC == “ham” ] || [ $ACC == “spam” ]; then
echo “Skipping system account, $NAME…”
else
echo “createAccount $NAME passwordtemp displayName ‘$displayName’ givenName ‘$givenName’ sn ‘$sn’ initials ‘$initials’ zimbraPasswordMustChange FALSE” >> $NAMA_FILE

echo “$dn
changetype: modify
replace: userPassword
userPassword:: $userPassword
” >> $LDIF_FILE
echo “Adding account $NAME”
fi
else
echo “Skipping account $NAME”
fi

done
echo -e $ibold”All account has been exported sucessfully into $NAMA_FILE and $LDIF_FILE…”$ebold

[/code]

Script for import :
[code language=’cpp’]
#!/bin/sh

#Hapus Layar
clear

echo -e ‘###################################################################################’
echo -e ‘# Zimbra import-zcs-acc.sh ver 0.0.1 #’
echo -e ‘# Skrip untuk import data account Zimbra #’
echo -e ‘# Masim ‘Vavai’ Sugianto – vavai@vavai.com – http://www.vavai.com #’
echo -e ‘# Untuk saran dan pertanyaan silakan menggunakan Milis Komunitas Zimbra Indonesia #’
echo -e ‘# Link Komunitas : http://www.zimbra.web.id – http://www.opensuse.or.id #’
echo -e ‘###################################################################################’

# /* Variable untuk bold */
ibold=”33[1m””n===> ”
ebold=”33[0m”

if [ “$USER” != “zimbra” ]
then
echo -e $ibold”You need to be user zimbra to run this script…”$ebold
exit
fi

CURRENT_FOLDER=`pwd`;

echo “”
echo -e “Please verify that you have copied zcs-acc-add.zmp & zcs-acc-mod.ldif on current folder !”
echo -e “Current Folder : $CURRENT_FOLDER, Please change to your folder before running this script.”
echo -e “Press ENTER to continue…”
read jawab

if [ -f ./zcs-acc-add.zmp ];
then
if [ -f ./zcs-acc-add.zmp ];
then
echo -e $ibold”Importing account…”$ebold

ZIMBRA_LDAP_PASSWORD=`zmlocalconfig -s zimbra_ldap_password | cut -d ‘ ‘ -f3`

# cat ./zcs-acc-add.zmp | su – zimbra -c zmprov
zmprov < $CURRENT_FOLDER/zcs-acc-add.zmp echo -e $ibold"Modify password..."$ebold ldapmodify -f "$CURRENT_FOLDER/zcs-acc-mod.ldif" -x -H ldapi:/// -D cn=config -w $ZIMBRA_LDAP_PASSWORD # su - zimbra -c '$LDAP_CMD' echo -e $ibold"Zimbra account has been modified sucessfully ..."$ebold else echo "Sorry, file $CURRENT_FOLDER/zcs-acc-mod.ldif does not exists, import process will not be continue..." exit fi else echo "Sorry, file $CURRENT_FOLDER/zcs-acc-add.zmp does not exists, import process will not be continue..." exit fi [/code]

LDAPScriptZimbra
Share

Linux

Masim "Vavai" Sugianto
Traveller, Open Source Enthusiast & Book Lover. Works as Independent Worker & Self-Employer.

16 Comments


openSUSE News
August 17, 2010 at 18:50
Reply

[…] Masim Sugianto: Script for Export-Import Zimbra Mail Server Account […]



Tips : Export-Import Zimbra Account Data Into LDAP Data | Spirit of Change
January 20, 2014 at 15:12
Reply

[…] is the script modified from articles Script for Export-Import Zimbra Account + Password. I modify the script to insert some attribute, such as home directory, GID, UID and others […]



houria
May 14, 2014 at 20:56
Reply

merci bien pour ce script,
il marche bien mais j’ai constaté pour quelque compte le mot de passe est incorrect



Masim "Vavai" Sugianto
May 14, 2014 at 20:58
Reply

Did you try to restart the Zimbra services after importing account & password?



Abhilash
May 15, 2014 at 00:56
Reply

Thanks for this script. After migration the password is incorrect. I tried restarting services too but its not helped.



Abhilash
May 15, 2014 at 01:00
Reply

Ok, I found the issue. If you have a single domain only you don’t want to use the ‘user’@domain.com for the login username, just use the ‘user’ and that will work. If you have multiple domains you can use the email id as the login name. Thanks



    Cristian
    November 25, 2015 at 19:28
    Reply

    I have already installed on Centos 8.6 zimbra 7 found a script to import and export accounts and passwords from 6..013 zimbra – debian 5. By far so good, but the problem that I have is that when I try logearme with username and password now if or if I have to enter the user @ domain.

    Check with the administrator account and saw that one had two domains: dominio.algo and two: my_computer-dominio.algo

    When asked if having two domains or user @ domain.

    What I did was eliminiar the domain Two: my_computer-dominio.algo

    Now I have one but I keep asking domain user @ domain

    All this I did from the web consolta administrator.

    Is there any way to prevent user @ domain ask me?

