zmprov install


The best way for bulk provisioning and remote management is to install an open source edition Zimbra server at your organization.  It is a pretty simple setup.  None of the components need to work, you really only need access to the zimbra user and some of the Zimbra specific tools.  zmprov allows you to make calls against a remote server to bulk provision, get lists of users, etc.

You will need a Linux server for the install.  I used Ubuntu 12.04

You can download the open source edition of Zimbra here:

http://www.zimbra.com/downloads/os-downloads.html

Download the appropriate tar.gz file from Zimbra:

[root@test7 /]# wget http://files2.zimbra.com/downloads/8.0.0_GA/zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631.tgz

Extract the tar file:

[root@test7 /]# tar -xvf zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631.tgz
Change directory:

[root@test7 /]# cd zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631.tgz

Run the installer (the platform-override flag is for unsupported OS)

[root@test7  zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631.tgz ]# ./install.sh --platform-override

Agree to the software license agreement
When prompted with what packages to install, answer NO
You may be prompted that the platform you are installing on is unsupported.  Select YES to install anyway.
The system will be modified. Continue?  YES

Once the install has stopped, it will ask for some configuration options:

Ldap Master Host – Set this to the hostname of the machine of the local host
Ldap Admin Password – Set this password

Once confiruation is complete press ‘a’ to apply
The system will be modified, continue?  YES

You can say no to the part about notifying Zimbra of the install.
Configuration COMPLETE!

Now, sudo to the zimbra user:

sudo –u zimbra –i

Confirm that everything is working by doing a lookup against your own production mail account.  You’ll need to provide connection information as well as credentials to the production machine to do this.

[zimbra@test7 ~]$ zmprov -s servername -a accountname -p password ga mpromenc@domain.org

In most cases the –s flag will point to where you log into your mail account
-a is your account name (with domain)
-p is your password

In the above example “ga” is getAccount

You can run similar commands like “gdl” getDistributionList “ca” createAccount
More on that subject here:
http://wiki.zimbra.com/wiki/Zmprov

You can also use the –f flag to pipe a list of commands to zmprov:

zmprov –s servername –a accountname –p password –f /path/to/file.txt

That file could be formatted to bulk create, remove, or modify accounts or their attributes. 

The following sample file would bulk create accounts (with blank passwords) and assign them to the “everyone” distribution list:

ca user1@domain.org “”
adlm everyone@domain.org user1@domain.org
ca user2@domain.org “”
adlm everyone@domain.org user2@domain.org

and so on.

The easiest way to format a file that is ready to be piped to zmprov is with a simple bash script (example on the next page) that reads the information from a .csv file and then formats it accordingly.   
**This file could also be utilized in a cron job where every hour or so this script is run to format data from a csv file, then the output of the sciprt is piped to zmprov.  This would allow for very simple automated provisioning, just update the csv file as needed.




#!/bin/bash
#build-zmprov.sh
####################################################
#  To run:                                         #
# ./build-zmprov.sh csv_file_name output_file_name #
####################################################

INPUTFILE=$1            #defined in the example above as csv_file_name
OUTPUTFILE=$2           #defined in the example above as output_file_name
OLDIFS=$IFS             #temporary protection of the system IFS variable
IFS=,                   #defining the text delimiter as comma

# Here we check to make sure the program has both an input and output file #specified

[ ! -f $INPUT ] && { echo "$INPUT file not found"; exit 99; }

# Now we are going to read the file and pull out our attributes (seperated by commas) in the order defined in the while statement.
# Sample Input:
# mpromenc-test@merit.edu,Matthew,A,Promenchenkel,Merit Network,Merit TEST Account
# Sample Output:
# ca mpromenc5@merit.edu "" givenName "Matthew" initials "A" sn "Promenchenkel" company "Merit Network" description "Merit TEST Account"
# The empyty quotes after the user name define a blank password, which we need for AD auth

while read USER FN MI SN CO DESC
do
        echo ca $USER \"\" givenName \"$FN\" initials \"$MI\" sn \"$SN\" company \"$CO\" description \"$DESC\" >> $2

done < $1

IFS=$OLDIFS
#Remember to escape your quotes!

################
# Additional Examples
#  
#  1.)A large list of accounts that need to be locked or closed
#  Our input file will only have one column of information, in this case a user name
#  while read USER
#  do
#                      echo ma $USER zimbraAccountStatus Locked >> $2
#  done < $1
#
######
#
#  2.) Moving a large lists of accounts to a new domain
#  
#  Again our input file will only need to include user names (this time without the @domain)
#  
#  while read USER
#  do
#                      echo ra $USER@originaldomain.com $USER@newdomain.com >> $2
#  done < $1
#
######
# You can continue to adapt this script to your use case. 
# Tasks like the examples above (1 and 2) can also easily be achieved by a text editor that can prefix/suffix lines
#  
#    The output of this file can be passed to your remote zmprov calls:
#
#    zmprov -s mailstore-host.merit.edu -a admin_account@domain.edu -p password -f path_to_output_of_this_script
#################



No comments:

Post a Comment

Subscribe to: Posts (Atom)