Results 1 to 4 of 4

Thread: Zimbra + Samba bulk account provisioning

  1. #1
    mficara is offline Starter Member
    Join Date
    Jun 2007
    Posts
    1
    Rep Power
    7

    Default Zimbra + Samba bulk account provisioning

    Hi everybody,
    I set up Zimbra Admin Extensions to be able to manage Zimbra and Samba accounts from Admin UI and it does work.
    Unfortunately, creating a lot of accounts from UI takes too much time and I was wondering if someone has already tried to get this job done by a (maybe a shell) script.
    The major issue is that, after deploying posixAccount ans sambaSAMaccount extensions, zmprov need a lot more stuff to successfully create accounts (uidNumber, gidNumber, sambaSID, sambaNTPassword etc.)

    Hope someone can help!

    Thanks in advance, bye.

  2. #2
    Greg is offline Zimbra Employee
    Join Date
    Sep 2005
    Location
    Tucson - San Francisco - Moscow
    Posts
    127
    Rep Power
    9

    Default

    I don't have a script for this, but here are some things that might help.
    - sambaNTPassword is an MD4 hash of the user's password
    - uidNumber is just a next available user id number
    - gidNumber is the group id number of the users group, most lilely it is the same number for most of the users
    - sambaSID is a string that looks like this:
    S-1-5-21-2601834925-3641386331-1670679433-3002
    in this string there are two important parts
    S-1-5-21-2601834925-3641386331-1670679433
    and
    -3002
    First part (S-1-5-21-2601834925-3641386331-1670679433) is the domainSID, you can get it by running net getlocalsid or look it up in the Zimbra Admin->Samba Domains
    second part is user RID. It is calculated as following:
    users RID = uidNumber * 2 + 1000
    Bugzilla - Wiki - Downloads - Before posting... Search!
    P.S.: don't forget to vote on this bug
    add Samba LDAP entries to Exchange Migration Tool

  3. #3
    montyZdog's Avatar
    montyZdog is offline Member
    Join Date
    Jun 2007
    Posts
    14
    Rep Power
    7

    Default

    Quote Originally Posted by mficara View Post
    Hi everybody,
    I set up Zimbra Admin Extensions to be able to manage Zimbra and Samba accounts from Admin UI and it does work.
    Unfortunately, creating a lot of accounts from UI takes too much time and I was wondering if someone has already tried to get this job done by a (maybe a shell) script.
    The major issue is that, after deploying posixAccount ans sambaSAMaccount extensions, zmprov need a lot more stuff to successfully create accounts (uidNumber, gidNumber, sambaSID, sambaNTPassword etc.)

    Hope someone can help!

    Thanks in advance, bye.
    This is a quote from Webmin's "LDAP Users and Group" module which has a batch file processing option.
    With properly configured nss_ldap this module works well ith Zimbra LDAP.
    Check the bolded text. Did not try it yet, but theoretically you can add Zimbra custom attributes. to the batch file. I plan to try it myself as soon as I have time.

    This form allows you to create, modify or delete many users at once from an uploaded or local text file. Each line in the file specifies one action to take, depending on its first field. The line formats are :

    'create':'username':'passwd':'uid':'gid':'realname ':'homedir':'shell':'min':'max':'warn':'inactive': 'expire'

    modify':'oldusername':'username':'passwd':'uid':'g id':'realname':'homedir':'shell':'min':'max':'warn ':'inactive':'expire'

    delete':'username

    In create lines, if the uid field is left empty, Webmin will assign a UID automatically. If the gid field is empty, Webmin will create a new group with the same name as the user. The username, homedir and shell fields must be supplied for every user - all other fields are allowed to be empty. If the passwd field is blank, no password will be assigned for the user. If it contains just the letter x, the account will be locked. Otherwise, the text in the field will be taken as the cleartext password and encrypted.
    In modify lines, an empty field will be taken to mean that the corresponding user attribute is not to be modified.
    In create and modify lines, you can optionally append extra fields containing LDAP atttributes in name=value format, to be assigned to the new or modified users.

  4. #4
    montyZdog's Avatar
    montyZdog is offline Member
    Join Date
    Jun 2007
    Posts
    14
    Rep Power
    7

    Default RE: Greg's Zimbra+Samba+Ldap integration Wiki

    I've just added some hints to Extending Admin UI - ZimbraWiki on how to configure pam_ldap and nss_ldap on RHEL5/CentOS5 using authconfig utility. The distribution uses unified /etc/ldap.conf configuration file where host line "conflicts" with uri line .
    The setup also works with Webmin's LDAP modules.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 31
    Last Post: 12-15-2007, 09:05 PM
  2. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 08:55 AM
  3. 4.5 Upgrade failure
    By brained in forum Installation
    Replies: 9
    Last Post: 03-03-2007, 03:30 PM
  4. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 01:00 PM
  5. FC3 Install and no zimbra ?
    By aws in forum Installation
    Replies: 10
    Last Post: 10-09-2005, 04:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •