Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: [SOLVED] Migrate from postfix/Maildir/OpenBSD to Zimbra 5.0.21/CentOS5 - no passwords

  1. #1
    blueflametuna is offline Senior Member
    Join Date
    Jan 2010
    Location
    Idaho
    Posts
    60
    Rep Power
    5

    Default [SOLVED] Migrate from postfix/Maildir/OpenBSD to Zimbra 5.0.21/CentOS5 - no passwords

    Greetings, (apologizing in advance for the long post)...

    I have read that imapsync can be used here, but I am a bit fuzzy on the procedure. I have a new Zimbra server in production, just finished an upgrade, so I'm already margainally familiar with it. It has several domains on it. I also have an older production server running postfix with another domain and about 800 users. My goal is to migrate all those users and the domain onto the zimbra server.

    I have seen two types of scripts:
    One uses zmmailbox addMessage (not what I think I want), and imapsync.

    I have been trying to figure out how to use imapsync to accomplish this, but found that without having passwords, there are a few issues.

    We are prepared to tell the users that once we switch to the new server, we will provide them with the new temporary password, and that they should change it when they log in the first time. But I am still not sure how to access their account on the old server using the scripts. Something about an admin auth? Please help me with this concept...

    Before I digress further, (please stop me), here's what I am thinking:

    On Zimbra server:

    * Create migration domain - call it migrate.com
    * Create users from list - user1@migrate.com ...
    * Run imapsync for each user from production.com to migrate.com
    * Create production.com domain on Zimbra
    * Rename all users from user1@migrate.com to user1@production.com
    * Delete migrate.com

    * Change DNS to point email traffic to Zimbra server
    * Decommission old production server.

    Some questions:

    Some of the user accounts have more than just the
    /var/mail/user/Maildir/new cur and tmp folders.
    There are subdirectories like:
    .Sent/new
    .Draft/new
    .Trash

    and some with spaces:
    .Sent Messages
    I have seen one example of a script that handles those.

    - - -

    On our Zimbra, the default disk quota size is 50MB.
    Many of the users have much more than that.
    Do I need to increase the size of their quota prior to the migration?
    Unlimited for all?

    - - -

    Once there, will all of the messages appear as unread?

    - - -

    Assuming I can get past the password issue, can I get there from here?
    Or am I just a clueless old-school newbie?

    Thanks for not flaming. ;-)

  2. #2
    blueflametuna is offline Senior Member
    Join Date
    Jan 2010
    Location
    Idaho
    Posts
    60
    Rep Power
    5

    Default

    I now have imapsync installed on the source server. (That was fun.)

    I was able to connect using the --justconnect option,
    but without individual users' passwords, I do not see a way to migrate the data. Am I missing something obvious here?

    Am I going to need to modify every user password to something I know on both source and destination servers to do this?

    Any suggestions?

    Thanks!

  3. #3
    Matuscak is offline Trained Alumni
    Join Date
    Sep 2009
    Posts
    37
    Rep Power
    5

    Default Master User

    Quote Originally Posted by blueflametuna View Post
    I was able to connect using the --justconnect option,
    but without individual users' passwords, I do not see a way to migrate the data. Am I missing something obvious here?
    Thanks!
    You didn't mention what imap server you've got on the source box, but at least for Dovecot, what you want to do is configure "Master User" support. Take a look at this article on the Dovecot wiki: Authentication/MasterUsers - Dovecot Wiki. Once that is set up you use --authuser1 on the imapsync line to pass the Master User password. You can create an admin account in Zimbra to do the same thing there.

  4. #4
    blueflametuna is offline Senior Member
    Join Date
    Jan 2010
    Location
    Idaho
    Posts
    60
    Rep Power
    5

    Default

    Yes, dovecot. 1.0.rc7

    I've added the following to the dovecot.conf file:

    auth_master_user_separator=*

    ...
    passdb passwd-file {
    args = /etc/passwd.masterusers
    master = yes
    pass = yes
    }
    ...

    Got an error trying to telnet in. I am assuming that the config changes have not been read in. What's the magic incantation to restart dovecot?

    Also, you mentioned that I can do the same on the Zimbra side.
    I already have an admin account, or at least I am a user with admin privileges. Is there anything else that needs to be done in Zimbra?
    I can still create new users and give them all the same password, if needed.

    Thanks for your help. There have been a lot of views, and no replies.

  5. #5
    blueflametuna is offline Senior Member
    Join Date
    Jan 2010
    Location
    Idaho
    Posts
    60
    Rep Power
    5

    Default

    OOps. Crash and burn. Tried a kill -HUP <pid> to reload dovecot.
    Then wasn't able to connect. Restored the original configuration.
    Not sure what I broke, but it was bad.

    (Yes, I know, dovecot v1.2.10 is available.)

  6. #6
    Matuscak is offline Trained Alumni
    Join Date
    Sep 2009
    Posts
    37
    Rep Power
    5

    Default Sample imapsync command

    Quote Originally Posted by blueflametuna View Post
    ...
    passdb passwd-file {
    args = /etc/passwd.masterusers
    master = yes
    pass = yes
    }
    ...

    Got an error trying to telnet in.
    FWIW, my configuration does not have the "pass = yes" option in it. I've never tried the telnet test before, but after getting an error, I noticed that
    the command is literally "1 login loginuser*masteruser masterpass", including the leading "1".

    Also, did you create the /etc/passwd.masterusers file with:
    # htpasswd -b -c -s /etc/passwd.masterusers MasterUser MasterPassword


    I am assuming that the config changes have not been read in. What's the magic incantation to restart dovecot?
    It's been a while since I've used *BSD, but IIRC, look in /etc/rc.d.
    Something like: /etc/rc.d/dovecot restart

    Also, you mentioned that I can do the same on the Zimbra side.
    I already have an admin account, or at least I am a user with admin privileges. Is there anything else that needs to be done in Zimbra?
    I can still create new users and give them all the same password, if needed.
    I don't think there was anything that needed to be changed on the Zimbra settings. Here's a (slightly munged) code fragment that that moves a mailbox from our old server to Zimbra:

    #!/bin/bash
    #

    #++
    # Use this for transferring directly from mailhub's IMAP server to Zimbra.
    # Change user1 and user2 to the desired accounts.
    #--
    imapsync --user1 matuscak --user2 jgmtest@foo.com \
    --buffersize 8192000 --nosyncacls --subscribe --syncinternaldates \
    --host1 mailhub.foo.com --authuser1 admin --password1 'AdminPassword' --authmech1 PLAIN \
    --host2 mail.foo.com --authuser2 convert@foo.com \
    --password2 'ZimbraPassword' --authmech2 PLAIN -ssl2

    exit

  7. #7
    blueflametuna is offline Senior Member
    Join Date
    Jan 2010
    Location
    Idaho
    Posts
    60
    Rep Power
    5

    Default

    When I made these config changes:

    auth_master_user_separator=*

    ...
    passdb passwd-file {
    args = /etc/passwd.masterusers
    master = yes
    pass = yes
    }
    ...

    and restarted dovecot, I was no longer able to connect.
    There was something wrong with the syntax.

    I found in the wiki that the masteruser was added as a feature as early as v1.0_b4, so it should be in rc7. But I did not find the line commented out for auth_master_user_separator in it. Does space matter?

    Is this any different?

    auth_master_user_separator = *

    Thanks for the tip on the login command. (Missed the "1").
    If I can get past the .conf syntax issue and restart dovecot successfully, I will give it another try.

  8. #8
    Matuscak is offline Trained Alumni
    Join Date
    Sep 2009
    Posts
    37
    Rep Power
    5

    Default Location?

    Quote Originally Posted by blueflametuna View Post
    I found in the wiki that the masteruser was added as a feature as early as v1.0_b4, so it should be in rc7.
    On a CentOS system we used for conversion, the RPM claims to be dovecot-1.0.7-7.el5

    But I did not find the line commented out for auth_master_user_separator in it. Does space matter?

    Is this any different?

    auth_master_user_separator = *
    I don't think spaces are significant, but I think the location of the passdb passwd command is important. It should be in the auth default section of the file.

    FWIW, If I grep out all the comments in my dovecot.conf file, here's all that's left:

    protocol imap {
    }

    protocol pop3 {
    }

    protocol lda {
    postmaster_address = postmaster@example.com
    }

    auth_master_user_separator = *

    auth default {
    mechanisms = plain

    passdb passwd-file {
    args = /tools/mail/dovecot.masteruser
    master = yes
    }

    passdb pam {
    }

    userdb passwd {
    }

    user = root

    }

    dict {
    }

    plugin {
    }

  9. #9
    blueflametuna is offline Senior Member
    Join Date
    Jan 2010
    Location
    Idaho
    Posts
    60
    Rep Power
    5

    Default

    Similarly, here is the new config file - which does not load:

    protocol imap {
    }

    protocol pop3 {
    pop3_uidl_format = %v-%u
    pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
    }

    auth_master_user_separator = *

    auth default {
    mechanisms = plain

    passdb passwd {
    }

    passdb passwd-file {
    args = /etc/passwd.masterusers
    master = yes
    pass = yes
    }

    userdb passwd {
    }

    user = root
    }

    ---

    I wasn't sure about where to insert the new parameters.
    My best guess is the two passdb entries may be in conflict.
    There is a user database file built from the system password file.
    It looked like I would still need both to allow current users to still login,
    and add the master user concept. I could be wrong.

  10. #10
    blueflametuna is offline Senior Member
    Join Date
    Jan 2010
    Location
    Idaho
    Posts
    60
    Rep Power
    5

    Default

    Found it in the logs:

    Feb 11 08:44:47 myhost dovecot: SIGHUP received - reloading configuration
    Feb 11 08:44:48 myhost dovecot: auth(default): Last passdb can't have pass=yes
    Feb 11 08:44:48 myhost dovecot: Auth process died too early - shutting down
    Feb 11 08:44:48 myhost dovecot: child 360 (auth) returned error 89


    It would appear that order is significant.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 15
    Last Post: 11-24-2009, 08:46 AM
  2. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 04:42 PM
  3. Upgrade to ZCS 5.10
    By blozancic in forum Installation
    Replies: 0
    Last Post: 10-21-2008, 08:03 AM
  4. Major Issue - 5.0RC2 NE to 5.0GA NE failed
    By DougWare in forum Installation
    Replies: 7
    Last Post: 01-06-2008, 09:56 PM
  5. Mail logs
    By Rick Baker in forum Installation
    Replies: 8
    Last Post: 01-17-2006, 04:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •