Export Passwords from Zimbra

[alapierre]

I've been trying to export the passwords from Zimbra's LDAP to another OpenLDAP server, but I just can't seem to get the new passwords to work properly.

I have an exported ldif file with all the information I'm needing for my new server.

An example password in the ldif file looks like this

e1NTSEF9TVl3ODZCN1F5MEZqeWuT2JmT2F2eWtxR2M0Y2JLVlk =

When I import the ldif into my new LDAP server, and view it with Apache Directory Studio, some of the passwords show up with {SSHA}, some have {MD5}, and some just say "Plain text" but I'm thinking they should all be the same, and I know they shouldn't be "Plain text", since I've always added users through the Admin console, and have never changed our encryption type. Either way, none of the imported passwords work when I try to authenticate with the new LDAP server, I have to change the password manually and then I'm able to authenticate.

Any ideas on what I could do to get the passwords to work in a new LDAP server? Thanks!

[Krishopper]

You are going to need to base64 decode that into something OpenLDAP can understand.

With the example password you showed, you would use:

Code:

perl -MMIME::Base64 -e 'print decode_base64("e1NTSEF9TVl3ODZCN1F5MEZqeWuT2JmT2F2eWtxR2M0Y2JLVlk=")

It should come back as plain human readable letters. If you see any binary characters, than the string you pasted in is not correct.

But it should show you something like:

Code:

{SSHA}dTQMYuj4DDzs6wAC7fb6sVrafYAHG7IN

and then you can set the password using that new string in the other OpenLDAP instance.

[alapierre]

Brilliant. That's exactly what I needed, thank you!

[fyd]

Nice piece of info, thanks. A single quotes is missing in the code though.

Quote:

perl -MMIME::Base64 -e 'print decode_base64("e1NTSEF9TVl3ODZCN1F5MEZqeWuT2JmT2F2 eWtxR2M0Y2JLVlk=")'

[ip2]

Thank you very much. This line command solved problem!

Thanks
Robson