How to save user pass.

[thiagotgc]

Friends all right?

Sorry for bad English, but I'm Brazilian. =)

I need to backup the passwords used today in my zimbra server.

I need to import those passwords in any place, to import on a server with only postfix + mysql.

Already could get the users that are in MySQL but the passwords did not.

Please, where I think these passwords?

[cayaraa]

You can get the encrypted password out of ldap by running:

ldapsearch -x -W -D "uid=zimbra,cn=admins,cn=zimbra" -b 'dc=domain,dc=com' -h zimbraldaphost.domain.com '(uid=username)' userPassword

You then have to enter the ldap zimbra/admin password. If you don't know the password you can get it by running:
zmlocalconfig -s ldap_root_password

[jaydorado]

How could I then use the encrypted password to create the user in another zimbra server?

zmprov ma user@domain.com userPassword '{SSHA}encryptedpassword'

is that correct?

[cayaraa]

Not quite. You would have to run the command:
zmprov ma user@domain.com userPassword 'temppassword'
because zmprov is expecting an unencrypted password. After you create the account you would then have to replace the temporary password in ldap with the encrypted one from the old server with ldapmodify:
ldapmodify -x -W -D "uid=zimbra,cn=admins,cn=zimbra" -b 'dc=domain,dc=com' -h zimbraldaphost.domain.com '(uid=username)' -f file_with_modify_commands

With the filing looking something like:
dn: uid=username,ou=people,dc=doman,dc=com
changetype: modify
replace: userPassword
userPassword: {SSHA}encryptedpassword

[TomL]

Do you know if there is a difference between {SSHA} and {crypt} in the 'zmprov ma' command? I was able to import some old Unix crypt passwords using zmprov ma without needing to use ldapmodify. This is Zimbra v6.0.1.

The command I used was:
zmprov ma "user@domain" userPassword "{crypt}EncryptedPassword"
I haven't tried using SSHA passwords yet so I didn't know if that would fail down the road (just in the provisioning stage, not yet in production).
TomL

[veronica]

I think you can import using {SSHA}encryptedpassword as well

[cayaraa]

Interesting, I had no idea zmprov supported created an account using the encrypted password. Good to know!

[vavai]

Quote:

Originally Posted by TomL

Do you know if there is a difference between {SSHA} and {crypt} in the 'zmprov ma' command? I was able to import some old Unix crypt passwords using zmprov ma without needing to use ldapmodify. This is Zimbra v6.0.1.

The command I used was:
zmprov ma "user@domain" userPassword "{crypt}EncryptedPassword"
I haven't tried using SSHA passwords yet so I didn't know if that would fail down the road (just in the provisioning stage, not yet in production).
TomL

I've try the above command with {SSHA} but it failed (produced different SSHA on LDAP and I could not login with the 'correct' password)

Maybe this link make a clear explanation : The SSHA Password Storage Scheme

Maybe someone else has successful attempt to insert Zimbra Account+Password with SSHA encoding without using ldapmodify ?

[doggededdy]

please how can i manage to login without user name and password. please i'm new here

[phoenix]

Quote:

Originally Posted by doggededdy

please how can i manage to login without user name and password. please i'm new here

Your question has nothing to do with this thread. For the record, you can't login without a username and password.