[SOLVED] Bulk provisioning

[Xaneth]

I'm using bulk provisioning via CSV file, and need to standardize the passwords for a POP3 connector I am using. It would be nice to integrate with external active directory, but I would have the use the AD password in my POP3 connector, and I'm not privy to these passwords of course. So first question is:

Does External Active Directory Auth only use AD passwords, or can it also use the password supplied by Zimbra's OpenLDAP? Doesn't seem to when I try using the password I assign in the admin console, so I'm guessing I'll have to use Internal vs. External AD Auth.

Is there a way to uncheck "Must change password" globally across all 200 email accounts, or will I have to go into each account and manually uncheck this? REALLY don't want to have to do that.

[bdial]

you can create fallback authentication mechanisms and i think in fact if like your AD went down users could still authenticate via the zimbra password. I think theres a section on this in the documentation. I"m not sure if it can be an 'either or' thing

as far as the must change password, figure out what attribute it is by doing

zmprov ga <account>

then you can do a script like

Code:

#!/bin/bash
for i in `zmprov gaa`
do
zmprov ma $i attributeName FALSE
done

[Xaneth]

That answers my question. I was hoping to integrate with AD so people were familiar with their passwords, but the need to configure POP3 connections on the server override that, just need a single password to authenticate the accounts. I'm sure it's in the documentation as well, but I don't want to allow anyone to be able to change their passwords either.

Thanks, I'll give the script a shot.

[Xaneth]

Thanks again, the script really helps for bulk changes!

[Xaneth]

I see the "change password" feature under the COS. Also see how to do it using zmprov ga user zimbraFeatureChangePasswordEnabled FALSE. Awesome.