ZCS Administrator's Guide, Network Edition 4.0
Table of Contents Previous Next Index


Appendix A   Command-Line Utilities
Appendix A   Command-Line Utilities
Zimbra CLI Commands
zmprov (Provisioning)
zmbackup
zmschedulebackup
zmbackupabort (Aborting a Full Backup)
zmbackupquery
zmrestore
zmrestoreoffline (Offline Restore)
zmrestoreldap
zmcontrol (Start/Stop Service)
zmmailboxmove (Move Mailbox)
zmmboxsearch (Cross mailbox search)
zmcreatecert and zmcertinstall (For a Certificate)
zmlocalconfig (Local Configuration)
zmtlsctl
zmhsm
zmmailbox
zmlicense
zmmsgtrace
zmmylogpasswd
zmmypasswd
zmtrainsa
zmvolume
zmzimletctl
Command Line Interface (CLI) can be used to create, modify and delete certain features and functions of the Zimbra Collaboration Suite. The administration console is the main tool for maintaining the Zimbra Collaboration Suite, but some functions can only be changed from the CLI utility.
The CLI utility can be used for the following:
Provisioning accounts*
Back up and restore
Start and stop a service
Move mailboxes
Cross mailbox searches
Install self-signed certificates
Local configuration
*In general, provisioning and managing accounts should be performed from the administration console, but bulk provisioning can be done from the CLIGeneral Tool Information
The Zimbra command-line utilities follow standard UNIX command-line conventions.
Follow these guidelines when using the commands
CLI commands are run as the zimbra user, that is su - zimbra.
The actual CLI commands are case-sensitive. You must type them in lower case.
Press ENTER after you type a command.
Typing the CLI command and then - h displays the usage options for the command. Example: zmprov - h lists all the options available for the zmprov utility.
Each operation is invoked through command-line options. Many have a long name and a short name. For example, these two commands are equivalent:
zmprov createAccount joe@domain.com test123
zmprov ca joe@domain.com test123
Syntax Conventions
When demonstrating the syntax of each tool, the following conventions indicate required, optional, and alternate values:
{attribute} in curly brackets is required information.
[attribute] in square brackets are optional arguments or information.
{a|b|c} or [a|b|c] options separated by the pipe character | means "a” OR "b” OR "c”
For attribute names that may contain spaces, surround the name with double quotes.
Location of Command-Line Utilities
The command-line tools available for administrators are all located in the
/opt/zimbra/bin directory on the Zimbra server
Zimbra CLI Commands
The table below lists the CLI commands in /opt/zimbra/bin.
Table 1 Zimbra CLI Commands
CLI
Description
ldap
Start, stop, or find the status of Zimbra LDAP
ldapsearch
Perform a search on an LDAP server
logmysql
Start, stop, or find the status of the MySql session. Enters interactive command-line MySQL session with the logger mysql
logmysql.server
Start, stop the SQL instance for the logger package
logmysqladmin
Send myslqadmin commands to the logger mysql
myslgadmin
Send admin commands to MySQL
mysql
Enters interactive command-line MySQL session with the mailbox mysql
mysql.server
Start, stop the SQL instance for the mailbox package
postconf
Postfix command to view or modify the postfix configuration
postfix
Start, stop, reload, flush, check, upgrade-configuration of postfix
qshape
Examine postfix queue in relation to time and sender/recipient domain
tomcat
Start, stop, find the status of the Tomcat server
zmaccts
Lists the accounts
zmamavisdctl
Start, stop, or find the status of the Amavis-D New
zmantispamctl
Start, stop, reload, status for anti-spam service
zmantivirusctl
Start, stop, reload, status for the anti-virus service
zmapachectl
Start, stop, status of Apache service (for spell check)
zmbackup
Performs full backups and incremental backups for a designated mail host.
zmbackupabort
Stops a backup that is in process.
zmbackupquery
Find a specific full backup set
zmcertinstall
Installs the self-signed certificate created with zmcreatecert.
zmclamdctl
Start, stop, or find the status of Clam AV
zmcontrol
Start, stop, status of the Zimbra servers. Also can use to find the ZCS version installed.
zmconvertctl
Start, stop, the conversion server or find the status of the converted attachments conversion/indexing
zmcreateca
Creates a signing certificate. Used with zmcreatecert and zmcertinstall
zmcreatecert
Create a new self-signed certificate
zmdumpenv
General information about the server environment is displayed
zmhostname
Find the hostname of the Zimbra server
zmhsm
Start, stop and status of a HSM session.
zmjava
Execute Java with Zimbra-specific environment settings
zmldappasswd
Changes the LDAP password
zmlmtpinject
Testing tool
zmlocalconfig
Used to set or get the local configuration of a Zimbra server
zmloggerctl
Start, stop, reload, or find the status of the Zimbra logger service
zmlogswatchctl
Start, stop, status of the swatch that is monitoring logging
zmmailbox
Performs mailbox management tasks
zmmailboxctl
Start, stop, reload, or find the status of the mailbox components (Tomcat, MySQL, convert)
zmmailboxmove
Used to move selected mailboxes from one Zimbra server to another.
zmmboxsearch
Search across mailboxes to find messages and attachments
zmmsgtrace
Trace messages
zmmtaconfigctl
Start, stop, or find the status of the MTA configuration daemon
zmmtactl
Start, stop, or find the status of the MTA
zmmylogpasswd
Change logger MySQL password
zmmypasswd
Change MySQL passwords
zmmysqlstatus
Status of mailbox SQL instance
zmperditionctl
Start, stop, or find the status of the perdition IMAP proxy
zmprov
Performs all provisioning tasks in Zimbra LDAP, including creating accounts, domains, distribution lists and aliases
zmrestore
Performs full restores and incremental restores for a designated mail host
zmrestoreldap
Restore accounts from the LDAP backup
zmrestoreoffline
Performs full restore when the Zimbra server (i.e., the Tomcat process) is down
zmsaslauthdctl
Start, stop, status of saslauthd (authentication)
zmschedulebackup
Schedule backups and add the command to your cron table
zmshutil
Used for other zm scripts, do not use
zmspellctl
Start, stop, or find the status of the spell check server
zmsshkeygen
Generate Zimbra’s SSH encryption keys
zmswatchctl
Start, stop, or find the status of the Swatch process, which is used in monitoring
zmsyslogsetup
Used to setup system log config file
zmtlsctl
Set the Web server mode to the communication protocol options: HTTP, HTTPS or mixed
zmtrainsa
Used to train the anti-spam filter to recognize what is spam or ham
zmupdateauthkeys
Used to fetch the ssh encryption keys created by zmsshkeygen
zmvolume
Manage storage volumes on your Zimbra Mailbox server
zmzimletctl
Deploy and configure Zimlets
zmprov (Provisioning)
The zmprov tool performs all provisioning tasks in Zimbra LDAP, including creating accounts, aliases, domains, distribution lists, and calendar resources. Each operation is invoked through command-line options, each of which has a long name and a short name.
The syntax for modify can include the prefix "+” or "-” so that you can make changes to the attributes affected and do not need to reenter attributes that are not changing. Use + to add a new instance of the specified attribute name without changing any existing attributes. Use - to remove a particular instance of an attribute. The syntax is zmprov [cmd] [argument].
The following objects use this syntax:
ModifyAccount
ModifyDomain
ModifyCos
ModifyServer
ModifyConfig
ModifyDistributionList
ModifyCalendarResource
The following example would add the attribute zimbraZimletUserProperties with the value "testing” to user 1 and would not change the value of any other instances of that attribute.
zmprov ma user1 +zimbraZimletUserProperties testing
 