    Thank you.-

    Cristian.-

houria
May 26, 2014 at 16:54
Reply

j’ai redémarrer zimbra, mais toujours le même pb,
qlq comptes ne sont pas importer (nom utilisateur n’existe pas), qlq mot de passe ne sont pas correct



Masim "Vavai" Sugianto
May 26, 2014 at 16:56
Reply

@Houria,

Which Zimbra version and what is OS currently using for Zimbra?



houria
May 27, 2014 at 15:36
Reply

merci pour votre aide
le 1er serveur son os est redhat entreprise 6 avec zimbra 7.1.4
Release 7.1.4_GA_2555.RHEL5_20120105094627 RHEL5 FOSS edition, Patch 7.1.4_P1.

le 2 eme serveur est
Release 8.0.5.GA.5839.UBUNTU12.64 UBUNTU12_64 FOSS edition.

l’exportation se déroule bien tous les comptes sont exportés j’ai 627 comptes
le pb est dans l’importation j’ai juste 487 sont importé et parmi les comptes importés j’ai vérifié un compte son mot de passe est incorrect



houria
May 28, 2014 at 17:24
Reply

voila le message affiche
ldap_modify: No such object (32) matched DN



houria
May 29, 2014 at 20:40
Reply

bonjour
j’ai trouvé la solution le pb est dans un displayname qui contient un apostrophe , j’ai enlevé l’apostrophe et le transfert déroule bien mais le pb est dans le mot de passe tous les nouveau comptes leurs mot de passe est incorrect



houria
June 1, 2014 at 20:59
Reply

merci bien pour le script il marche très bien, même pour les mots de passe incorrect j’ai réglé le pb



hasan
October 19, 2014 at 11:27
Reply

Pak Vavai..saya sudah coba dari export dari zimbra versi 7 ..dan sudah berhasil dalam exportnya… saya coba import di versi 8.. dan prosesnya sudah berhasil.

tetapi ketika saya coba login error user dan password..
servicenya sudah juga saya restart.. kira-kira salah dimana pak Vavai…



Rajeev Mishra
July 7, 2015 at 18:24
Reply

Do you have any script to take HOt backup of zimbra Foss 8.6 server?



Prashant
August 11, 2015 at 16:58
Reply

Hi,

I am trying to use you script. I followed each and every step, but got the following error:-

###################################################################################
# Zimbra export-acc-zcs.sh ver 0.0.2 #
# Skrip untuk export account Zimbra berikut profile dan password #
# Masim ‘Vavai’ Sugianto – vavai@vavai.com – http://www.vavai.com #
# Untuk saran dan pertanyaan silakan menggunakan Milis Komunitas Zimbra Indonesia #
# Link Komunitas : http://www.zimbra.web.id – http://www.opensuse.or.id #
###################################################################################

Enter Domain Name (ex : vavai.com) : iari.res.in
Enter path folder for exported account (ex : /home/vavai/) : /home/account
rm: cannot remove `/home/account/zcs-acc-add.zmp’: Permission denied
rm: cannot remove `/home/account/zcs-acc-mod.ldif’: Permission denied
touch: cannot touch `/home/account/zcs-acc-add.zmp’: Permission denied
touch: cannot touch `/home/account/zcs-acc-mod.ldif’: Permission denied
./export-acc-zcs.sh: line 35: /home/account/zcs-acc-add.zmp: Permission denied
Password:
su: incorrect password
Password:
su: incorrect password

===> Retrieve Zimbra User…………………………

===> Processing account, please wait…………………………

===> All account has been exported sucessfully into /home/account/zcs-acc-add.zmp and /home/account/zcs-acc-mod.ldif…

I am trying to run this script on zcs 7.2 running on RHEL5.

Please check and help me ASAP.

Regards



Cristian
November 24, 2015 at 19:33
Reply

Hello, very good contribution. It’s just what I need. I have zimbra currently running 6.0.13 on Debian 5 and I have installed CentOS 8.6 zimbra July.

I just need respecitve accounts and passwords.

This script work?

Thank you.-



Cristian
November 25, 2015 at 19:20
Reply

Hello. At the end probe and the script it seems to be working. But I generated two problems:

One is that the passwords have% $ # “- these symbols seems not accept

Two, when the amount, I could see that generated me and now I have another domain:
1_ domain
2_ my_computer-domain

This meant that every time I try loguearme if or if users have to enter the username @ domain

What I did was delete the domain 2 (my_computer-domain) .. restart todo..lo off the server but the problem keeps coming to me, that is, keeps asking me domain user with user @ domain

I have installed on Centos 8.6 zimbra 7, apply your script to import and export accounts and passwords from 6..013 zimbra – debian 5.
Check with the administrator account and saw that one had two domains: dominio.algo and two: my_computer-domain

When asked if having two domains or user @ domain.

What I did was eliminiar the domain Two: my_computer-dominio.algo

Now I have one but I keep asking domain user @ domain

All this I did from the web consolta administrator.

Is there any way to prevent user @ domain ask me?

Thank you.-

Cristian.-



Leave a Reply to Rajeev Mishra Cancel reply

Your email address will not be published. Required fields are marked *

  • Recent Posts

    • Upgrading Zimbra 8.8.12 into 8.8.15 LTS
    • Docker Apps for Warming Up SMTP IP Address
    • Rsyslog Warning on Docker : rsyslogd: imklog: cannot open kernel log (/proc/kmsg)
    • Automatically Setting Timezone on Dockerfile
    • Create a Crontab Through a Script
    • Error debconf: unable to initialize frontend: Dialog
    • Custom SSL Certificate Deployment on vCenter Server 6.7
    • Commercial SSL Certificate Deployment on vSphere Host 6.7
    • VMware vSphere 6.7 Ebook (Indonesian)
    • Pursuing FIRE in Indonesia : Expenses and Living Cost



© Copyright LetsBlog Theme Demo - Theme by ThemeGoods