1. Help Center
  2. Ejercicios
  3. OPENLDAP

Populating Proxy LDAP with Zimbra users

Daniel Eugenin M. -

If you want to know a little more about how to populate our Proxy LDAP using LDAP Zimbra data (http://blog.itlinux.cl/blog/2015/08/06/zimbra-authentication-with-multiples-ldap-backends/).

 

On Zimbra server:

1) Get the zimbra ldap password:

LDAP_PASS=`zmlocalconfig  -s zimbra_ldap_password`

 

2) Obtain only user accounts:

Execute this command as zimbra user:

/opt/zimbra/bin/ldapsearch -x -h $LDAP_SERVER -D uid=zimbra,cn=admins,cn=zimbra -w$LDAP_PASS -LLL -o ldif-wrap=no "(&(objectClass=zimbraAccount))" > /tmp/accounts.ldif

 

Where $LDAP_SERVER = zimbra server IP

 

 

3) Some cleaning:

Execute:

cat /tmp/accounts.ldif | grep -v ^zimbra | grep -v "objectClass: zimbraAccount" | grep -v "objectClass: amavisAccount" > /tmp/cleaned_accounts.ldif

 

Our /tmp/cleaned_accounts.ldif looks like:

 

dn: uid=az535,ou=people,dc=domain,dc=cl
uid: az535
mail: az.araucomaipu@domain.cl
mail: az535@domain.cl
sn: -
userPassword:: e2NyeXB0fSQxJHMySWpMVjQvJHE4YkRmc0xQcnpSUGQ2RzNvVU85MS4=
objectClass: inetOrgPerson
givenName: Azaleia
cn: Azaleia - Arauco Maipu
displayName: Azaleia - Arauco Maipu

dn: uid=az559,ou=people,dc=domain,dc=cl
uid: az559
mail: az559@domain.cl
mail: az.marinaarauco@domain.cl
sn: -
userPassword:: e2NyeXB0fSQxJFdjUkUxbTkuJG8vZ0tZLmNPdUQ3YUNYZG1LMEpwLzE=
objectClass: inetOrgPerson
givenName: AZ
cn: AZ - Marina Arauco
displayName: AZ - Marina Arauco

dn: uid=az571,ou=people,dc=domain,dc=cl
uid: az571
mail: az.paseosanbndo@domain.cl
mail: az571@domain.cl
sn: Paseo
userPassword:: e2NyeXB0fSQxJHVRR05xcVdoJFUyTEp6MXU5dy83UTh0M3Z1VTRMMy4=
objectClass: inetOrgPerson
givenName: AZ
cn: AZ Paseo San Bernardo
displayName: AZ Paseo San Bernardo

 

4) Add Ldap base information:

Now, add this base LDAP information at begining of /tmp/cleaned_accounts.ldif

 

dn: dc=domain,dc=cl
objectClass: dcObject
objectClass: organization
dc: domain
o : fodomainrus

dn: ou=people,dc=domain,dc=cl
objectClass: organizationalRole
ou: people
cn: people

 

* Copy this file (/tmp/cleaned_accounts.ldif) to your new Proxy LDAP.

 

5) Populate:

Now, add it (on Proxy LDAP):

 

ldapadd -x -D "cn=Manager,dc=domain,dc=cl" -w secret -f cleaned_accounts.ldif -c

 

 

 

0 Comentarios

Inicie sesión para dejar un comentario.
Tecnología de Zendesk