Results 1 to 3 of 3

Thread: Active Directory (ADS) import

  1. #1
    benny_p is offline New Member
    Join Date
    Dec 2012
    Location
    Germany
    Posts
    5
    Rep Power
    2

    Lightbulb Active Directory (ADS) import

    Hi Community,

    the last few days I passed around with getting Zimbra synced to Actice Directory. Now I just got it.
    I modified a script of Eduardo Gonzalez (special thanks for the script) to import also some values like givenName or telephoneNumber. You can find the original script here:
    Active Directory Script to import users to Zimbra

    Now I just want to share my script with you:

    Code:
    #!/bin/bash
    # zsync_ad.sh is a script thant syncs AD users and Zimbra users
    # It is unidirectional, just replicates changes from AD to ZCS
    # Developed on by Eduardo Gonzalez <egrueda at gmail dot com> 
    # Testing version 0.6 - Use at your own risk
    # Edited by B. Pletschacher 
    
    LDAPSEARCH=/usr/bin/ldapsearch
    ZMPROV=/opt/zimbra/bin/zmprov
    DOMAIN_NAME="example.com"
    TIMESTAMP=`date +%N`
    TMP_DIR=/tmp
    ADS_TMP=$TMP_DIR/users_ads_$TIMESTAMP.lst
    ZCS_TMP=$TMP_DIR/users_zcs_$TIMESTAMP.lst
    DIF_TMP=$TMP_DIR/users_dif_$TIMESTAMP.lst
    
    # Server values
    LDAP_SERVER="ldap://111.1.1.150"
    BASEDN="dc=example,dc=com"
    BINDDN="CN=username,DC=example,DC=com"
    BINDPW="secret"
    FILTER="(&(sAMAccountName=*)(objectClass=user)(givenName=*))"
    FIELDS="mail"
    LDAPCOMPLETE="$LDAPSEARCH -x -H $LDAP_SERVER -b $BASEDN -D "$BINDDN" -w $BINDPW" #Do not change
    
    # Extract users from ADS
    echo -n "Quering ADS... "
    $LDAPSEARCH -x -H $LDAP_SERVER -b $BASEDN -D "$BINDDN" -w $BINDPW "$FILTER" $FIELDS | \
      grep "@$DOMAIN_NAME" | \
      awk '{print $2}' | \
      sort > $ADS_TMP
    echo "Found `cat $ADS_TMP | wc -l` users ($ADS_TMP)"
    
    # Extract users from ZCS
    echo -n "Quering ZCS... "
    $ZMPROV -l gaa  > $ZCS_TMP
    echo "Found `cat $ZCS_TMP | wc -l` users ($ZCS_TMP)"
    
    #Compare the users_ads.lst and users_zcs.lst list to make an import
    Z_USER="cat $ZCS_TMP"
    A_USER="cat $ADS_TMP"
    count=1
    for i in `$A_USER`;
    do
    	
    	Name="`sed -n "$count p" $ADS_TMP`"
    	Exist="`$Z_USER | grep $Name`"
    	
    	if [ "$Exist" = "" ]; then
    		echo -e "\033[49;5;31m$Name does not exist\033[49;0;30m"
    		echo $Name >> $DIF_TMP
    		echo -e "\033[49;0;31mwrote $Name to sync-list\033[49;0;30m"
    	else
    		echo -e "\033[49;0;32m$Exist already exists\033[49;0;30m"
    	fi
    	count=$((count+1))
    done
    echo "" >> $DIF_TMP	#If file does not exist, create it
    
    # Clean up users list
    rm -f $ADS_TMP $ZCS_TMP
    
    # Import new users
    echo -n "New users: "
    cat $DIF_TMP
    	if [ "`cat $DIF_TMP`" = "" ]; then
    	echo "none"
    	fi
    for i in $(cat $DIF_TMP);
    do
      echo -n " - Adding $i ";
      $ZMPROV createAccount $i passwd > /dev/null;
      RES=$?
      if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
    done
    
    #Modify new users
    echo -e "Modifying new users \033[49;5;31m-in progress-\033[49;0;30m"
    for i in $(cat $DIF_TMP);
    do
    
    #To write options from LDAP to zimbra just copy and paste a $ZMPROV line and change the values after $i, "mail=$i" and grep
    
      	$ZMPROV modifyAccount $i cn "`$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i displayName "`$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i gn "`$LDAPCOMPLETE "mail=$i" givenName | grep givenName: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i sn "`$LDAPCOMPLETE "mail=$i" sn | grep sn: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i telephoneNumber "`$LDAPCOMPLETE "mail=$i" telephoneNumber | grep telephoneNumber: | awk '{printf "%s %s \n",$2,$3}'`" ;
    
    #To get an output on command-line copy a echo `$LDAPCOMPLETE line and change the values after "mail=$i" and grep
    	echo $i;
    	echo `$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" givenName | grep givenName: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" sn | grep sn: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" telephoneNumber | grep telephoneNumber: | awk '{printf "%s %s \n",$2,$3}'`;
    
    	RES=$?
      	if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
      
    done
    echo -e "\033[49;0;32mDone\033[49;0;30m"
    
    
    # Clean up diff list
    rm -f $DIF_TMP

  2. #2
    Eclipse is offline Loyal Member
    Join Date
    Jun 2011
    Posts
    76
    Rep Power
    4

    Default

    Quote Originally Posted by benny_p View Post
    Hi Community,

    the last few days I passed around with getting Zimbra synced to Actice Directory. Now I just got it.
    I modified a script of Eduardo Gonzalez (special thanks for the script) to import also some values like givenName or telephoneNumber. You can find the original script here:
    Active Directory Script to import users to Zimbra

    Now I just want to share my script with you:

    Code:
    #!/bin/bash
    # zsync_ad.sh is a script thant syncs AD users and Zimbra users
    # It is unidirectional, just replicates changes from AD to ZCS
    # Developed on by Eduardo Gonzalez <egrueda at gmail dot com> 
    # Testing version 0.6 - Use at your own risk
    # Edited by B. Pletschacher 
    
    LDAPSEARCH=/usr/bin/ldapsearch
    ZMPROV=/opt/zimbra/bin/zmprov
    DOMAIN_NAME="example.com"
    TIMESTAMP=`date +%N`
    TMP_DIR=/tmp
    ADS_TMP=$TMP_DIR/users_ads_$TIMESTAMP.lst
    ZCS_TMP=$TMP_DIR/users_zcs_$TIMESTAMP.lst
    DIF_TMP=$TMP_DIR/users_dif_$TIMESTAMP.lst
    
    # Server values
    LDAP_SERVER="ldap://111.1.1.150"
    BASEDN="dc=example,dc=com"
    BINDDN="CN=username,DC=example,DC=com"
    BINDPW="secret"
    FILTER="(&(sAMAccountName=*)(objectClass=user)(givenName=*))"
    FIELDS="mail"
    LDAPCOMPLETE="$LDAPSEARCH -x -H $LDAP_SERVER -b $BASEDN -D "$BINDDN" -w $BINDPW" #Do not change
    
    # Extract users from ADS
    echo -n "Quering ADS... "
    $LDAPSEARCH -x -H $LDAP_SERVER -b $BASEDN -D "$BINDDN" -w $BINDPW "$FILTER" $FIELDS | \
      grep "@$DOMAIN_NAME" | \
      awk '{print $2}' | \
      sort > $ADS_TMP
    echo "Found `cat $ADS_TMP | wc -l` users ($ADS_TMP)"
    
    # Extract users from ZCS
    echo -n "Quering ZCS... "
    $ZMPROV -l gaa  > $ZCS_TMP
    echo "Found `cat $ZCS_TMP | wc -l` users ($ZCS_TMP)"
    
    #Compare the users_ads.lst and users_zcs.lst list to make an import
    Z_USER="cat $ZCS_TMP"
    A_USER="cat $ADS_TMP"
    count=1
    for i in `$A_USER`;
    do
    	
    	Name="`sed -n "$count p" $ADS_TMP`"
    	Exist="`$Z_USER | grep $Name`"
    	
    	if [ "$Exist" = "" ]; then
    		echo -e "\033[49;5;31m$Name does not exist\033[49;0;30m"
    		echo $Name >> $DIF_TMP
    		echo -e "\033[49;0;31mwrote $Name to sync-list\033[49;0;30m"
    	else
    		echo -e "\033[49;0;32m$Exist already exists\033[49;0;30m"
    	fi
    	count=$((count+1))
    done
    echo "" >> $DIF_TMP	#If file does not exist, create it
    
    # Clean up users list
    rm -f $ADS_TMP $ZCS_TMP
    
    # Import new users
    echo -n "New users: "
    cat $DIF_TMP
    	if [ "`cat $DIF_TMP`" = "" ]; then
    	echo "none"
    	fi
    for i in $(cat $DIF_TMP);
    do
      echo -n " - Adding $i ";
      $ZMPROV createAccount $i passwd > /dev/null;
      RES=$?
      if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
    done
    
    #Modify new users
    echo -e "Modifying new users \033[49;5;31m-in progress-\033[49;0;30m"
    for i in $(cat $DIF_TMP);
    do
    
    #To write options from LDAP to zimbra just copy and paste a $ZMPROV line and change the values after $i, "mail=$i" and grep
    
      	$ZMPROV modifyAccount $i cn "`$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i displayName "`$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i gn "`$LDAPCOMPLETE "mail=$i" givenName | grep givenName: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i sn "`$LDAPCOMPLETE "mail=$i" sn | grep sn: | awk '{printf "%s %s \n",$2,$3}'`" ;
    	$ZMPROV modifyAccount $i telephoneNumber "`$LDAPCOMPLETE "mail=$i" telephoneNumber | grep telephoneNumber: | awk '{printf "%s %s \n",$2,$3}'`" ;
    
    #To get an output on command-line copy a echo `$LDAPCOMPLETE line and change the values after "mail=$i" and grep
    	echo $i;
    	echo `$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" cn | grep cn: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" givenName | grep givenName: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" sn | grep sn: | awk '{printf "%s %s \n",$2,$3}'`;
    	echo `$LDAPCOMPLETE "mail=$i" telephoneNumber | grep telephoneNumber: | awk '{printf "%s %s \n",$2,$3}'`;
    
    	RES=$?
      	if [ "$RES" == "0" ]; then echo "[Ok]"; else echo "[Err]"; fi
      
    done
    echo -e "\033[49;0;32mDone\033[49;0;30m"
    
    
    # Clean up diff list
    rm -f $DIF_TMP
    I tweaked this too my server setup but when I run the script it just does this -

    Code:
    root@zimbra8:/downloads# ./ADSImport
    Quering ADS... ./ADSImport: line 28: /usr/bin/ldapsearch: No such file or directory
    Found 0 users (/tmp/users_ads_689247302.lst)
    Quering ZCS... Found 6 users (/tmp/users_zcs_689247302.lst)
    New users:
    none
    Modifying new users -in progress-
    Done
    Then it sits at a blank lineand I have to terminate the process.

    Any ideas?

  3. #3
    benny_p is offline New Member
    Join Date
    Dec 2012
    Location
    Germany
    Posts
    5
    Rep Power
    2

    Default

    Quote Originally Posted by Eclipse View Post
    I tweaked this too my server setup but when I run the script it just does this -

    Code:
    root@zimbra8:/downloads# ./ADSImport
    Quering ADS... ./ADSImport: line 28: /usr/bin/ldapsearch: No such file or directory
    Found 0 users (/tmp/users_ads_689247302.lst)
    Quering ZCS... Found 6 users (/tmp/users_zcs_689247302.lst)
    New users:
    none
    Modifying new users -in progress-
    Done
    Then it sits at a blank lineand I have to terminate the process.

    Any ideas?
    I think ldapsearch is missing. You get it by
    Code:
    sudo apt-get install ldap-utils

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Active Directory Script to import users to Zimbra
    By egrueda in forum Administrators
    Replies: 35
    Last Post: 08-29-2012, 10:54 AM
  2. GAL and Active Directory
    By adepaolis in forum Installation
    Replies: 1
    Last Post: 07-14-2009, 11:36 AM
  3. Active Directory Script to import users to Zimbra
    By egrueda in forum Installation
    Replies: 7
    Last Post: 07-07-2009, 01:02 PM
  4. Replies: 0
    Last Post: 01-19-2009, 08:17 AM
  5. GAL with Active Directory
    By robrusso in forum Installation
    Replies: 1
    Last Post: 07-31-2006, 10:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •