sync AD with Zimbra

[sinchan83]

Hi,

I've just installed zimbra and configured authentication with an AD running on Windows 2003 Server. It works fine. However, I cannot find a solution to maintain both directories synchronized. I've found a script, which allows zimbra to get all users in AD by means of comparing them with existing users in zimbra-ldap, but when i run that scripts i got some error. Here's my script :

#!/bin/bash
# zsync_ad.sh is a script thant syncs AD users and Zimbra users
# It is unidirectional, just replicates changes from AD to ZCS
# Developed on 20081006 by Eduardo Gonzalez <egrueda@gmail.com>
# Testing version 0.6 - Use at your own risk

LDAPSEARCH=/usr/bin/ldapsearch
ZMPROV=/opt/zimbra/bin/zmprov
DOMAIN_NAME="test.csf.co.id"
TIMESTAMP=`date +%N`
TMP_DIR=/tmp
ADS_TMP=$TMP_DIR/users_ads_$TIMESTAMP.lst
ZCS_TMP=$TMP_DIR/users_zcs_$TIMESTAMP.lst
DIF_TMP=$TMP_DIR/users_dif_$TIMESTAMP.lst

# Server values
LDAP_SERVER="ldap://10.10.1.10:389"
BASEDN="dc=csf,dc=co,dc=id"
BINDDN="CN=administrator,DC=csf,DC=co,DC=id"
BINDPW="secret"
FILTER="(&(sAMAccountName=*)(objectClass=user)(giv enName=*))"
FIELDS="mail"

# Extract users from ADS
echo -n "Quering ADS... "
$LDAPSEARCH -x -H $LDAP_SERVER -b $BASEDN -D "$BINDDN" -w $BINDPW "$FILTER" $FIELDS | \
grep "@$DOMAIN_NAME" | \
awk '{print $2}' | \
sort > $ADS_TMP
echo "Found `cat $ADS_TMP | wc -l` users ($ADS_TMP)"

# Extract users from ZCS
echo -n "Quering ZCS... "
$ZMPROV gaa $DOMAIN_NAME > $ZCS_TMP
echo "Found `cat $ZCS_TMP | wc -l` users ($ZCS_TMP)"

# Generate diff
echo "Generating diff file ($DIF_TMP)"
diff -u $ZCS_TMP $ADS_TMP | grep "$DOMAIN_NAME" > $DIF_TMP

# Clean up users list
rm -f $ADS_TMP $ZCS_TMP

# Import new users
echo -n "New users: "
cat $DIF_TMP | grep ^+ | wc -l
for i in $(cat $DIF_TMP | grep ^+ | sed s/^+//g);
do
echo -n " - Adding $i ";
$ZMPROV createAccount $i passwd > /dev/null;
RES=$?
if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
done

# Delete old users
echo -n "Old users: "
cat $DIF_TMP | grep ^- | wc -l
for i in $(cat $DIF_TMP | grep ^- | sed s/^-//g);
do
echo -n " - Deleting $i ";
$ZMPROV deleteAccount $i > /dev/null;
RES=$?
if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
done


# Clean up diff list
#rm -f $DIF_TMP


and here's the errors :
Quering ADS... /opt/zimbra/zsync_ad.sh: line 26: /usr/bin/ldapsearch: No such file or directory
Found 0 users (/tmp/users_ads_272682961.lst)
Quering ZCS... ERROR: service.INVALID_REQUEST (invalid request: can only be used with "zmprov -l/--ldap")
Found 0 users (/tmp/users_zcs_272682961.lst)
Generating diff file (/tmp/users_dif_272682961.lst)
New users: 0
Old users: 0

please help me
Thanks

[phoenix]

Quote:

Originally Posted by sinchan83

and here's the errors :
Quering ADS... /opt/zimbra/zsync_ad.sh: line 26: /usr/bin/ldapsearch: No such file or directory
Found 0 users (/tmp/users_ads_272682961.lst)
Quering ZCS... ERROR: service.INVALID_REQUEST (invalid request: can only be used with "zmprov -l/--ldap")]

The error messages tell you exactly what's wrong in the script, you need to add the missing package for the first error and modify the command in the script for the second error.