Migrating from Postfix+Dovecot with LDAP to ZCS

[sirajmc]

Dear Zimbra Community,

I have a production mail server running on CentOS5 using Postfix, Dovecot with OpenLDAP. I need to migrate / move everything (including LDAP) in to the new server running CentOS 5.5 with ZCS 6 (Release 6.0.8_GA_2661.RHEL5_64_20100820052503 CentOS5_64 FOSS edition).

Please advise which is the best way for moving my LDAP database and mails (postfix) to ZCS.

Thanks,
Siraj Mundayott.

[phoenix]

Take a look at some of the migration articles in the wiki (also search the forums for further details): User Migration Articles - Zimbra :: Wiki

[sirajmc]

Quote:

Originally Posted by phoenix

Take a look at some of the migration articles in the wiki (also search the forums for further details): User Migration Articles - Zimbra :: Wiki

Thanks, I'll check once again and get back.

Siraj.

[sirajmc]

Hi,

Instead of moving LDAP to my ZCS I am planning to use external LDAP option and imapsync to copy emails from postfix.
My test was successful using external LDAP but I cannot see all accounts in ZCS after configuring it. Please find my external LDAP settings below.

Authentication
--------------
Authentication mechanism: External LDAP
LDAP bind DN template:
LDAP URL: ldap://server.domain.local:389
Enable StartTLS
LDAP filter: (&(objectClass=posixAccount)(uid=%u))
LDAP search base: ou=Users,dc=domain,dc=local
Use DN/Password to bind to external server: Yes
Bind DN: cn=smbldap-tools,ou=DSA,dc=domain,dc=local

GAL Settings
------------
GAL mode:
External
Most results returned by GAL search: 10
GAL sync account name:* user@domain.com
Datasource name for external GAL: server.domain.local
External GAL polling interval: 1 days
Server type:LDAP
LDAP filter:* (&(objectClass=posixAccount)(uid=%u))
Autocomplete filter: (|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*))
LDAP search base: ou=Users,dc=domain,dc=local
LDAP URL: ldap://server.domain.local:389
Bind DN:

Please advise.

Thanks,
Siraj.

[phoenix]

Quote:

Originally Posted by sirajmc

Instead of moving LDAP to my ZCS I am planning to use external LDAP option....

You can't do that, you still need to use the LDAP that's installed with Zimbra. External Authentication is just that and it's not a replacement for the LDAP in Zimbra.

[sirajmc]

Sorry for the confusion, what I meant is using the Zimbra LDAP but by syncing the user accounts from my primary LDAP (Linux OpenLDAP) by configuring external authentication. If this is not possible then what exactly the purpose of External authentication option in zimbra admin console?

Please advise.

Thanks,
Siraj.

[phoenix]

Quote:

Originally Posted by sirajmc

Sorry for the confusion, what I meant is using the Zimbra LDAP but by syncing the user accounts from my primary LDAP (Linux OpenLDAP) by configuring external authentication.

There's no confusion at all on my part. You need to create users in the Zimbra LDAP, it's used to provision the user account.

Quote:

Originally Posted by sirajmc

If this is not possible then what exactly the purpose of External authentication option in zimbra admin console?

It means exactly what it's name implies, it's to authenticate users against an external (or centralised) LDAP server.

[sirajmc]

So I have to manually update zimbra LDAP every time I make changes in my master LDAP?

Thanks,
Siraj.

[phoenix]

Quote:

Originally Posted by sirajmc

So I have to manually update zimbra LDAP every time I make changes in my master LDAP?

I don't really understand what you mean by that question. If you mean adding a new user to your master LDAP that requires a Zimbra mailbox then the answer is yes, you must provision the user in Zimbra as well. There are a couple of RFEs to add synchronisation with an external source so you could vote on them. You could also script it yourself, I aslo believe there may be some scripts in the forums to do just that if you'd like to search for them.

[sirajmc]

Thanks Bill,

I find some related perl scripts from Bulk Provisioning - Zimbra :: Wiki (CSV File to Zmprov and LDAP Users to Zimbra Accounts).
I have all accounts in a CSV format exported from my LDAP server. Based on above wiki "CSV File to Zmprov" script can generate zmprov commands. I guess I have to pass my csv filename as parameter and my csv file field name should match as like in the script. But there are couple of doubts like how-to include UID number also the comments on script "LDAP Users to Zimbra Accounts" looks not marked as comment (#). Sorry for my poor understanding, I have worked in exchange and Linux postfix mail but I am not really into scripting, I would appreciate if you could give me some guideline to solve my scenario.

Thanks,
Siraj.