Short Name
Long Name
Syntax, Example, and Notes
-h
--help
display usage
-f
--file
use file as input stream
-s
--server
{host}[:{port}] server hostname and optional port
-l
--ldap
provision via LDAP instead of SOAP
-a
--account {name}
account name to auth as
-p
--password {pass}
password for account
-P
--passfile {file}
read password from file
-z
--zadmin
use zimbra admin name/password from localconfig for admin/password
-v
--verbose
verbose mode (dumps full exception stack trace)
 
-d/
--debug
debug mode (dumps SOAP messages)
 
The commands in the following table are divided into the following tasks types - Account, Calendar Resources, Config, COS, Distribution List, Documents, Domain, Server, and Miscellaneous.
Long Name
Short Name
Syntax, Example, and Notes
Account Provisioning Commands
CreateAccount
ca
Syntax:{name@domain} {password} [attribute1 value1 etc]
Type on one line.
zmprov ca joe@domain.com test123 displayName JSmith
DeleteAccount
da
Syntax:{name@domain|id|adminName}
zmprov da joe@domain.com
GetAccountMembership
gam
{name@domain|id}
GetAccount
ga
Syntax:{name@domain|id|adminName}
zmprov ga joe@domain.com
GetAllAccounts
gaa
Syntax: [-v] [{domain}]
zmprov gaa
zmprov gaa -v domain.com
GetAllAdminAccounts
gaaa
Syntax: gaaa
zmprov gaaa
ModifyAccount
ma
{name@domain|id|adminName} [attribute1 value1 etc]
zmprov ma joe@domain.com zimbraAccountStatus maintenance
SetPassword
sp
{name@domain|id|adminName} {password}
zmprov sp joe@domain.com test321
AddAccountAlias
aaa
{name@domain|id|adminName} {alias@domain}
zmprov aaa joe@domain.com joe.smith@engr.domain.com
RemoveAccountAlias
raa
{name@domain|id|adminName} {alias@domain}
zmprov raa joe@domain.com joe.smith@engr.domain.com
SetAccountCOS
sac
{name@domain|id|adminName} {cos-name|cos-id}
zmprov sac joe@domain.com FieldTechnician
SearchAccounts
sa
[-v] {ldap-query} [limit] [offset] [sortBy {attribute}
 
