| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
03-23-2011, 12:51 PM
| | |
Quote:
Originally Posted by cocasal  Hello all,
I have 2 questions, first, what is the last version/state of this great script?
Second, does it works with an OpenLDAP domain?
Thanks | Hi there.
Last and stable version of my script i plase here Zimbra+LDAP | www.ossportal.ru
but there is only russian text. But if you anderstand how it work i thnik it would be yase to understand what that script do  .
in two words:
in AD you have
samaccountname vasia
mail dudik@mail.com
in Zimbra after the script you have
login vasia@mail.com
alias dudik@mail.com
that what you have before and after.
And i think it whil be works and in OPENLDATP.
because OPLDAP have the same comands.
P.S. have a nice day. G.L.
Last edited by DruGoeDeLo; 03-23-2011 at 10:43 PM..
|
01-31-2012, 09:36 PM
| | |  perl script import users AD
Первоисточник OpenNET:
корректно переносит русские имена в zimbra
import group Code: #!/usr/bin/perl
use Net::LDAP;
use Net::LDAP::Control::Sort;
use Net::LDAP::Constant qw(LDAP_CONTROL_SORTRESULT);
#AD
my $domain="mail_domain.com";
my $AD_server="xxx.xxx.xxx.xxx";
my $AD_user="user_ad\@ad_domain.local";
my $AD_pass="user_ad_passwd";
my $AD_base="dc=ad_domain,dc=local";
#Zimbra
my $LDAP_server="yyy.yyy.yyy.yyy";
my $LDAP_user="uid=admin_zimbra,cn=admins,cn=zimbra";
my $LDAP_pass="admin_zimbra_passwd";
my $LDAP_base="dc=mail_domain,dc=com";
#use utf8;
my %LDAP=(),%AD=();
open(PIPE,'|/opt/zimbra/bin/zmprov -l');
sub PrintMembers
{
my $dn = @_[0];
my $group_mail = @_[1];
# print "dn=$dn group_mail=$group_mail\n";
my $type="user";
my $ldap = Net::LDAP->new($AD_server);
$ldap->bind($AD_user, password=>$AD_pass);
my $sortc = Net::LDAP::Control->new( LDAP_CONTROL_SORTREQUEST,
order => 'name');
my $mesg = $ldap->search(filter=>"(distinguishedName=$dn)",
base=>$AD_base,control => ['name'] ,control => [ $sortc ],
attrs=> ['objectClass','name','distinguishedName','member','mail'] );
@entries = $mesg->entries;
foreach $entry (@entries) {
my $member=$entry->get_value(member);
my $objectClass=$entry->get_value(objectClass);
my $name=$entry->get_value(name);
my $mail=$entry->get_value(mail);
# print "name=$name\n\n";
foreach my $vals ($entry->get_value(objectClass))
{
if ("$vals" eq "group")
{
$type="group";
}
}
if ("$type" eq "group") # если группа распечатать всех
{
foreach my $vals ($entry->get_value(member))
{
PrintMembers($vals,"$group_mail");
}
}
else { #иначе вывести только имена
if (length($mail)>0) {
# print "$group_mail member -- $mail \n";
$AD{$group_mail}{$mail} = $mail;
}
}
}
$ldap->unbind();
return $i;
}
my $ldap = Net::LDAP->new($AD_server);
$ldap->bind($AD_user, password=>$AD_pass);
my $mesg = $ldap->search(filter=>"(&(objectClass=group)(mail=*\@$domain))",
base=>$AD_base,
attrs=> ['member','name','distinguishedName','mail'] );
my @entries = $mesg->entries;
foreach $entry (@entries) {
my $group_mail=$entry->get_value(mail);
my $dn= $entry->get_value(distinguishedName);
my $name=$entry->get_value(name);
# print "--------GROUP $group_mail-------\n";
PrintMembers($dn,"$group_mail");
}
#это просто файл куда пишутся комманды которые выполнились в zmpro для отладки
open (FILE, ">commands.list");
print "\n--------ZIMBRA groups--------\n";
$ldap = Net::LDAP->new($LDAP_server);
$ldap->bind($LDAP_user, password=>$LDAP_pass);
$mesg = $ldap->search(filter=>"(objectClass=zimbraDistributionList)",
base=>$LDAP_base,
attrs=> ['mail', 'cn','zimbraMailForwardingAddress'] );
my $name,$sn,$mail,$department,$company,$sAMAccountName;
@entries = $mesg->entries;
foreach $entry (@entries) {
$cn=$entry->get_value(cn);
$group_mail=$entry->get_value(mail);
@members=$entry->get_value(zimbraMailForwardingAddress);
#delete empty groups
if ($#members==-1) {
print FILE "ddl $group_mail\n";
print PIPE "ddl $group_mail\n";
}
else {
foreach $mail (@members) {
$LDAP{$group_mail}{$mail} = $mail;
# print FILE "LDAP___$group_mail $mail\n";
}
}
}
#print "-------Удаляем одинаковые значения\n";
while(my ($k,$v)=each(%AD)) {
while(my ($k2,$v2)=each(%{$AD{$k}})) {
#print "$k $k2\n";
if (defined ($LDAP{$k})) {
if (defined ($LDAP{$k}{$k2})) {
delete $LDAP{$k}{$k2};
delete $AD{$k}{$k2};
}
}
}
}
#print "------ Удаляем группы которых нету в АД";
while(my ($k,$v)=each(%LDAP)) {
# print "\n$k $k2\n";
if (!(defined ($AD{$k}))) {
print FILE "ddl $k\n";
print PIPE "ddl $k\n";
}
else {
while(my ($k2,$v2)=each(%{$LDAP{$k}})) {
print FILE "rdlm $k $k2\n";
print PIPE "rdlm $k $k2\n";
}
}
}
while(my ($k,$v)=each(%AD)) {
print FILE "cdl $k\n";
print PIPE "cdl $k\n";
while(my ($k2,$v2)=each(%{$AD{$k}})) {
print FILE "adlm $k $k2\n";
print PIPE "adlm $k $k2\n";
}
}
close(FILE);
close(PIPE); import users Code: #!/usr/bin/perl
use Net::LDAP;
use utf8;
use Encode;
#my @domains=("domain1.ru","domain2.net","domain.su");
my @domains=("mail_domain.com");
my $domain="";
my $zmprov="/opt/zimbra/bin/zmprov -l";
#AD
my $AD_server="xxx.xxx.xxx.xxx";
my $AD_user="user_ad\@ad_domain.local";
my $AD_pass="user_ad_passwd";
my $AD_base="dc=ad_domain,dc=local";
#Zimbra
my $LDAP_server="yyy.yyy.yyy.yyy";
my $LDAP_user="uid=admin_zimbra,cn=admins,cn=zimbra";
my $LDAP_pass="admin_zimbra_passwd";
my $LDAP_base="";
my $LDAP_ad_base="";
my @LDAP_bases;#=("dc=mail_domain,dc=com");
my %LDAP=(),%AD=();
#генерим на основе списка доменов список для поиска и список баз
for ($i=0;$i<=$#domains;$i++) {
$AD_search=$AD_search."(mail=*\@@domains[$i])";
my @temp=split(/\./,@domains[$i]);
for ($j=0;$j<=$#temp;$j++) {
if (length(@LDAP_bases[$i])==0) {
@LDAP_bases[$i]="dc=@temp[$j]";
}else {
@LDAP_bases[$i]=@LDAP_bases[$i].",dc=@temp[$j]";
}
}
}
$AD_search="(|$AD_search)";
print "AD_search=$AD_search\n";
print "LDAP_bases=\"@LDAP_bases\"\n";
my %LDAP=(),%AD=();
#----------AD
$ldap = Net::LDAP->new($AD_server);
$ldap->bind($AD_user, password=>$AD_pass);
$mesg = $ldap->search(filter=>"(&(objectclass=user)$AD_search(!(userAccountControl:1.2.840.113556.1.4.803:=2)))",
base=>$AD_base,
attrs=> ['sAMAccountName','displayName','sn', 'givenname', 'initials','department','description','userAccountControl','mail','company','telephoneNumber']);
@entries = $mesg->entries;
foreach $entry (@entries) {
my $name,$sn,$mail,$department,$company,$sAMAccountName;
$id=$entry->get_value(sAMAccountName);
$id=lc($id);
$displayName=$entry->get_value(displayName);
$sn=$entry->get_value(sn);
# print "--$sn\n";
$givenname=$entry->get_value(givenname);
$initials=$entry->get_value(initials);
$department=$entry->get_value(department);
$description=$entry->get_value(description);
$userAccountControl=$entry->get_value(userAccountControl);
$mail=$entry->get_value(mail);
$mail=lc($mail);
$telephoneNumber=$entry->get_value(telephoneNumber);
$company=$entry->get_value(company);
$disabled=false;
if (length($mail)>0) {
# print "AD MAIL=$mail\n";
# $i=index($mail,"\@");
$domain=substr($mail,index($mail,"\@")+1);
$AD{$id}{domain} = $domain;
$AD{$id}{mail} = $mail;
}
if (length($displayName)>0) {
$AD{$id}{displayName} = $displayName;
}
if (length($sn)>0) {
$AD{$id}{sn} = $sn;
}
if (length($givenname)>0) {
$AD{$id}{givenname} = $givenname;
}
if (length($initials)>0) {
$AD{$id}{initials} = $initials;
}
if (length($description)>0) {
$AD{$id}{description} = $description;
}
if (length($disabled)>0) {
$AD{$id}{disabled} = $disabled;
}
if (length($telephoneNumber)>0) {
$AD{$id}{telephoneNumber} = $telephoneNumber;
}
if (length($company)>0) {
$AD{$id}{company} = $company;
}
}
#---------- zimbra ldap
print "\nZIMBRA\n";
$ldap2 = Net::LDAP->new($LDAP_server);
$ldap2->bind($LDAP_user, password=>$LDAP_pass);
#прогоняем все почтовые домены
for ($i=0;$i<=$#LDAP_bases;$i++) {
$mesg = $ldap2->search(filter=>"(&(objectClass=zimbraAccount)(!(userPassword=*))(!(zimbraCalResType=*)))",
base=>@LDAP_bases[$i],
attrs=> ['uid', 'displayName','sn','givenname','sn','mail','initials','description','zimbraPrefFromAddress','zimbraMailDeliveryAddress','zimbraAccountStatus','telephoneNumber','company'] );
my $id='',$displayName='',$sn='',$givenname='',$initials='',$department='',$description='',$disabled='',$mail='';
@entries = $mesg->entries;
foreach $entry (@entries) {
$id=$entry->get_value(uid);
if (($id ne "admin")&&($id ne "admin")&&($id ne "wiki")&&($id ne "ham.e3_qx4qs")&&($id ne "spam.p1vityb7")&&($id ne "galsync")) {
$displayName=$entry->get_value(displayName);
$sn=$entry->get_value(sn);
# print "$sn\n";
$givenname=$entry->get_value(givenname);
$sn=$entry->get_value(sn);
$initials=$entry->get_value(initials);
$description=$entry->get_value(description);
$telephoneNumber=$entry->get_value(telephoneNumber);
$company=$entry->get_value(company);
$status=$entry->get_value(zimbraAccountStatus);
if (defined ($AD{$id})) {
if ("$status" ne "active")
{
# print "$id status=active\n";
$status="active";
}
else{
$status="";
}
}
else {
if ("$status" eq "active")
{
# print "$id status=locked\n";
$status="locked";
}
else{
$status="";
}
}
#получаем адрес алисаса
$mail=$entry->get_value(zimbraPrefFromAddress);
#если нетуу алиаса берём основной адрес
if (length($mail)==0)
{
$mail=$entry->get_value(zimbraMailDeliveryAddress);
}
$domain=substr($mail,index($mail,"\@")+1);
$LDAP{$id}{domain_} = $domain;
if (length($displayName)>0) {
$LDAP{$id}{displayName} = $displayName;
}
if (length($sn)) {
$LDAP{$id}{sn} = $sn;
}
if (length($givenname)>0) {
$LDAP{$id}{givenname} = $givenname;
}
if (length($initials)>0) {
