 sample script auto syncronize ad user
#!/bin/bash
# zsync_ad.sh is a script thant syncs AD users and Zimbra users
LDAPSEARCH=/usr/bin/ldapsearch
ZMPROV=/opt/zimbra/bin/zmprov
DOMAIN_NAME="nuclearmalaysia.gov.my"
TIMESTAMP=`date +%N`
TMP_DIR=/tmp
ADS_TMP=$TMP_DIR/users_ads_$TIMESTAMP.lst
ZCS_TMP=$TMP_DIR/users_zcs_$TIMESTAMP.lst
DIF_TMP=$TMP_DIR/users_dif_$TIMESTAMP.lst
# Server values
LDAP_SERVER="ldap://192.168.46.129"
BASEDN="DC=nuclearmalaysia,DC=gov,DC=my"
BINDDN="CN=ldapbind,DC=nuclearmalaysia,DC=gov,DC=m y"
BINDPW="password"
FILTER="(&(sAMAccountName=*)(objectClass=user)(giv enName=*))"
FIELDS="mail displayName"
# Extract users from ADS
echo -n "Quering ADS... "
$LDAPSEARCH -x -H $LDAP_SERVER -b $BASEDN -D "$BINDDN" -w $BINDPW "$FILTER" $FIELDS | \
grep "@$DOMAIN_NAME" | \
awk '{print $2}' | \
sort > $ADS_TMP
echo "Found `cat $ADS_TMP | wc -l` users ($ADS_TMP)"
# Extract users from ZCS
echo -n "Quering ZCS... "
$ZMPROV gaa $DOMAIN_NAME > $ZCS_TMP
echo "Found `cat $ZCS_TMP | wc -l` users ($ZCS_TMP)"
# Generate diff
echo "Generating diff file ($DIF_TMP)"
diff -u $ZCS_TMP $ADS_TMP | grep "$DOMAIN_NAME" > $DIF_TMP
# Clean up users list
# rm -f $ADS_TMP $ZCS_TMP
# Import new users
echo -n "New users: "
cat $DIF_TMP | grep ^+ | wc -l
for i in $(cat $DIF_TMP | grep ^+ | sed s/^+//g);
do
echo -n " - Adding $i ";
display_name=`$LDAPSEARCH -x -H $LDAP_SERVER -b $BASEDN -D "$BINDDN" -w $BINDPW mail=$i displayName | \
grep "displayName:" | awk -F: '{print $2}'`
echo $i"|"$display_name
$ZMPROV createAccount $i passwd displayName "$display_name" > /dev/null;
RES=$?
if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
done
# Delete old users
# echo -n "Old users: "
# cat $DIF_TMP | grep ^- | wc -l
# for i in $(cat $DIF_TMP | grep ^- | sed s/^-//g);
# do
# echo -n " - Deleting $i ";
# $ZMPROV deleteAccount $i > /dev/null;
# RES=$?
# if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
# done
# Clean up diff list
# rm -f $DIF_TMP  |