RenameAccount
ra
{name@domain|id} {newname@domain}
zmprov ra joe@domain.com joe23@domain.com
Note: After you rename an account, you should run a full backup for that account. zmbackup -f - <servername.com> -a <newaccountname@servername.com>
Calendar Resource Provisioning Commands
CreateCalendarResource
ccr
{name@domain} [attr1 value1 [attr2 value2...]]
DeleteCalendarResource
dcr
{name@domain|id}
GetAllCalendarResources
gacr
[-v] [{domain}]
GetCalendarResource
gcr
{name@domain|id}
ModifyCalendarResource
mcr
{name@domain|id} [attr1 value1 {attr2 value2...]]
RenameCalendarResource
rcr
{name@domain|id} {newName@domain}
SearchCalendarResources
scr
[-v] domain attr op value {attr op value...]
Domain Provisioning Commands
CreateDomain
cd
{domain} [attribute1 value1 etc]
zmprov cd mktng.domain.com zimbraAuthMech zimbra
DeleteDomain
dd
{domain|id}
zmprov dd mktng.domain.com
GetDomain
gd
{domain|id}
zmprov gd mktng.domain.com
GetAllDomains
gad
[-v]
ModifyDomain
md
{domain|id} [attribute1 value1 etc]
zmprov md domain.com zimbraGalMaxResults 50
COS Provisioning Commands
CreateCos
cc
{name} [attribute1 value1 etc]
zmprov cc Executive zimbraAttachmentsBlocked FALSE zimbraAuthTokenLifetime 60m zimbraMailQuota 100M zimbraMailMessageLifetime 0
DeleteCos
dc
{name|id}
zmprov dc Executive
GetCos
gc
{name|id}
zmprov gc Executive
GetAllCos
gac
[-v]
zmprov gac -v
ModifyCos
mc
{name|id} [attribute1 value1 etc]
zmprov mc Executive zimbraAttachmentsBlocked TRUE
RenameCos
rc
{name|id} {newName}
zmprov rc Executive Business
Server Provisioning Commands
CreateServer
cs
{name} [attribute1 value1 etc]
DeleteServer
ds
{name|id}
zmprov ds domain.com
GetServer
gs
{name|id}
zmprov gs domain.com
GetAllServers
gas
[-v]
zmprov gas
ModifyServer
ms
{name|id} [attribute1 value1 etc]
zmprov ms domain.com zimbraVirusDefinitionsUpdateFrequency 2h
Config Provisioning Commands
GetAllConfig
gacf
[-v]
All LDAP settings are displayed
GetConfig
gcf
{name}
ModifyConfig
mcf
attr1 value1
Modifies the LDAP settings.
Distribution List Provisioning Commands
CreateDistributionList
cdl
{list@domain}
zmprov cdl needlepoint-list@domain.com
AddDistributionListMember
adlm
{list@domain|id} {member@domain}
zmprov adlm needlepoint-list@domain.com singer23@mail.free.net
RemoveDistributionListMember
rdlm
{list@domain|id}
zmprov rdlm needlepoint-list@domain.com singer23@mail.free.net
GetAlldistributionLists
gadl
[-v]
 
Get DistributionListmembership
gdlm
{name@domain|id}
GetDistributionList
gdl
{list@domain|id}
zmprov gdl list@domain.com
ModifyDistributionList
mdl
{list@domain|id} attr1 value1 {attr2 value2...}
zmprov md list@domain.com
DeleteDistributionList
ddl
(list@domain|id}
 
AddDistributionListAlias
adla
{list@domain|id} {alias@domain}
RemoveDistributionListAlias
rdla
{list@domain|id} {alias@domain}
RenameDistributionList
rdl
{list@domain|id} {newName@domain}
RemoveDistributionListMember
rdlm
{list@domain|id) {member@domain}
Zimbra Documents Provisioning Commands
ImportNotebook
impn
{username} {password} {from dir}{to folder} Before importing files, any file that will become a Documents page (wiki-style page), must be renamed to include the extension ".wiki”. If not it is imported as a file, accessed either as an attachment or an image.
impn domainwiki@company.com test123 /tmp notebook
InitNotebook
in
{username}{password}{from dir}{to folder}
in globalwiki@company.com test123 /opt/zimbra/wiki/template template
initDomainNotebook
idn
{username}{password} {domain} {directory} {folder} Creates the domain Documents account
idn domainwiki@company.com test123 zimbra.com /opt/zimbra/wiki/template template
Miscellaneous Provisioning Commands
SearchGAL
sg
{domain} {name}
zmprov sg joe
AutoCompleteGal
acg
{domain} {name}
GenerateDomainPreAuthKey
gdpak
{domain|id}
Generates a pre-authentication key to enable a trusted third party to authenticate to allow for single-sign on. Used in conjunction with GenerateDomainPreAuth.
GenerateDomainPreAuth
gdpa
{domain|id} {name} {name|id|foreignPrincipal} {timestamp|0} {expires|0}
Generates preAuth values for comparison.
GetMailboxInfo
gmi
{account}
GetQuotaUsage
gqu
{server}
Examples
Create one account with a password that is assigned to the default COS.
zmprov ca name@domain.com password
Create one account with a password that is assigned to a specified COS. You must know the COS ID number. To find a COS ID, type gc <COSname>.
zmprov ca name@domain.com password zimbraCOS cosIDnumberstring
Create one account when the password is not authenticated internally.
zmprov ca name@domain.com ‘’
The empty single quote is required and indicates that there is no local password.
Using a batch process to create accounts, see Managing the Zimbra Collaboration Suite chapter for the procedure.
Add an alias to an account.
zmprov aaa accountname@domain.com aliasname@domain.com
Create distribution list. The ID of the distribution list is returned.
zmprov cdl listname@domain.com
Add a member to a distribution list. Tip: You can add multiple members to a list from the administration console.
zmprov adlm listname@domain.com member@domain.com
Change the administrator’s password. Use this command to change any password. Enter the address of the password to be changed.
zmprov sp admin@domain.com password
Create a domain that authenticates against Zimbra OpenLDAP.
zmprov cd marketing.domain.com zimbraAuthMech zimbra
Set the default domain.
zmprov mcf zimbraDefaultDomain domain1.com
To list all COSs and their attribute values.
zmprov gac -v
To list all user accounts in a domain (domain.com)
zmprov gaa domain.com
To list all user accounts and their configurations
zmprov gaa -v domain.com
To enable logger on a single server
zmprov +zimbraServiceEnabled logger
Then type zmloggerctl start, to start the logger.
Modify zimbraNewMailNotification to customize the notification email template. A default email is sent from Postmaster notifying users that they have received mail in another mailbox. To change the template, you modify the receiving mailbox account. The variables are
${SENDER_ADDRESS}
${RECIPIENT_ADDRESS}
${RECIPIENT_DOMAIN}
${NOTIFICATION_ADDRESSS}
${SUBJECT}
${NEWLINE}
You can specify which of the above variables appear in the Subject, From, or Body of the email. The following example is changing the appearance of the message in the body of the notification email that is received at name@domain.com. You can also change the template in a class of service, use zmprov mc. The command is written on one line.
zmprov ma name@domain.com zimbraNewMailNotificationBody ‘Important message from ${SENDER_ADDRESS}.${NEWLINE}Subject:${SUBJECT}’
zmbackup
This tool performs full backups and incremental backups for a designated mail host. You can either specify specific accounts, or, if no accounts are specified, all accounts are included.
This utility has short option names and full names. The short option is preceded by a single dash, the full option is proceeded by a double dash. For example, -fb is the same as --fullBackup.
Syntax
One of -f, -i, or -del must be specified.
zmbackup {-f | -i | del} -acct (account) [options]
Description
 
Long Name
Short Name
Description
--fullBackup
-f
Starts a full backup.
--incrementalBackup
-i
Starts an incremental backup.
--account
-a
Specifies the account email addresses. Separate accounts with a blank space. Enter all to backup all accounts. Required.
--delete
-del
<label|date> Deletes the backup session on or prior to the specified label/date.
Common Options
--fullBackup
-f
Starts full backup.
--incrementalBackup
-i
Starts incremental backup.
--server
-s
<arg> Mail server host name. For format, use either the plain host name or the server.domain.com name. The default is the localhost name.
--sync
-sync
Runs full backup synchronously.
--target
-t
<arg> Specifies the target backup location. The default is <zimbra_home>/backup.
--zip
-z
Zips email blobs in backup.
--help
-h
Displays the usage options for this command.
Examples
In these examples, the server (-s) is server1.domain.com. The (-t) is not required if the target is the default directory, (zimbra_home/backup).
Perform a full backup of all mailboxes on server1.
zmbackup -f -a all -s server1.domain.com
Perform incremental backup of all mailboxes on server1 since last full backup.
zmbackup -i -a all -s server1.domain.com
Perform full backup of only user1’s mailbox on server1. Note that hostname does not need full domain if account is used.
zmbackup -f -s server1 -a user1@domain.com
 
Perform incremental backup of user1’s mailbox on server1.
zmbackup -i -s server1 -a user1@domain.com
zmschedulebackup
This command is used to schedule backups and add the command to your cron table.
The default schedule is as follows:
Full backup, every Sunday at 1:00 a.m. (0 1 * * 0)
Incremental backup, Monday through Saturday at 1:00 a.m. (0 1 * * 1-6)
Each crontab entry is a single line composed of five fields separated by a blank space. Specify the fields as follows:
minute 0 through 59
hour 0 through 23
day of month 1 through 31
month 1 through 12
day of week 0 through 7 (0 or 7 is Sunday)
Type an asterisk (*) in the fields you are not using.
This command automatically writes the schedule to the crontab.
Syntax
zmschedulebackup [-q]|-s|-A|-R|-F|-D] [schedule] [schedule...]
Description
 
Name
Command Name
Description
 
i:
Incremental backup.
 
f:
full backup.
 