$LDAP{$id}{initials} = $initials;
}
if (length($description)>0) {
$LDAP{$id}{description} = $description;
}
if (length($telephoneNumber)>0) {
$LDAP{$id}{telephoneNumber} = $telephoneNumber;
}
if (length($company)>0) {
$LDAP{$id}{company} = $company;
}
if (length($mail)>0) {
$LDAP{$id}{mail} = $mail;
# print "ZIMBRA MAIL=$mail\n";
}
if (length($status)>0) {
$AD{$id}{status} = $status;
}
}
}
}
#print ("\n===AD==\n");
my $id='',$displayName='',$sn='',$givenname='',$initials='',$department='',$description='',$disabled='',$mail='';
print "-удаляем одинаковые и несовпадающие с ад поля\n";
my $k2,$v2;
while(my ($k,$v)=each(%AD)) {
#Юзер уже есть
print "проверяем $k $v\n";
if (defined ($LDAP{$k})) {
while(($k2,$v2)=each(%{$AD{$k}})) {
print "$k2 # $v2\n";
print "LDAP=$LDAP{$k}{$k2} AD=$AD{$k}{$k2}\n";
if ($LDAP{$k}{$k2} ne $AD{$k}{$k2}) {
delete $LDAP{$k}{$k2};
print "удалено значение не соответсвующее АД значение\n";
}
else {
print "Удалены идентичные значения\n";
delete $AD{$k}{$k2};
delete $LDAP{$k}{$k2};
}
}
}
}
my $create;
my $attr_st;
my $alias_st;
open (FILE, ">commands.list");
# !!!!! временно
while(my ($k,$v)=each(%AD)) {
$create=0;
$attr_st="";
$alias_st="";
$from_st="";
if (!(defined ($LDAP{$k}))) {
$create=1;
}
# print "обновляем данные юзера\n";
while(my ($k2,$v2)=each(%{$AD{$k}})) {
# print "K==$k --> $k2:$v2\n";
if ($k2 eq "mail") {
$m=substr($v2,-(length($v2)-index($v2,"\@")-1));
if ("$k" ne "$m" ) {
$alias_st=$v2;
}
}
if ($k2 eq "displayName") {
$attr_st="$attr_st displayName \"$v2\"";
}
if ($k2 eq "sn") {
$attr_st="$attr_st sn \"$v2\"";
}
if ($k2 eq "givenname") {
$attr_st="$attr_st givenname \"$v2\"";
}
if ($k2 eq "initials") {
$attr_st="$attr_st initials \"$v2\"";
}
if ($k2 eq "description") {
$attr_st="$attr_st description \"$v2\"";
}
if ($k2 eq "sn") {
$attr_st="$attr_st sn \"$v2\"";
}
if ($k2 eq "status") {
# print "$k zimbraAccountStatus \"$v2\"\n";
$attr_st="$attr_st zimbraAccountStatus \"$v2\"";
}
if ($k2 eq "telephoneNumber") {
# print "$k telephoneNumber \"$v2\"\n";
$attr_st="$attr_st telephoneNumber \"$v2\"";
}
if ($k2 eq "company") {
# print "$k company \"$v2\"\n";
$attr_st="$attr_st company \"$v2\"";
}
}
# print "username=$k\n";
# print "create=$create\n";
# print "attr_st=$attr_st\n";
# print "alias_st=$alias_st\n";
# print "-------------------\n\n";
# print "\n\n\n\n\n";
# print "AD domain $k= $AD{$k}{domain}\n";
# print "LDAP domain $k= $LDAP{$k}{domain_}\n";
if (length($AD{$k}{domain})>0)
{
$domain=$AD{$k}{domain}
}else {
$domain=$LDAP{$k}{domain_};
}
if ($create==1) {
print FILE "ca $k\@$domain '' $attr_st\n";
}
else {
if (length($attr_st)>0)
{
print FILE "ma $k\@$domain $attr_st\n";
}
}
if (length($alias_st)>0) {
print FILE "aaa $k\@$domain $alias_st\n";
}
if (length($alias_st)>0) {
print FILE "ma $k\@$domain zimbraPrefFromAddress $alias_st\n";
}
}
close(FILE);
system "/opt/zimbra/bin/zmprov -f commands.list" [EDIT} For those that don't read Russian:
original OpenNET:
Russian names correctly moves in zimbra
Last edited by phoenix; 01-31-2012 at 11:57 PM..
Reason: Added translation
| | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
