Zimbra

jaredo · #1 (**permalink**) 10-03-2008, 07:47 AM

Hello, I'm looking for a way to reset ALL user passswords at once, without manually selecting them one by one in the admin console. Selecting more than one user disables the reset password function, so I'm looking for an alternative.

Any suggestions?

Thanks

bdial · #2 (**permalink**) 10-03-2008, 09:07 AM

you could do it thorugh some like bash scripting in the command line. like if you want the password set to temppass

disclaimer: this code is meant for example purposes. it may not work, and it's probably not very efficient. it's just meannt to give you an idea

Code:

#!/bin/bash

for i in `zmprov gaa`
do
  zmprov sp $i temppass
done

jaredo · #3 (**permalink**) 10-03-2008, 09:14 AM

Actually that helps a lot

Thanks!

xtrenge · #4 (**permalink**) 10-17-2011, 11:51 AM

Jaredo, it's been a while since the last post, but can you help me on your solution? because i'm looking the same, but with no results..

for a better understanding of what i did... i use this scripts -> Script for Export-Import Zimbra Mail Server Account & Password, and this script has added to my new server an unknown passwords...

thanks a lot !!

p.s. i forgot to say that i need to use this script in zimbra 7 open x64.

LHammonds · #5 (**permalink**) 10-17-2011, 06:39 PM

Try this bash script but be sure to set the correct domain name:

list.sh

Code:

#!/bin/bash
MYDOMAIN="domain.com"
NEWPASS="newpass"
TEMPFILE="/tmp/list.txt"
CMDFILE="/tmp/changepw.cmd"

# Create the work files and set appropriate permissions.
touch ${TEMPFILE}
touch ${CMDFILE}
chmod 0600 ${TEMPFILE}
chmod 0600 ${CMDFILE}

# This will create a list of users in Zimbra for the specified domain.
su - zimbra -c "zmprov -l getAllAccounts ${MYDOMAIN} > ${TEMPFILE}"

# This will loop through the users and create a password reset command file.
while read -a LINE ; do
  echo "modifyAccount ${LINE[0]] userPassword ${NEWPASS}" >> ${CMDFILE}
done < ${TEMPFILE}
rm ${TEMPFILE}

----------------------------------------------------------------------------------------------------
EDIT for clarification:

Once you create list.sh, make sure you set the correct permissions on the script such as

Code:

chmod 0755 list.sh

If you are logged in as the root user, run the command like this:

Code:

./list.sh

If you are not the root user, run the command like this:

Code:

sudo ./list.sh

----------------------------------------------------------------------------------------------------

Now take a look at the /tmp/changepw.cmd file and see if it contains a list of change password commands for all your users in Zimbra. If so, good. We can use that list to reset everyone's accounts. But you might want to go through that file and remove anyone you do not want the password reset...such as admin and the service accounts for spam and whatnot.

Once you are satisfied with the list, simply run the following at the command prompt as the Zimbra user:

Code:

zmprov < /tmp/changepw.cmd

If you plan to run this periodically via a schedule, you can add the following command at the end of the above script:

Code:

su - zimbra -c "zmprov < ${CMDFILE}"

But if you do automate it, you need to be sure to also automate the removal of any IDs you manually removed from the list during this process. It would also be a good idea to add rm ${CMDFILE} to the very end as well to cleanup what was created.

LHammonds

xtrenge · #6 (**permalink**) 10-18-2011, 02:19 PM

Hi ! Thanks for your fast help, let me use this script and i'll reply again

xtrenge · #7 (**permalink**) 10-18-2011, 02:31 PM

hello again... i use your script but after a couple of times with error i change a key in list.sh ..

Code:

#!/bin/bash
MYDOMAIN="domain.com"
NEWPASS="newpass"
TEMPFILE="/tmp/list.txt"
CMDFILE="/tmp/changepw.cmd"

# Create the work files and set appropriate permissions.
touch ${TEMPFILE}
touch ${CMDFILE}
chmod 0600 ${TEMPFILE}
chmod 0600 ${CMDFILE}

# This will create a list of users in Zimbra for the specified domain.
sudo su zimbra -c "zmprov -l getAllAccounts ${MYDOMAIN} > ${TEMPFILE}"

# This will loop through the users and create a password reset command file.
while read -a LINE ; do
  echo "modifyAccount ${LINE[0]} userPassword ${NEWPASS}" >> ${CMDFILE}
done < ${TEMPFILE}
rm ${TEMPFILE}

but with same error i don't know if i'm doing wrong i just run the bash script with

Code:

# bash list.sh

like root and only create .cmd file but in blank

Code:

bash: /tmp/list.txt: Permission denied

thanks again.

LHammonds · #8 (**permalink**) 10-18-2011, 07:13 PM

If you are getting a permission denied error, then you are not running it as a user with sufficient permissions to the /tmp folder.

Either change the tmp path to someplace you can write to or run it with the root-level access. You might have to use root-level access anyway to access the zmprov utility. I'm still too new to all this to know all the possibilities.

Example:

Code:

sudo ./list.sh

All the scripts I've been writing have been with the root user in mind since I plan on them running on a schedule.

LHammonds

xtrenge · #9 (**permalink**) 10-19-2011, 02:11 PM

thanks LHammonds i've been doing this and with no reason i can't execute or even worst i can't create txt file with root user or a sudo comand like you said i get

Code:

$ sudo ./list.sh
sudo: ./list.sh: command not found

so i think that there's no reason to create the .cmd and not the .txt file, i change the location of txt file to the home admin or anywhere else with user root or another user...

Code:

~$ sudo bash list.sh
bash: list.txt: Permission denied

Code:

root@mail:/home/administrador# bash list.sh
bash: list.txt: Permission denied

Code:

administrador@mail:~$ sudo bash list.sh
bash: list.txt: Permission denied

p.s. i create a folder for root

Code:

drwxr-xr-x   2 root root  4096 2011-10-19 13:57 temp

Code:

-rw-r--r-- 1 root          root                600 2011-10-19 13:57 list.sh

and result:

Code:

root@mail:/home/administrador# bash list.sh
bash: /temp/list.txt: Permission denied

did i miss something? thanks

LHammonds · #10 (**permalink**) 10-20-2011, 08:15 AM

The /tmp folder should already be there with the correct permissions. This is a special folder that is purged each time the server reboots and is a good location for temporary files.

The /tmp folder should look like this:

Code:

drwxrwxrwt   4 root root  4096 2011-10-20 10:12 tmp

The permissions on the folder you created (/temp) should be sufficient for the root user to do anything. But any other user will not be able to create or modify files in that folder. If you fix the script permissions (below) and you still see deny permission to /temp, they you are not running the script as root user.

The problem with your script is that it has the incorrect permissions. It should look like this:

Code:

-rwxr-xr-x 1 root          root                600 2011-10-19 13:57 list.sh

You are missing the "x" which is the "execute" permission.

To fix the permissions, type this:

Code:

chmod 0755 list.sh

The above command will allow anyone to execute that script as long as they have access to the location where it is stored. However, if you only want root to have access, simply change the permissions like this:

Code:

chmod 0700 list.sh

File permissions are necessary for understanding and administering a Linux server. Here is some further reading I recommend: File Permissions

LHammonds

Zimbra

Downloads

Product Information

Toolbox

Why Join?