-d <arg>
Delete backups
Common Options
Query
-q
Default command, displays the existing Zimbra backup schedule.
Save
-s
Save the schedule. Allows you to save the schedule command to a text file so that you can quickly regenerate the backup schedule when the system is restored.
Flush
-F
Removes the current schedule and cancels all scheduled backups.
Append
-A
Adds an additional specified backup to the current schedule.
Replace
-R
Replaces the current schedule with the specified schedule.
Default
-D
Replaces the current schedule with the default schedule.
Help
-h
Displays the usage options for this command.
Examples
To schedule the default full and incremental backup
zmschedulebackup [-D]
To replace the existing schedule with a new schedule
zmschedulebackup -R f [schedule] [schedule]
To add an additional full backup to the existing schedule
zmschedulebackup -A f [schedule]
To add an additional incremental backup to the existing schedule
zmschedulebackup -A i [schedule]
To display the existing schedules a
zmschedulebackup -q
To display the schedules on one line as a command, so that they can be copied to a text file and saved to be used if the application needs to be restored.
zmschedulebackup -s
zmbackupabort (Aborting a Full Backup)
The zmbackupabort command can be used to stop a backup process. Before you can abort an account you must know backup label. This label is displayed after you start the backup procedure. If you do not know the label, use the zmbackupquery to find the label name.
To stop the restore process. The zmbackupabort -r interrupts an on going restore. The restore process is stopped after the current account is restored. The command displays message showing which accounts were not restored.
Syntax
zmbackupabort -lb (label) -acct (email addresses) -s (hostname) -t (zimbra-home/backup)
Description
 
Long Name
Short Name
Description
--label <label>
-lb
Label of the full backup to be aborted. Use the zmbackupquery, to find the file name.
--account
-acct
Specifies the account email addresses. Separate accounts with a blank space. If accounts are omitted, all accounts are backed up.
Common Options
--server
-s
Mail server host name. For format, use either the plain host name or the server.domain.com name. The default is the localhost name.
--target
-t
Specifies the target backup location. The default is <zimbra_home>/backup.
--help
-h
Displays the usage options for this command.
zmbackupquery
The zmbackupquery command is used to find full backup sets. The command can be used to find a specific full backup set, full backup sets since a specific date, or all backup sets in the backup directory.
Syntax
zmbackupquery <options>
Description
 
Long Name
Short Name
Description
account <arg>
-a
Account email addresses separated by white space or all for all accounts.
--label <label>
-lb
The label of the full backup session to query. An example of a label is backup200507121559510.
--list <date>
-l
If a date is used, the query returns a list of full backup sets since the specified date. Enter date as YYYY/MM/DD hh:mm:ss. The hours, minutes, and seconds are not required.
Common Options
--server
-s
Mail server host name. For format, use either the plain host name or the server.domain.com name. The default is the localhost name.
--target
-t
Specifies the backup target location. The default is <zimbra_home>/backup.
--help
-h
Displays the usage options for this command.
zmrestore
This tool performs full restores and incremental restores for a designated mail host. You can either specify specific accounts, or, if no accounts are specified, all accounts are in the backup are restored. In addition, you can restore to a specific point in time.
This utility has short option names and full names. The short option is preceded by a single dash, the full option is proceeded by a double dash. For example, -rb is the same as --restorefullBackupOnly.
Syntax
zmrestore {-f | -i} -a (account) <options>
Description
 
Long Name
Short Name
Description
--label <arg>
-lb
The label of the full backup to restore. Restores to the latest full backup if this is omitted.
--restorefullBackup Only
-rf
Restores to the full backup only, not any incremental backups since that backup.
--restoreAccount
-ra
Restores the account in directory service.
-restoreToIncreLabel <arg>
 
Replay redo logs up to and including this incremental backup
-restoreToRedoSeq <arg>
 
Replay up to and including this redo log sequence
-restoreToTime <arg>
 
Replay rodo logs until this time
--prefix
-pre
<prefix> The prefix to pre-pend to the original account names.
--systemData
-sys
Restores global tables and local config.
--createAccount
-ca
Restores accounts to new target accounts whose names are pre-pended with <prefix>.
--backedupRedolog Only
-br
Replays the redo logs in backup only, which excludes archived and current redo logs of the system.
--continueOnError
-c
Continue to restore other accounts when an error occurs.
--account
-a
Specifies the account email addresses. Separate accounts with a blank space or Type all to restore all accounts.
Common Options
--server
-s
Mail server host name. For format, use either the plain host name or the server.domain.com name. The default is the localhost name.
-skipDeletedAccounts
--skipDeletedAccounts
Do not restore if named accounts were deleted or did not exist at backup time. (This option is always enabled with "-a all”)
--target
-t
Specifies the backup target location. The default is <zimbra_home>/backup.
--help
-h
Displays the usage options for this command.
Examples
Perform complete restore of all accounts on server1, including last full backup and any incremental backups since last full backup.
zmrestore -acct all -s server1.domain.com
Perform restore only to last full backup, excluding incremental backups since then, for all accounts on server1.
zmbackup -rf -acct all -s server1.domain.com
zmrestoreoffline (Offline Restore)
This tool is run when the Zimbra server (i.e., the Tomcat process) is down. The MySQL database for the server and the OpenLDAP directory server must be running before you start the zmrestoreoffline command.
Syntax
zmrestoreoffline <options> [<accounts>]
Description
 
Long Name
Short Name
Description
--label
-lb
The label of the full backup to restore. Type this label to specify a backup file other then the latest.
--restorefullBackupOnly
-rf
Restores to the full backup only, not any incremental backups since that backup.
--restoreAccount
-ra
Restores the account in directory service.
--prefix
-pr
<prefix> The prefix to pre-pend to the original account names.
--createAccount
-ca
Restores accounts to new target accounts whose names are pre-pended with <prefix>.
--account
-a
<arg> Specifies the account email addresses. Separate accounts with a blank space or state all for restoring all accounts. Required.
--backedupRedolog Only
-br
Replays the redo logs in backup only, which excludes archived and current redo logs of the system.
--continueOnError
-c
Continue to restore other accounts when an error occurs.
--systemData
-sys
Restores global tables and local config.
Common Options
--server
-s
Mail server host name. For format, use either the plain host name or the server.domain.com name. The default is the localhost name. If -s is specified, this must be localhost.
--target
-t
Specifies the backup target location. The default is <zimbra_home>/backup.
--help
-h
Displays the usage options for this command.
Examples
Before you begin zmrestoreoffline, the LDAP directory server must be running
Perform a complete restore of all accounts on server1, including last full backup and any incremental backups since last full backup.
zmrestoreoffline -s server1.domain.com
zmrestoreldap
This tool is run to restore accounts from the ldap backup.
Syntax
zmrestoreldap -lb session -t target <options>
Description
 
Long Name
Short Name
Description
 
-lb
Session label to restore from. For example, full200612291821113.
--target
-t
Specifies the backup target location. The default is /opt/zimbra/backup.
Options
 
-lbs
Lists all session labels in backup
 
-l
Lists accounts in file.
 
-a
Restores named account(s). List account names separated by white space.
zmcontrol (Start/Stop Service)
This command is run to start or to stop services. You can also find which version of the Zimbra Collaboration Suite is installed.
Syntax
zmcontrol [ -v -h ] command [args]
Description
 
Long Name
Short Name
Description
 
-v
Displays Zimbra software version.
 
-h
Displays the usage options for this command.
 
-H
Host name (localhost).
Command in...
maintenance
 
Toggle maintenance mode.
shutdown
 
Shutdown all services and manager on this host. When the manager is shutdown, you cannot query that status.
start
 
Startup manager and all services on this host.
startup
 
Startup manger and all services on this host.
status
 
Returns services information for the named host.
stop
 
Stop all services but leave the manager running.
 
zmmailboxmove (Move Mailbox)
This command is used to move a mailbox from one Zimbra server to another. Mailboxes can be moved between Zimbra servers that share the same LDAP server. All the files are copied to the new server and LDAP is updated. After the mailbox is moved to a new server, a copy still remains on the older server, but the status of old mailbox is closed. Users cannot log on and mail is not delivered. You should check to see that all the mailbox contents were moved successfully before purging the old mailbox.
Syntax
To move a mailbox to a new server, type
zmmailboxmove -a <email@address> -ow -s <servername> -t <movetoservername>
To purge the mailbox from the old server, type
zmmailboxmove -a <email@address) -po.
The mailbox and its contents and references are deleted from the server.
Description
 
Long Name
Short Name
Description
--account <arg>
-a
Email address of account to move.
--help
-h
Displays the usage options for this command.
--overwriteMailbox
-ow
Overwrite target mailbox, if it exists.
--purgeOld
-po
Purge old mailbox on previous server. After a mailbox has been successfully moved to a new server, perform purgeOld to remove the mailbox and its contents from the previous server.
--server <arg>
-s
Mail server hostname. The default is the localhost. Server where the --account mailbox is located.
--targetServer <arg>
-t
Server where mailbox is moved to.
-t and -po options are mutually exclusive. Use -t option to move a mailbox from the current server to the new server specified by the option. If -ow is specified, if a mailbox already exists for the target server, it is overwritten. After successfully moving the mailbox, use
-po option to purge the old mailbox on the original server.
zmmboxsearch (Cross mailbox search)
zmmboxsearch is the CLI command used to search across mailboxes. You can search across mailboxes to find messages and attachments that match specific criteria and save copies of these messages to a directory.
Syntax
zmmboxsearch -q <querystring}> -m <mailboxids> -s <server> [-d directory]
Description
 
Long Name
Short Name
Description
--dir (optional)
-d
<arg> Directory to write the messages to. If none is specified, then only the headers are fetched. Files names are generated in the form RESULTNUM_ACCOUNT-ID_ MAILITEMID.
--limit (optional)
-l
Sets the limit for the number of results returned. The default is 25.
--mbox
-m
<arg> Comma-separated list of mailboxes to search. UIDs or email-address or /SERVER/MAILBOXID or *.
--offset (optional)
-o
<arg> Specify where the hit list should start. The default is 0.
--query
-q
<arg> The query string for the search.
--server
-s
<arg> Mail server hostname. default is the localhost.
--verbose (optional)
-v
Request that the status message print while the search is being executed.
Example
The following example is to do a cross-mailbox search in the inbox folder of two different mailboxes on the specified server and put a copy of the message in to the specified directory.
zmmboxsearch -q "in:inbox” -m user1@yourdomain.com,user2@yourdomain.com -d /var/tmp
zmcreatecert and zmcertinstall (For a Certificate)
The CLI command zmcreateca creates the signing certificate and zmcreatecert creates a new self-signed certificate. After a certificate is created, zmcertinstall is the CLI command to install it.
Tomcat must be stopped and then restarted after the certificate is installed.
Example of steps to use to stop tomcat, delete a certificate that is not working and then create a new certificate and install it.
1.
As root, type:
rm -rf /opt/zimbra/ssl
mkdir /opt/zimbra/ssl
chown zimbra:zimbra /opt/zimbra/ssl
2.
Type su - zimbra, then type the following all on one line
keytool -delete -alias my_ca -keystore /opt/zimbra/java/jre/lib/security/cacerts -storepass changeit
3.
Next, type the following on one line
keytool -delete -alias tomcat -keystore /opt/zimbra/tomcat/conf/keystore -storepass zimbra
4.
Type zmcreateca, press Enter
5.
Type zmcreatecert, press Enter
6.
Type zmcertinstall mailbox, press Enter
7.
Type tomcat stop, press Enter
8.
Type tomcat start, press Enter
zmlocalconfig (Local Configuration)
This command is used to set or get the local configuration for a Zimbra server.
Syntax
zmlocalconfig [options] [args]
To see the local config type
zmlocalconfig
Description
 
Long Name
Short Name
Description
--config <arg>
-c
File in which the configuration is stored.
--default
-d
The default values for the keys listedin [args} is listed.
--edit
-e
Edit the configuration file, change keys and values specified. The [args] is in the key=value form.
--force
-f
Edit the keys whose change is known to be potentially dangerous.
--help
-h
Shows the help for the usage options for this tool.
--info
-i
Shows the documentation for the keys listed in [args].
--format <arg>
-m
Shows the values in one of these formats: plain (default), xml, shell, nokey.
--changed
-n
Shows the values for only those keys listed in the [args] that have been changed from their defaults.
--path
-p
Shows which configuration file will be used.
--random
-r
This option is used with the edit option. Specified key is set to a random password string.
--quiet
-q
Suppress logging.
--show
-s
Forces the display of the password strings.
--unset
-u
Removes the local setting for a variable, which causes it to fallback to the default.
--expand
-x
Expand values.
zmtlsctl
This command is used to set the Web server mode to the communication protocol options: HTTP, HTTPS, or mixed. Mixed mode uses HTTPS for logging in and HTTP for normal session traffic. All modes use SSL encryption for back-end administrative traffic.
Tomcat has to be stopped and restarted for the change to take effect.
Note: If you switch to https, you use the self-signed certificate generated during Zimbra installation, in /opt/zimbra/ssl/ssl/server/server.crt.
Syntax
zmtlsctl [mode]
mode = http, https, or mixed
Steps to run
 
1.
Type zmtlsctl [mode], press Enter.
2.
Type tomcat stop, press Enter.
3.
When Tomcat is stopped, type tomcat start, press Enter.
zmhsm
This command is to start, stop (abort), and see the status of a HSM session. The threshold for when messages are moved to a storage volume is configured from the administration console, Servers>Volume tab.
Syntax
zmhsm {abort|start|status} {server} <name>
Description
Long Name
Short Name
Description
--abort
-a
Aborts the current HSM session.If all the messages in a mailbox being processed were not moved before you clicked Abort, no messages from that mailbox are moved from the primary volume. Messages for mailboxes that have completed the move to the secondary volume are not moved back to the primary volume.
--help
-h
Shows the help for the usage options for this tool.
--server <arg>
-s
The mail server host name. The default is the localhost [args].
--start
-t
Manually starts the HSM process.
--status
-u
The status of the last HSM session is displayed.
zmmailbox
The zmmailbox tool is used for mailbox management. The command can help administrators provision new mailboxes along with accounts, debug issues with a mailbox, and help with migrations.
Syntax
zmmailbox [args] [cmd] [cmd-args...]
Description
 
Short Name
Long Name
Syntax, Example, and Notes
-h
--help
display usage
-f
--file
use file as input stream
-u
--url
http[s]://{host}[:{port}] server hostname and optional port. Must use admin port with -z/-a
-a
--account {name}
account name to auth as
-z
--zadmin
use zimbra admin name/password from localconfig for admin/password
-m
--mailbox
mailbox to open
-p
--password {pass}
password for admin account and or mailbox
-P
--passfile {file}
read password from file
-v
--verbose
verbose mode (dumps full exception stack trace)
 
-d
--debug
debug mode (dumps SOAP messages)
Specific CLI tools are available for the different components of a mailbox. Usage is described in the CLI help for the following
 
zmmailbox help admin
help on admin-related commands
zmmailbox help commands
help on all commands
zmmailbox help contact
help on contact-related commands (address book)
zmmailbox help conversation
help on conversation-related commands
zmmailbox help folder
help on folder-related commands
zmmailbox help item
help on item-related commands
zmmailbox help message
help on message-related commands
zmmailbox help misc
help on miscellaneous commands
zmmailbox help search
help on search-related commands
zmmailbox help tag
help on tag-related commands
Examples
When you create an account, you may want to pre-create some tags and folders. You can invoke zmmailbox inside of zmprov by using "selectMailbox(sm)”
 
domain.example.com$ /opt/zimbra/bin/zmprov
prov> ca user10@domain.example.com test123
9a993516-aa49-4fa5-bc0d-f740a474f7a8
prov> sm user10@domain.example.com
mailbox: user10@domain.example.com, size: 0 B, messages: 0, unread: 0
mbox user10@domain.example.com> createFolder /Archive
257
mbox user10@domain.example.com> createTag TODO
64
mbox user10@domain.example.com> createSearchFolder /unread "is:unread"
258
mbox user10@domain.example.com> exit
prov>
zmlicense
This command is used to view and install your Zimbra license. The license can be viewed and installed from the administration console, Global Settings, License tab.
 
Long Name
Short Name
Description
--check
-c
Check to see if a valid license is installed.
--help
-h
Shows the help for the usage options for this tool.
--install <arg>
--i <arg>
Installs the specified license file.[arg] This is the Zimbra license file that you received.
--print
-p
Displays the license information.
zmmsgtrace
This command is used to trace an email message that was sent or received with the last 30 days.
Syntax
zmmsgtrace -i|-s|-r|-F <message_id>
Description
 
Long Name
Short Name
Description
--help
-h
Shows the help for the usage options for this tool.
 
-i
Message ID.
 
-s
Sender address.
 
-r
Recipient address.
 
-F
From Times in YYYYMMDD (hhmmss) format.
 
-D
dest_ip/host
 
-t
start, end times in YYYYMMDD[hhmmss] format
zmmylogpasswd
This command is used to change the zimbra_logger_myql_password. If the --root option is specified, the MySql_logger_root_passwd is changed. In both cases, MySQL is updated with the new passwords. Refer to the MySQL documentation to see how you can start the MySQL server temporarily to skip grant tables, to override the root password.
Syntax
zmmylogpasswd <new_password>
zmmypasswd
This command is used to change zimbra_myql_password. If the --root option is specified, the mysql_root_passwd is changed. In both cases, MySQL is updated with the new passwords. Refer to the MySQL documentation to see how you can start the MySQL server temporarily to skip grant tables, to override the root password.
Syntax
zmmypasswd <new_password>.
zmtrainsa
This command is used to train the anti-spam filter. This command is run automatically every night to train the SpamAssasin filter from messages users mark as "junk” "not junk” from their mailbox. See "Anti-Spam Training Filters” .
You can use this command to manually send one account’s mail through the spam filter. You will need to know the account password.
Syntax
zmtrainsa <server> <user> <pass> <spam|ham> [folder]
Description
zmtrainsa fetches the mail from <user> with password <pass> from <server> and trains the filter as either spam or ham <spam|ham>. The folder is optional. If a folder is not defined, the contents of the Inbox is fetched.
zmvolume
This command can be used to manage storage volumes from the CLI. Volumes can be easily managed from the administration console, Server, Volume tab.
Syntax
zmvolume --add --name <message volume> --type <primaryMessage> --path /<data/msgvol>
Description
 
Long Name
Long Name Second Attribute
Short Name
Description
--add
 
-a
Adds a volume
 
--name <arg>
-n
Volume name
 
--type <arg>
-t
Type of volume, primaryMessage, secondaryMessage, or index. SecondaryMessage is used only when the Network Edition, HSM feature is enabled.
 
--path <arg>
-p
File system root path of the volume
 
--compress <arg>
 
-c
Compress blobs, "true” or "false”. The default is "false.”
True means that message blobs whose size are above the compression threshold are compressed.
 
--compressionThreshold <arg>
-ct
Compression threshold size is specified in bytes. The default is 4KB
--edit
 
-e
Edits a volume. Any of the options listed under --add can also be specified to have its volume modified.
 
--id <arg>
-id
Volume ID
--delete
 
-d
Deletes a volume
 
--id <arg>
-id
Volume ID
--list
 
-l
Lists volumes
 
--id <arg>
-id
ID is optional. If it is specified, just that volume is listed. If not, all volumes are displayed.
--displayCurrent
 
-dc
Displays the current volumes
--setCurrent
 
-sc
Sets the volume specified by --id to be the current volume of its volume type.
 
--id <arg>
-id
Volume ID
--turnOffSecondary
 
-ts
Turns off the current secondary message volume. After this command completes, no current secondary volume is enabled.
zmzimletctl
This command is used to deploy Zimlets to users. See Working with Zimlets.
Syntax
zmzimletctl {command} <zimletname> <arg>
Description
Long Name
Short Name
Description
deploy <zimletname>
 
Creates the Zimlet entry in the LDAP server, installs the zimlet files on the Server, grants, access to the members of the default COS, and turns on the Zimlet
undeploy
 
Uninstall a zimlet from the Zimbra server
install
 
Installs the Zimlet files on the host
ldapDeploy
 
Adds the Zimlet entry to the LDAP
acl
 
Sets the access control, grant|deny, to a COS
enable
 
Enables the Zimlet
disable
 
Disables the Zimlet.
listAcls
 
Lists the ACLs for the Zimlets
listZimlets
 
Shows the status of all the Zimlets on the server
getConfigTemplate
 
Extracts the configuration template from the Zimlet.zip file
configure
 
Installs the configuration
listPriority
 
Shows the current Zimlet priorities (0 is high, 9 is low)
 
setPriority
 
Sets the Zimlet priority
 
Appendix A   Command-Line Utilities

Table of Contents Previous Next Index
ZCS Administrator's Guide, Network Edition 4.0
Copyright © 2006 Zimbra Inc.