Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Installation
Reload this Page Creating accounts with AD authentication

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 10-24-2007, 08:26 PM
Junior Member
  
Posts: 8
Default Creating accounts with AD authentication
Hi, I have a domain that uses AD authentication, I would like to know how to create the accounts, do I have to create the accounts manually using the same username from AD or is there a way to automatically create an account for each AD user? thanks for your help.
Reply With Quote
  #2 (permalink)  
Old 10-24-2007, 11:14 PM
Moderator
  
Posts: 6,237
Default
Bug 7235 - Auto Provision New Accounts with External LDAP (I believe AD is included in that)

Right now the authentication section isn't designed to provision users, but you can use zmprov commands to do the account creation.
Zmprov - Zimbra :: Wiki
Zmprov Examples - Zimbra :: Wiki
Bulk Provisioning - Zimbra :: Wiki

In AD you should be able to right click the folder containing the user you want, then export list > csv file.

Some excerpts from the bulk article-

A simple perl script to take a CSV file and turn it into the correct zmprov commands (obviously change the variables to the actual fields you use in your CSV file):
#!/usr/bin/perl
while (<>) {
chomp;
my ($email, $password, $first, $last) = split(/\,/, $_, 4);
print qq{ca $email $password\n};
print qq{ma $email givenName "$first"\n};
print qq{ma $email sn "$last"\n};
print qq{ma $email displayName "$first $last"\n};
print qq{\n};
}

I would use ‘’ for the passwords so that it would just use the external auth (seeing as passwords probably won't be in this csv list)
While I don't know your exact version (zmcontrol -v & add it to your forum profile) fallback to internal auth should automatically be on for the admin accounts (incase for whatever reason you can't connect to the external auth).

So it would assign everyone to the default COS (class of service), if you wanted to organize it during import you could put the cos names in the csv file, then lookup the valid COS ID ahead of time or like this:
my $cosid = `su - zimbra -c 'zmprov gc Default |grep zimbraId:'`;
$cosid =~ s/zimbraId:\s*|\s*$//g;
then:
print qq{ma $email zimbraCOSid "$cosid"\n};

Anteos seems to manage his fully through AD & may have some tips:
Quote:
Originally Posted by anteos View Post
Zimbra doesn't support user and group creation through AD, but you can write small scripts to synchronize the users on Zimbra against AD. We made it with users (created, locked, deleted), groups, shared calendars and distribution lists fully managed through AD.
Last edited by mmorse; 10-24-2007 at 11:28 PM..
Reply With Quote
  #3 (permalink)  
Old 10-24-2007, 11:15 PM
Zimbra Consultant & Moderator
  
Posts: 20,316
Default
There is an outstanding enhancement for provisioning users from AD - add your vote if you want it. You should be able to dump the users from AD and script their creation in Zimbra, as far as I remember there are a couple of threads in the forum that describe the import script and a quick search should find what you need.
__________________
Regards


Bill
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.