ZCS Administrator's Guide Open Source Edition 6.0, Rev 1
Table of Contents Previous Next Index


Appendix A Command-Line Utilities : Zimbra CLI Commands
Zimbra CLI Commands
The table below lists the CLI commands in /opt/zimbra/bin.
Table 1 zimbra CLI Commands
CLI
Description
ldap
Start, stop, or find the status of zimbra LDAP
ldapsearch
Perform a search on an LDAP server
logmysqladmin
Send myslqadmin commands to the logger mysql
mailboxd
Start, stop, find the status of the mailboxd server
mysql
Enters interactive command-line MySQL session with the mailbox mysql
mysql.server
Start, stop the SQL instance for the mailbox package
mysqladmin
Send admin commands to MySQL
postconf
Postfix command to view or modify the postfix configuration
postfix
Start, stop, reload, flush, check, upgrade-configuration of postfix
qshape
Examine postfix queue in relation to time and sender/recipient domain
zmaccts
Lists the accounts and gives the status of accounts on the domain
zmamavisdctl
Start, stop, restart, or find the status of the Amavis-D New
zmantispamctl
Start, stop, reload, status for anti-spam service
zmantivirusctl
Start, stop, reload, status for the anti-virus service
zmapachectl
Start, stop, reload, or check status of Apache service (for spell check)
zmauditswatchctl
Start, stop, restart, reload, status of the auditswatch
zmcalchk
Check consistency of appointments and attendees in the Zimbra calendar
zmcertmgr
Manage self-signed and commercial certificates
zmclamdctl
Start, stop, or find the status of Clam AV
zmcleaniplanetics
Clean iPlanet ICS calendar files
zmcontrol (Start/Stop Service)
Start, stop, status of the Zimbra servers. Also can use to find the Zimbra version installed.
zmconvertctl
Start, stop, the conversion server or find the status of the converted attachments conversion/indexing
zmdumpenv
General information about the server environment is displayed
zmgsautil
Create, delete the GAL sync account and initiate manual syncs.
zmhostname
Find the hostname of the Zimbra server
zmitemdatafile
Extracts and packs tgz files that ZCS uses for REST import/export
zmjava
Execute Java with Zimbra-specific environment settings
zmldappasswd
Changes the LDAP password
zmlmtpinject
Testing tool
zmlocalconfig
Used to set or get the local configuration of a Zimbra server
zmloggerctl
Start, stop, reload, or find the status of the Zimbra logger service
zmloggerhostmap
Used to manually map a DNS hostname to a zmhostname.
zmlogswatchctl
Start, stop, status of the swatch that is monitoring logging
zmmailbox
Performs mailbox management tasks
zmmailboxdctl
Start, stop, reload, or find the status of the mailbox components (mailboxd, MySQL, convert)
zmmetadump
Support tool that dumps an item’s metadata in a human-readable form
zmmtaconfigctl
Start, stop, or find the status of the MTA configuration daemon
zmmtactl
Start, stop, or find the status of the MTA
zmmypasswd
Trace messages
zmmypasswd
Change MySQL passwords
zmmysqlstatus
Status of mailbox SQL instance
zmperditionctl
Start, stop, or find the status of the perdition IMAP proxy
zmprov (Provisioning)
Performs all provisioning tasks in Zimbra LDAP, including creating accounts, domains, distribution lists and aliases
zmproxyconfgen
Generates configuration for the nginx proxy
zmproxyctl
Start, stop, restart, and find the status of the IMAP proxy service
zmproxypurge
Purges POP/IMAP routing information from one or more memcached servers
zmpython
Ability to write Python scripts that access Zimbra Java libraries. It sets the ZCS class path and starts the Jython interpreter.
zmsaslauthdctl
Start, stop, or find the status of saslauthd (authentication)
zmshutil
Used for other zm scripts, do not use
zmskindeploy
Deploy skins for accounts from the command line
zmsoap
Print mail, account, and admin information in the SOAP format
zmspellctl
Start, stop, or find the status of the spell check server
zmsshkeygen
Generate Zimbra’s SSH encryption keys
zmstat-chart
Generate charts from zmstat data collected in a directory
zmstat-chart-config
Generate an .xml file with data included from the account setup
zmstat-chart-config
Outputs an XML configuration that describes the current state of the data gathered from zmstat-chart to generate charts on the administration console.
zmstatctl
Start, stop, check status, or rotate logs of zmstat data collectors
zmstorectl
Start, stop, or find the status of Zimbra store services
zmswatchctl
Start, stop, or find the status of the Swatch process, which is used in monitoring
zmsyslogsetup
Used to setup system log config file
zmthrdump
Initiate a thread dump and save the data to a file with a timestamp
zmtlsctl
Set the Web server mode to the communication protocol options: HTTP, HTTPS or mixed
zmtrainsa
Used to train the anti-spam filter to recognize what is spam or ham
zmtzupdate
Provides mechanism to process timezone changes from the command line
zmupdateauthkeys
Used to fetch the ssh encryption keys created by zmsshkeygen
zmvolume
Manage storage volumes on your Zimbra Mailbox server
zmzimletctl
Deploy and configure Zimlets
zmprov (Provisioning)
The zmprov tool performs all provisioning tasks in Zimbra LDAP, including creating accounts, aliases, domains, COS, distribution lists, and calendar resources. Each operation is invoked through command-line options, each of which has a long name and a short name.
The syntax for modify can include the prefix “+” or “-” so that you can make changes to the attributes affected and do not need to reenter attributes that are not changing.
Use + to add a new instance of the specified attribute name without changing any existing attributes.
Use - to remove a particular instance of an attribute.
The syntax is zmprov [cmd] [argument].
The following objects use this syntax:
ModifyAccount
ModifyDomain
ModifyCos
ModifyServer
ModifyConfig
ModifyDistributionList
ModifyCalendarResource
The following example would add the attribute zimbraZimletUserProperties with the value “blue” to user 1 and would not change the value of any other instances of that attribute.
zmprov ma user1 +zimbraZimletUserProperties "com_company_testing:favoriteColor:blue"
 
Short Name
Long Name
Syntax, Example, and Notes
-h
--help
display usage
-f
--file
use file as input stream
-s
--server
{host}[:{port}] server hostname and optional port
-l
--ldap
provision via LDAP instead of SOAP
-L
--log property file
log 4j property file, valid only with -l
-a
--account {name}
account name to auth as
-p
--password {pass}
password for account
-P
--passfile {file}
read password from file
-z
--zadmin
use Zimbra admin name/password from localconfig for admin/password
-y
--authtoken (authtoken)
use auth token string (has to be in JSON format) from command line
-Y
--authtoken (authtoken file)
use auth token string (has to be in JSON format) from command line
-v
--verbose
verbose mode (dumps full exception stack trace)
-d/
--debug
debug mode (dumps SOAP messages)
-m
--master
use LDAP master. This only valid with -l
The commands in the following table are divided into the tasks types - Account, Calendar Resources, Config, COS, Distribution List, Documents, Domain, Server, and Miscellaneous.
Long Name
Short Name
Syntax, Example, and Notes
Account Provisioning Commands
addAccountAlias
aaa
{name@domain|id|adminName} {alias@domain}
zmprov aaa joe@domain.com joe.smith@engr.domain.com
checkPasswordStrength
cps
Syntax: {name@doman|id} {password}
Note: This command does not check the password age or history.
zmprov cps joe@domain.com test123
createAccount
ca
Syntax:{name@domain} {password} [attribute1 value1 etc]
Type on one line.
zmprov ca joe@domain.com test123 displayName JSmith
createDataSource
cds
{name@domain} {ds-type} {ds-name} [attr1 value1 [attr2 value2...]]
createIdentity
cid
{name@domain} {identity-name} [attr1 value1 [attr2 value2...]]
createSignature
csig
{name@domain} {signature-name} [attr1 value1 [attr2 value2...]]
deleteAccount
da
Syntax:{name@domain|id|adminName}
zmprov da joe@domain.com
deleteDataSource
dds
{name@domain|id} {ds-name|ds-id}
deleteIdentity
did
{name@domain|id} {identity-name}
deleteSignature
dsig
{name@domain|id} {signature-name}
getAccount
ga
Syntax:{name@domain|id|adminName}
zmprov ga joe@domain.com
getAccountMembership
gam
{name@domain|id}
getAllAccounts
gaa
Syntax: [-v] [{domain}]
zmprov -l gaa
zmprov gaa -v domain.com
getAllAdminAccounts
gaaa
Syntax: gaaa
zmprov gaaa
getDataSources
gds
{name@domain | id} [arg 1 [arg 2...]]
getIdentities
gid
{name@domain | id} [arg 1 [arg 2...]]
getSignatures
gsig
{name@domain | id} [arg 1 [arg 2...]]
modifyAccount
ma
{name@domain|id|adminName} [attribute1 value1 etc]
zmprov ma joe@domain.com zimbraAccountStatus maintenance
modifyDataSource
mds
{name@domain | id} {ds-name |ds-id} [attr 1 value 1 [attr2 value 2...]]
modifyIdentity
mid
{name@domain |id} {identity-name} [attr 1 value 1 [attr 2 value 2...]]
modifySignature
msig
{name@domain |id} {signature-name | signature-id} [attr 1 value 1 [attr 2 value 2...]]
removeAccountAlias
raa
{name@domain|id|adminName} {alias@domain}
zmprov raa joe@domain.com joe.smith@engr.domain.com
renameAccount
ra
{name@domain|id} {newname@domain}
zmprov ra joe@domain.com joe23@domain.com
 
setAccountCOS
sac
{name@domain|id|adminName} {cos-name|cos-id}
zmprov sac joe@domain.com FieldTechnician
setPassword
sp
{name@domain|id|adminName} {password}
Note: Passwords cannot included accented characters in the string. Example of accented characters that cannot be used: ã, é, í, ú, ü, ñ.
zmprov sp joe@domain.com test321
Calendar Resource Provisioning Commands
createCalendarResource
ccr
{name@domain} [attr1 value1 [attr2 value2...]]
deleteCalendarResource
dcr
{name@domain|id}
getAllCalendarResources
gacr
[-v] [{domain}]
getCalendarResource
gcr
{name@domain|id}
modifyCalendarResource
mcr
{name@domain|id} [attr1 value1 {attr2 value2...]]
renameCalendarResource
rcr
{name@domain|id} {newName@domain}
searchCalendarResources
scr
[-v] domain attr op value {attr op value...]
Free Busy Commands
 
 
getAllFbp
gafbp
[-v]
getFreebusyQueueInfo
gfbqi
[{provider-name}]
pushFreebusy
pfb
{domain | account-id} [account-id...]
Domain Provisioning Commands
countAccount
cta
{domain|id}
This lists each COS, the COS ID and the number of accounts assigned to each COS
createAliasDomain
cad
{alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2...]]
 
createDomain
cd
{domain} [attribute1 value1 etc]
zmprov cd mktng.domain.com zimbraAuthMech zimbra
deleteDomain
dd
{domain|id}
zmprov dd mktng.domain.com
getDomain
gd
{domain|id}
zmprov gd mktng.domain.com
getDomainInfo
gdi
name|id|virtualHostname {value} [attr1 [attr2...]]
getAllDomains
gad
[-v]
modifyDomain
md
{domain|id} [attribute1 value1 etc]
zmprov md domain.com zimbraGalMaxResults 500
Note: Do not modify zimbraDomainRenameInfo manually. This is automatically updated when a domain is renamed.
renameDomain
rd
{domain|id} {newDomain}
Note: renameDomain can only be used with “zmprov -l/--ldap
COS Provisioning Commands
copyCos
cpc
{src-cos-name|id} {dest-cos-name}
createCos
cc
{name} [attribute1 value1 etc]
zmprov cc Executive zimbraAttachmentsBlocked FALSE zimbraAuthTokenLifetime 60m zimbraMailQuota 100M zimbraMailMessageLifetime 0
deleteCos
dc
{name|id}
zmprov dc Executive
getCos
gc
{name|id}
zmprov gc Executive
getAllCos
gac
[-v]
zmprov gac -v
modifyCos
mc
{name|id} [attribute1 value1 etc]
zmprov mc Executive zimbraAttachmentsBlocked TRUE
renameCos
rc
{name|id} {newName}
zmprov rc Executive Business
Server Provisioning Commands
createServer
cs
{name} [attribute1 value1 etc]
deleteServer
ds
{name|id}
zmprov ds domain.com
getServer
gs
{name|id}
zmprov gs domain.com
getAllServers
gas
[-v]
zmprov gas
getAllReverseProxyBackends
garpb
 
modifyServer
ms
{name|id} [attribute1 value1 etc]
zmprov ms domain.com zimbraVirusDefinitionsUpdateFrequency 2h
getAllReverseProxyURLs
garpu
Used to publish into nginx.conf what servers should be used for reverse proxy lookup.
getAllMtaAuthURLs
gamau
Used to publish into saslauthd.conf what servers should be used for saslauthd.conf MTA auth
getAllMemcachedServers
gamcs
Used to list memcached servers (for nginix use).
Config Provisioning Commands
getAllConfig
gacf
[-v]
All LDAP settings are displayed
getConfig
gcf
{name}
modifyConfig
mcf
attr1 value1
Modifies the LDAP settings.
Distribution List Provisioning Commands
createDistributionList
cdl
{list@domain}
zmprov cdl needlepoint-list@domain.com
addDistributionListMember
adlm
{list@domain|id} {member@domain}
zmprov adlm needlepoint-list@domain.com singer23@mail.free.net
removeDistributionListMember
rdlm
{list@domain|id}
zmprov rdlm needlepoint-list@domain.com singer23@mail.free.net
getAlldistributionLists
gadl
[-v]
 
get DistributionListmembership
gdlm
{name@domain|id}
getDistributionList
gdl
{list@domain|id}
zmprov gdl list@domain.com
modifyDistributionList
mdl
{list@domain|id} attr1 value1 {attr2 value2...}
zmprov md list@domain.com
deleteDistributionList
ddl
(list@domain|id}
 
addDistributionListAlias
adla
{list@domain|id} {alias@domain}
removeDistributionListAlias
rdla
{list@domain|id} {alias@domain}
renameDistributionList
rdl
{list@domain|id} {newName@domain}
zimbra Documents Provisioning Commands (Notebook)
importNotebook
impn
{name@domain} {directory} {folder}
Before importing files, any file that will become a Documents page (wiki-style page), must be renamed to include the extension “.wiki”. If not it is imported as a file, accessed either as an attachment or an image.
impn joe@domain.com /opt/zimbra/wiki/template template
initNotebook
in
[{name@domain}]
in joe@domain.com
initDomainNotebook
idn
{domain} [{name@domain}]
Creates the domain Documents account
idn domain.com domainwiki@domain.com
UpdateTemplates
ut
[-h host] {template-directory}
Mailbox Commands
getMailboxInfo---
gmi
{account}
getQuotaUsage---
gqu
{server}
reIndexMailbox
rim
{name@domain|id} {action} [{reindex-by} {value1} [value2...]]
RecalculateMailboxCounts
rmc
{name@domain|id}
When unread message count and quota usage are out of sync with the data in the mailbox, use this command to immediately recalculate the mailbox quota usage and unread messages count.
Important: Recalculating mailbox quota usage and message count should be schedule to run in off peak hours and used on one mailbox at a time.
selectMailbox
sm
{account-name} [{zmmailbox commands}]
Logs
 
 
addAccount Logger
aal
{name@domain|id} {logging-category} {debug|info|warn|error}
Creates custom logging for a single account
getAccountLoggers
gal
[-s/--server hostname] {name@domain|id} {logging-category} {debug|info|warn|error}
getAllAccountLoggers
gaal
[-s/--server hostname]
Shows all individual custom logger account
removeAccountLogger
ral
[-s/ --server hostname] {name@domain|id} {logging-category}
When name@domain is specified, removes the custom logger created for the account otherwise removes all accounts all account loggers from the system.
See the zmprov Log Categories for a list of logging categories.
Search
 
 
searchGAL
sg
{domain} {name}
zmprov sg joe
autoCompleteGal
acg
{domain} {name}
searchAccounts
sa
[-v] {ldap-query} [limit] [offset] [sortBy {attribute} [sortAscending 0|1] [domain {domain}]
 
Share Provisioning Commands
For a GUI view of results, see Distribution List Shares tab on the administration console
getPublishedDistributionListShareInfo
gpdlsi
{dl-name|dl-id} [{owner-name|owner-id}]
getShareInfo
gsi
{owner-name|owner-id}
publishDistribtionListShareInfo
pdlsi
{+|-} {dl-name@domain|id} {owner-name|owner-id} [{folder-path|folder-id}]
Miscellaneous Provisioning Commands
describe
desc
[[-v] [-ni] [{entry-type}]] | [-a {attribute-name}]
Prints all attribute names (account, domain, COS, servers, etc.).
generateDomainPreAuthKey
gdpak
{domain|id}
Generates a pre-authentication key to enable a trusted third party to authenticate to allow for single-sign on. Used in conjunction with GenerateDomainPreAuth.
generateDomainPreAuth
gdpa
{domain|id} {name} {name|id|foreignPrincipal} {timestamp|0} {expires|0}
Generates preAuth values for comparison.
syncGal
syg
{domain} [{token}]
flushCache
fc
[skin|local|account|config|cos|domain|server|zimlet} [name1|id]
Flush cached LDAP entries for a type. See chapter, Flushing LDAP Cache
getAccountLogger
gal
[-s /--server hostname] {name@domain | id}
The following are zmprov commands that are specific to Zimbra IMAP/POP proxy.
--getAllReverseProxyURLs
-garpu
Used to publish into nginx.conf the servers that should be used for reverse proxy lookup
--getAllMtaAuthURLs
-gamau
Used to publish into saslauthd.conf the servers that should be used for saslauthd.conf MTA auth
--getAllMemcachedServers
-gamcs
Used to list memcached servers (for Zimbra Proxy use)
Examples
Create one account with a password that is assigned to the default COS.
zmprov ca name@domain.com password
Create one account with a password that is assigned to a specified COS. You must know the COS ID number. To find a COS ID, type zmprov gc <COSname>.
zmprov ca name@domain.com password zimbraCOS cosIDnumberstring
Create one account when the password is not authenticated internally.
zmprov ca name@domain.com ‘’
The empty single quote is required and indicates that there is no local password.
Using a batch process to create accounts, see Managing the zimbra Collaboration Suite chapter for the procedure.
Add an alias to an account.
zmprov aaa accountname@domain.com aliasname@domain.com
Create distribution list. The ID of the distribution list is returned.
zmprov cdl listname@domain.com
Add a member to a distribution list. Tip: You can add multiple members to a list from the administration console.
zmprov adlm listname@domain.com member@domain.com
Change the administrator’s password. Use this command to change any password. Enter the address of the password to be changed.
zmprov sp admin@domain.com password
Create a domain that authenticates against zimbra OpenLDAP.
zmprov cd marketing.domain.com zimbraAuthMech zimbra
Set the default domain.
zmprov mcf zimbraDefaultDomain domain1.com
To list all COSs and their attribute values.
zmprov gac -v
To list all user accounts in a domain (domain.com)
zmprov gaa domain.com
To list all user accounts and their configurations
zmprov gaa -v domain.com
To enable logger on a single server
zmprov +zimbraServiceEnabled logger
Then type zmloggerctl start, to start the logger.
To modify the purge interval, set zimbraMailPurgeSleepInterval to the duration of time that the server should “sleep” between every two mailboxes. Type:
zmprov ModifyServer <server-name> zimbraMailPurgeSleepInterval <Xm>
X is the duration of time between mailbox purges; m represents minutes. You could also set <xh> for hours.
Modify zimbraNewMailNotification to customize the notification email template. A default email is sent from Postmaster notifying users that they have received mail in another mailbox. To change the template, you modify the receiving mailbox account. The variables are
${SENDER_ADDRESS}
${RECIPIENT_ADDRESS}
${RECIPIENT_DOMAIN}
${NOTIFICATION_ADDRESSS}
${SUBJECT}
${NEWLINE}
You can specify which of the above variables appear in the Subject, From, or Body of the email. The following example is changing the appearance of the message in the body of the notification email that is received at name@domain.com. You can also change the template in a class of service, use zmprov mc. The command is written on one line.
zmprov ma name@domain.com zimbraNewMailNotificationBody ‘Important message from ${SENDER_ADDRESS}.${NEWLINE}Subject:${SUBJECT}’
zmprov Log Categories
 
        zimbra.account
Account operations
zimbra.acl
ACL operations
zimbra.backup
Backup and restore
zimbra.cache
Inmemory cache operations
zimbra.calendar
Calendar operations
zimbra.dav
DAV operations
zimbra.dbconn
Database connection tracing
zimbra.extensions
Server extension loading
zimbra.filter
Mail filtering
zimbra.gal
GAL operations
zimbra.im
Instant messaging operations
zimbra.imap
IMAP protocol operations
zimbra.index
Index operations
zimbra.io
Filesystem operations
zimbra.ldap
LDAP operations
zimbra.lmtp
LMTP operations (incoming mail)
zimbra.mailbox
General mailbox operations
zimbra.misc
Miscellaneous
zimbra.op
Changes to mailbox state
zimbra.pop
POP protocol operations
zimbra.redolog
Redo log operations
zimbra.security
Security events
zimbra.session
User session tracking
zimbra.smtp
SMTP operations (outgoing mail)
zimbra.soap
SOAP protocol
zimbra.sqltrace
SQL tracing
zimbra.store
Mail store disk operations
zimbra.sync
Sync client operations
zimbra.system
Startup/shutdown and other system messages
zimbra.wiki
Wiki operations
zimbra.zimlet
Zimlet operations
 
 
zmaccts
This command runs a report that lists all the accounts, their status, when they were created and the last time anyone logged on. The domain summary shows the total number of accounts and their status.
Syntax
zmaccts
zmcalchk
This command checks the consistency of appointments on the Zimbra calendar and sends an email notification regarding inconsistencies. For example, it checks if all attendees and organizers of an event on the calendar agree on start/stop times and occurrences of a meeting.
See the output of zmmailbox help appointment for details on time-specs.
Syntax
zmcalchk [-d] [-n <type>] <user> <start-time-spec> <end-time-spec>
Description
 
Short Name
Description
-d
Debugs verbose details
-m
Allows the user to specify the maximum number of attendees to check. The default value is 50.
-n
-n none |user |organizer |attendee |all
Send email notifications to selected users if they are out of sync for an appointment
 
 
zmcontrol (Start/Stop Service)
This command is run to start or to stop services. You can also find which version of the zimbra Collaboration Suite is installed.
Syntax
zmcontrol [ -v -h ] command [args]
Description
 
Long Name
Short Name
Description
 
-v
Displays ZCS software version.
 
-h
Displays the usage options for this command.
 
-H
Host name (localhost).
Command in...
maintenance
 
Toggle maintenance mode.
shutdown
 
Shutdown all services and manager on this host. When the manager is shutdown, you cannot query that status.
start
 
Startup manager and all services on this host.
startup
 
Startup manger and all services on this host.
status
 
Returns services information for the named host.
stop
 
Stop all services but leave the manager running.
 
 
 
zmcertmgr
The CLI command zmcertmgr is used to manage your certificates from the command line. You can use the administration console to easily view, update and install self-signed and commercial certificates. See the administration console help for more information about using this tool.
Syntax
zmcertmgr {attribute} [arg]
Description
 
Name
Syntax, Example, Notes
viewdeployedcrt
[all|ldap|mta|proxy|mailboxd]
View the deployed certificate.
viewstagedcrt
<self|comm> [certfile]
 
gencsr
<self|comm> [-new] [subject] [-subjectAltNames “host1,host2”]
Generate the certificate signing request.
install
<self|comm> [-new] [validation_days-]
Install either a self signed or commercial signed certificate
viewcsr
<self|comm> [csr_file]
View the certificate signing request information
verifycrt
<self|comm> [priv_key] [certfile]
 
zmgsautil
The CLI command zmgsautil can be used to create or delete the GAL sync account and to force syncing of the LDAP data to the GAL sync account.
A GAL sync account is created when the GAL is configured on a domain. This account is created and the polling interval for performing a full sync is managed from the administration console.
To see attributes and settings for a GAL sync account, run zmprov gds against the account.
 
Long Name
Description
createAccount
Creates the GAL sync account. This should be done from the administration console.
deleteAccount
Deletes the GAL sync account and the references to the LDAP server. The account can also be deleted from the administration console.
deleteAccount [-a {galsynceaccountname}|-i {account-id}]
trickleSync
This syncs new and updated contact data only.
trickleSync [-a {galsynceaccountname}|-i {account-id}] [-d {datasource-id}] [-n {datsource-name}]
The datasource ID the LDAP datasource ID. The datasource name is the name of the address book (folder) in the GAL account created to sync LDAP to.
A cron job can be set up to run trickleSync.
fullSync
This syncs all LDAP contact data. You can also set this from the administration console.
fullSync [-a {galsynceaccountname}|-i {account-id}] [-d {datasource-id}] [-n {datsource-name}]
forceSync
This should be used to reload the entire GAL if there is change in the filter, attribute mapping or LDAP server parameters.
forceSync [-a {galsynceaccountname}|-i {account-id}] [-d {datasource-id}] [-n {datsource-name}]
zmldappasswd
The CLI command zmldappasswd changes the LDAP password on the local server. In multi node environments, this command must be run on the LDAP master server only.
This CLI command used with options changes other passwords.
For better security and audit trails the following passwords are generated in ZCS:
LDAP Admin password. This is the master LDAP password. This is not new, but has been renamed.
LDAP Root password. This is used for internal LDAP operations.
LDAP Postfix password. This is the password used by the postfix user to identify itself to the LDAP serve and must be configured on the MTA server to be the same as the password on the LDAP master server.
LDAP Amavis password. This is the password used by the amavis user to identify itself to the LDAP server and must be configured on the MTA server to be the same as the password on the LDAP server.
LDAP Replication password. This is the password used by the LDAP replication user to identify itself to the LDAP master and must be the same as the password on the LDAP master server.
Syntax
opt/zimbra/bin/zmldappasswd [-h] [-r] [-p] [-l] new password
Description
 
Name
Syntax, Example, Notes
-h
Displays the help
-a
Changes ldap_amavis-password
-l
Changes ldap_replication_password
-p
Changes ldap_postfix_password
-r
Changes ldap_root_passwd
Only one of a, l, p, or r can be specified. If options are not included, the zimbra_ldap_password is changed.
zmlocalconfig
This command is used to set or get the local configuration for a zimbra server.
Syntax
zmlocalconfig [options]
To see the local config type zmlocalconfig
Description
Long Name
Short Name
Description
--config
-c
<arg> File in which the configuration is stored
--default
-d
Show default values for keys listed in [args]
--edit
-e
Edit the configuration file, change keys and values specified. The [args] is in the key=value form.
--force
-f
Edit the keys whose change is known to be potentially dangerous
--help
-h
Shows the help for the usage options for this tool
--info
-i
Shows the documentation for the keys listed in [args]
--format
-m
<arg> Shows the values in one of these formats: plain (default), xml, shell, nokey.
--changed
-n
Shows the values for only those keys listed in the [args] that have been changed from their defaults
--path
-p
Shows which configuration file will be used
--quiet
-q
Suppress logging
--random
-r
This option is used with the edit option. Specified key is set to a random password string.
--show
-s
Forces the display of the password strings
--unset
-u
Remove a configuration key. If this is a key with compiled-in defaults, set its value to the empty string.
--expand
-x
Expand values
zmmailbox
The zmmailbox tool is used for mailbox management. The command can help administrators provision new mailboxes along with accounts, debug issues with a mailbox, and help with migrations.
You can invoke the zmmailbox command from within the zmprov command. You enter selectMailbox within zmprov to access the zmmailbox command connected to that specified mailbox. You can then enter zmmailbox commands until you type exit. Exit returns you to zmprov. This is useful when you want to create accounts and also pre-create some folders, tags, or saved searches at the same time.
Syntax
zmmailbox [args] [cmd] [cmd-args ...]
Description
 
Short Name
Long Name
Syntax, Example, and Notes
-h
--help
display usage
-f
--file
use file as input stream
-u
--url
http[s]://{host}[:{port}] server hostname and optional port. Must use admin port with -z/-a
-a
--account {name}
account name to auth as
-z
--zadmin
use zimbra admin name/password from localconfig for admin/password
-y
--authtoken (authtoken)
use authtoken string (has to be in JSON format) from command line
-Y
--authtoken (authtoken file)
use authtoken string (has be in JSON format) from command line
-m
--mailbox
mailbox to open
-p
--password {pass}
password for admin account and or mailbox
-P
--passfile {file}
read password from file
-v
--verbose
verbose mode (dumps full exception stack trace)
 
-d
--debug
debug mode (dumps SOAP messages)
Specific CLI tools are available for the different components of a mailbox. Usage is described in the CLI help for the following.
 
zmmailbox help admin
help on admin-related commands
zmmailbox help commands
help on all commands
zmmailbox help contact
help on contact-related commands (address book)
zmmailbox help conversation
help on conversation-related commands
zmmailbox help folder
help on folder-related commands
zmmailbox help item
help on item-related commands
zmmailbox help message
help on message-related commands
zmmailbox help misc
help on miscellaneous commands
zmmailbox help search
help on search-related commands
zmmailbox help tag
help on tag-related commands
Examples
When you create an account, you may want to pre-create some tags and folders. You can invoke zmmailbox inside of zmprov by using “selectMailbox(sm)”
 
domain.example.com$ /opt/zimbra/bin/zmprov
prov> ca user10@domain.example.com test123
9a993516-aa49-4fa5-bc0d-f740a474f7a8
prov> sm user10@domain.example.com
mailbox: user10@domain.example.com, size: 0 B, messages: 0, unread: 0
mbox user10@domain.example.com> createFolder /Archive
257
mbox user10@domain.example.com> createTag TODO
64
mbox user10@domain.example.com> createSearchFolder /unread "is:unread"
258
mbox user10@domain.example.com> exit
prov>
To find the mailbox size for an account
zmmailbox -z-m user@example.com gms
zmtlsctl
This command is used to set the Web server mode to the communication protocol options: HTTP, HTTPS, Mixed, Both and Redirect.
Mixed mode redirects to HTTPS for login and HTTP for normal session traffic.
Both mode means that an HTTP session stays HTTP, including during the log in phase, and an HTTPS session remains HTTPS throughout, including the log in phase.
Redirect mode redirects any users connecting via HTTP to a HTTPS connection.
All modes use SSL encryption for back-end administrative traffic.
Mailboxd has to be stopped and restarted for the change to take effect.
Note: If you switch to HTTPS, you use the self-signed certificate generated during ZCS installation, in /opt/zimbra/ssl/zimbra/server/server.crt.
Syntax
zmtlsctl [mode]
mode = http, https, mixed, both, redirect
Steps to run
 
1.
Type zmtlsctl [mode].
2.
Type zmmailboxdctl stop.
3.
When mailboxd is stopped, type zmmailboxdctl start.
 
 
zmmetadump
This command is a support tool that dumps the contents of an item’s metadata in a human readable form.
Syntax
zmmetadump -m <mailbox id/email> -i <item id>
or zmmetadump -f <file containing encoded metadata>
zmmypasswd
This command is used to change zimbra_myql_password. If the --root option is specified, the mysql_root_passwd is changed. In both cases, MySQL is updated with the new passwords. Refer to the MySQL documentation to see how you can start the MySQL server temporarily to skip grant tables, to override the root password. This requires a restart for the change to take effect.
Syntax
zmmypasswd [--root] <new_password>.
zmproxyconfgen
This command generates the nginx proxy configuration files. It reads LDAP settings to replace template variables and generates the final nginx configuration.
Syntax
ProxyConfGen [options]
Description
 
Long Name
Short Name
Description
--config
-c
<arg> Overrides a config variable. The <arg> format should be name=value. To see a list of names, use -d or -D
--defaults
-d
Prints the default variable map
--definitions
-D
Prints the Definitions variable map after loading LDAP configuration and processing overrides
--help
-h
Displays help information
--include-dir
-i
<arg> Displays the directory path (relative to $workdir/conf), where included configuration files are written
--dry-run
-n
Specifies not to write configuration and only display the files that would be written
--prefix
-p
<arg> Displays the config file prefix. The default value is nginx.conf
--template-prefix
-P
<arg> Displays the template file prefix. The default value is $prefix
--server
-s
<arg> Specifies a valid server object. Configuration is generated based on the specified server’s attributes. The default is to generate configuration based on global configuration values
--templatedir
-t
<arg>Specifies the proxy template directory. The default value is $workdir/conf/nginx/templates
--verbose
-v
Displays verbose data
--workdir
-w
<arg> Specifies the proxy working directory. The default value is /opt/zimbra
zmproxypurge
This command purges POP/IMAP proxy routing information from one or more memcached servers. Available memcached servers are discovered by the zmprov gamcs function. Others can be specified if necessary using the server port.
Syntax
ProxyPurgeUtil [-v] [-i] -a account [-L accountlist] [cache1 [cache2...]]
Description
 
Long Name
Short Name
Description
--help
-h
Shows the help for the usage options for this tool.
--verbose
-v
Displays verbose data
--info
-i
Displays account routing information
--account
-a
Displays account name
--list
-L
Displays file containing list of accounts, one per line
--output
-o
Specifies the format to be used for printing routing information with information. The fields that display by default are
cache server
account name
route information
cacheN
 
(optional command) Specifies additional memcache server in the form of server:port
zmskindeploy
This command simplifies the process of deploying skins in ZWC. This tool processes the skin deployment, enables the skin for all users of the ZWC deployment, and restarts the web server so that it recognizes the new skin.
For more information about this tool, see http://wiki.zimbra.com/index.php?title=About_Creating_ZCS_Themes
Syntax
zmskindeploy <path/to/skin/dir/or/zipfile>
zmsoap
Prints mail, account, and admin information in the SOAP format.
Syntax
zmsoap [options] <path1 [<path2>...]
Description
 
Long Name
Short Name
Description
--help
-h
Prints usage information
--mailbox
-m
<name> Displays mailbox account name. Mail and account requests are sent to this account.
This attribute is also used for authentication if -a and -z are not specified
--target
 
<name>Displays the target account name to which the requests are sent. Used only for non-admin sessions
--admin name
-a
<name>Displays the admin account name to authenticate as
--zadmin
-z
Displays the Zimbra admin name and password to authenticate as
--password
-p
<pass>Displays account password
--passfile
-P
<path> Reads password from a file
--element
-e
<path> Displays the root element path. If specified, all path arguments that do not start with a slash (/) are relative to this element
--type
-t
<type> Displays the SOAP request type. Can either be mail, account, or admin
--url
-u
<http[s]://...> Displays the server hostname and optional port value
--verbose
-v
Prints the SOAP request and other status information
path
 
<[path...]> Displays the element or attribute path and value. Roughly follows the XPath syntax as:
[/]element1[/element2][/@attr][=value]
zmstat-chart
This command is used to collect statistical information for the CPU, IO, mailboxd, MTAqueue, MySQL, and other components and to run a script on the csv files to display the usage details in various charts. These csv files are saved to /opt/zimbra/zmstat/.
You must enable zmstat to collect the performance charts data.
To enable zmstat for charting on each server
 
1.
Enter zmprov ms {hostname} zimbraServerEnable : stats.
2.
Restart the server, enter
zmcontrol stop
zmcontrol start
Syntax
zmstat-chart -s <arg> -d <arg> [options]
Description
 
Long Name
Short Name
Description
--aggregate-end-at
 
<arg> If this is specified, the aggregate computation ends at this timestamp. Usage is MM/dd/yyyy HH:mm:ss.
--aggregate-start-at
 
<arg> If this is specified, the aggregate computation starts at this timestamp. Usage is MM/dd/yyyy HH:mm:ss.
--end-at
 
<arg> If this is specified, all samples after the specified timestamp are ignored. Usage is MM/dd/yyyy HH:mm:ss.
--start-at
 
<arg> If this is specified, all samples before this timestamp are ignored.
--title
 
<arg> This gives the chart a title that displays. Defaults to the last directory name of srcdir.
--no-summary
 
Summary data generation is not included.
--conf
-c
<arg> Chart the configuration xml files.
--destdir
-d
<arg> The directory where the generated chart files are saved.
--srcdir
 
One or more directories where the csv files are located. The csv files are moved to directories listed by date under zmstat/.
zmstat-chart-config
This command generates an xml file /opt/zimbra/conf/zmstat-chart.xml from a template, taking into account the server setup including the LDAP node and the processes run, among other specifications.
zmstatctl
This is a control script for checking zmstat data collectors. It starts or stops monitoring processes, checks status or rotates logs.
Syntax
zmstatctl start|stop|status|rotate
zmthrdump
This command invokes a thread dump in the ZCS server process and prints the output file. It also gives the option of saving the thread dump to a file and inserts a timestamp on the logfile.
Syntax
zmthrdump [-h] [-i] [-t <timeout seconds>] [-p <pid file>] [-f <file>] [-o <out-file>]
Description
 
Short Name
Description
-h
Displays help messages
-i
Appends the timestamp to the LOGFILE before invoking SIGQUIT
-p
Returns the PID to send SIGQUIT. The default value can be found in zmmailboxd_java.pid
-f
Specifies the LOGFILE to save the thread dump output in. The default value is zmmailbox.out
-o
Specifies the output file of the thread dump. The default value is stdout
-t
Specifies the timeout value (in seconds) to exit if the process becomes unresponsive. The default value is 30 seconds.
zmtrainsa
This command is used to train the anti-spam filter. This command is run automatically every night to train the SpamAssasin filter from messages users mark as “junk” “not junk” from their mailbox. See Anti-Spam Training Filters.
The zmtrainsa command can be run manually to forward any folder from any mailbox to the spam training mailboxes. If you do not enter a folder name when you manually run zmtrainsa for an account, for spam, the default folder is Junk. For ham, the default folder is Inbox.
Syntax
zmtrainsa <user> spam|ham [folder]
zmtzupdate
This command is used to update time zone changes in existing appointments for specific users or all users. A .ics rule file should first be created to run with this command. A rule file lists a series of rules to match a time zone and the replacement time zone definitions. More information about this command can be found at http://wiki.zimbra.com index.php?title=Changing_ZCS_Time_Zones
Syntax
zmtzupdate --rulefile <rule file> -a <“all” or list of specific email addresses> [--sync] [--after <date/time stamp>]
Description
Long Name
Short Name
Description
--account
-a
<arg> account email addresses separated by a white space. Use “all” for all accounts to be updated
--after
 
<arg> Appointments occurring after the specified date/time in this field are updated. The default cut off time is January 1st, 2008
--help
-h
Displays help information
--rulefile
 
Specifies the .ics XML file that should be used to update time zone definitions
--server
-s
<arg> Specifies the mail server hostname. The default value is localhost
--sync
 
If specified, this option causes the zmtzupdate command to block till the server processes all requested accounts. The default value is no.
zmvolume
This command can be used to manage storage volumes from the CLI. Volumes can be easily managed from the administration console, Server, Volume tab.
Syntax
zmvolume {-a|-d|-l|-e|-dc|-sc} [options]
Description
 
Long Name
Short Name
Description
--add
-a
Adds a volume
--compress
-c
<arg> Compress BLOBs; “true” or “false”
--compressionThreshold
-ct
Compression threshold; default 4KB
--delete
-d
Deletes a volume
--displayCurrent
-dc
Displays the current volume
--edit
-e
Edits a volume
--help
-h
Shows the help for the usage options for this tool.
--id
-id
<arg> Volume ID
--list
-l
Lists volumes
--name
-n
<arg> Volume name
--path
-p
<arg> Root path
--server
-s
<arg> Mail server hostname. Default is localhost.
--setCurrent
-sc
Sets the current volume
--type
-t
<arg> Volume type (primaryMessage, secondaryMessage, or index)
--turnOffSecondary
-ts
Turns off the current secondary message volume
zmzimletctl
This command is used to manage Zimlets and to list all zimlets on the server. See Working with Zimlets. Most Zimlet deployment can be competed from the zimbra administration console.
Syntax
zmzimletctl {-l} {command} <zimlet.zip|config.xml|zimlet>Description
Long Name
Short Name
Description
deploy
 
<zimlet.zip> Creates the Zimlet entry in the LDAP server, installs the zimlet files on the Server, grants, access to the members of the default COS, and turns on the Zimlet
undeploy
 
<zimlet> Uninstall a zimlet from the zimbra server
install
 
<zimlet.zip> Installs the Zimlet files on the host
ldapDeploy
 
<zimlet> Adds the Zimlet entry to the LDAP
enable
 
<zimlet> Enables the Zimlet
disable
 
<zimlet> Disables the Zimlet
acl
 
<zimlet> <cos1> {grant|deny} [<cos2> {grant|deny}...] Sets the access control, grant|deny, to a COS
listAcls
 
<zimlet> Lists the ACLs for the Zimlets
listZimlets
 
View details about all Zimlets on the server
getConfigTemplate
 
<zimlet.zip> Extracts the configuration template from the Zimlet.zip file
configure
 
<config.xml>Installs the configuration
listPriority
 
Shows the current Zimlet priorities (0 is high, 9 is low)
 
setPriority
 
<zimlet> Sets the Zimlet priority
 
zmproxyconfig
This command is used to manage Zimbra proxy and should only be used when you have to make changes to Zimbra proxy after it has been installed. See Chapter 6, Working with Zimbra Proxy.
Syntax
./zmproxyconfig [-h] [-o] [-m] [-w] [-d [-r] [-s] [-a w1:w2:w3:w4] [-i p1:p2:p3:p4] [-p p1:p2:p3:p4] [-x mailmode]] [-e [-a w1:w2:w3:w4] [-i p1:p2:p3:p4] [-p p1:p2:p3:p4] [-x mailmode]] [-f] -H hostname
Description
 
Short Name
Description
-h
Displays help messages
-H
Hostname of the server on which enable/disable proxy functionality
-a
Colon separated list of Web ports to use. Format: HTTP-STORE:HTTP-PROXY:HTTPS-STORE:HTTPS-PROXY (Ex: 8080:80:8443:443)
-d
Disable proxy
-e
Enable proxy
-f
Full reset on memcached port and search queries and POP/IMAP throttling
-i
Colon separated list of IMAP ports to use. Format: IMAP-STORE:IMAP-PROXY:IMAPS-STORE:IMAPS-PROXY (Ex: 7143:143:7993:993)
-m
Toggle mail proxy portions
-o
Override enabled checks
-p
Colon separated list of POP ports to use. Format: POP-STORE:POP-PROXY:POPS-STORE:POPS-PROXY (Ex: 7110:110:7995:995)
-r
Run against a remote host. Note that this requires the server to be properly configured in the LDAP master
-s
Set Cleartext to FALSE (secure mode) on disable
-t
Disable reverse proxy lookup target for the store server. Only valid with -d. Make sure that you intend for all proxy functions for the server to be disabled.
-w
Toggle Web proxy portions
-x
zimbraMailMode to use on disable (Default is HTTP)
hostname is the value of the zimbra_server_hostname LC key for the server being modified.
Required options are -f by itself, or -f with -d or -e
Note that
-d or -e require one or both of -m and -w.
-i or -p require -m.
-a requires -w.
-x requires -w and -d for store.
-x requires -w for proxy.
The following are the defaults for -a, -i, -p, and -x if they are not supplied as options.
-a default on enable: 8080:80:8443:443
-a default on disable: 80:0:443:0
-i default on enable: 7143:143:7993:993
-i default on disable: 143:7143:993:7993
-p default on enable: 7110:110:7995:995
-p default on disable: 110:7110:995:7995
-x default on store disable: http
-x default on proxy enable/disable: http
 
Appendix A Command-Line Utilities : Zimbra CLI Commands

Table of Contents Previous Next Index
ZCS Administrator's Guide Open Source Edition 6.0, Rev 1
Copyright © 2009 Zimbra Inc.