Results 1 to 3 of 3

Thread: Creating accounts with AD authentication

  1. #1
    Join Date
    Jul 2007
    Posts
    8
    Rep Power
    8

    Default Creating accounts with AD authentication

    Hi, I have a domain that uses AD authentication, I would like to know how to create the accounts, do I have to create the accounts manually using the same username from AD or is there a way to automatically create an account for each AD user? thanks for your help.

  2. #2
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    Bug 7235 - Auto Provision New Accounts with External LDAP (I believe AD is included in that)

    Right now the authentication section isn't designed to provision users, but you can use zmprov commands to do the account creation.
    Zmprov - Zimbra :: Wiki
    Zmprov Examples - Zimbra :: Wiki
    Bulk Provisioning - Zimbra :: Wiki

    In AD you should be able to right click the folder containing the user you want, then export list > csv file.

    Some excerpts from the bulk article-

    A simple perl script to take a CSV file and turn it into the correct zmprov commands (obviously change the variables to the actual fields you use in your CSV file):
    #!/usr/bin/perl
    while (<>) {
    chomp;
    my ($email, $password, $first, $last) = split(/\,/, $_, 4);
    print qq{ca $email $password\n};
    print qq{ma $email givenName "$first"\n};
    print qq{ma $email sn "$last"\n};
    print qq{ma $email displayName "$first $last"\n};
    print qq{\n};
    }

    I would use ‘’ for the passwords so that it would just use the external auth (seeing as passwords probably won't be in this csv list)
    While I don't know your exact version (zmcontrol -v & add it to your forum profile) fallback to internal auth should automatically be on for the admin accounts (incase for whatever reason you can't connect to the external auth).

    So it would assign everyone to the default COS (class of service), if you wanted to organize it during import you could put the cos names in the csv file, then lookup the valid COS ID ahead of time or like this:
    my $cosid = `su - zimbra -c 'zmprov gc Default |grep zimbraId:'`;
    $cosid =~ s/zimbraId:\s*|\s*$//g;
    then:
    print qq{ma $email zimbraCOSid "$cosid"\n};

    Anteos seems to manage his fully through AD & may have some tips:
    Quote Originally Posted by anteos View Post
    Zimbra doesn't support user and group creation through AD, but you can write small scripts to synchronize the users on Zimbra against AD. We made it with users (created, locked, deleted), groups, shared calendars and distribution lists fully managed through AD.
    Last edited by mmorse; 10-24-2007 at 11:28 PM.

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    There is an outstanding enhancement for provisioning users from AD - add your vote if you want it. You should be able to dump the users from AD and script their creation in Zimbra, as far as I remember there are a couple of threads in the forum that describe the import script and a quick search should find what you need.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. Character codification creating accounts
    By spAlex in forum Migration
    Replies: 3
    Last Post: 09-07-2007, 03:47 AM
  2. 4.0.4 to 4.5.6 upgrade failed in network edition
    By chenthil in forum Administrators
    Replies: 1
    Last Post: 08-27-2007, 09:36 AM
  3. [SOLVED] Simple backup question...
    By dameron in forum Administrators
    Replies: 3
    Last Post: 08-25-2007, 09:36 PM
  4. Creating user accounts with SOAP
    By Andreas in forum Administrators
    Replies: 2
    Last Post: 01-19-2006, 12:17 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •