Oggi vogliamo mostrarVi le operazioni che consente di effettuare il comando zmprov di Zimbra posta elettronica.
Il comando zmprov esegue tutte le attività di provisioning dell’LDAP di Zimbra tra cui la creazione/modifica/cancellazione di account, alias, domini, COS, liste di distribuzione e risorse.
Ogni operazione viene richiamata attraverso le opzioni della riga di comando, ognuna dei quali ha un nome esteso e una sigla.
La sintassi per la modifica può includere il prefisso “+” o “-” in modo da poter apportare modifiche agli attributi senza dover inserire nuovamente quelli non affetti dalla modifica che si vuole operare
. Si utilizza il “+” per aggiungere un nuovo valore all’attributo specificato senza modificare quelli già esistenti.
. Si utilizza il “-“ per rimuovere un particolare valore all’attributo.
Sintassi
zmprov [comando] [argomento]
Il seguente comando ad esempio aggiunge il valore “blu” all’attributo zimbraZimletUserProperties per l’utente name@domain.com e non cambia qualsiasi altro valore di quell’attributo.
Descrizione
I comandi nella seguente tabella sono suddivisi con queste tipologie: Generale, Account, Risorse, Configurazioni, COS, Liste di distribuzione, Documenti, Domini, Server e Varie.
| Nome esteso | Sigla | Descrizione |
|---|---|---|
| General Options | ||
| –help | -h | display usage |
| –file | -f | use file as input stream |
| –server | -s | {host}[:{port}] server hostname and optional port |
| –ldap | -l | provision via LDAP instead of SOAP |
| –log property file | -L | log 4j property file, valid only with -l |
| –account {name} | -a | account name to auth as |
| –password {pass} | -p | password for account |
| –passfile {file} | -P | read password from file |
| –zadmin | -z | use Zimbra admin name/password from localconfig for admin/password |
| –authtoken (authtoken) | -y | use auth token string (has to be in JSON format) from command line |
| –authtoken (authtoken file) | -Y | use auth token string (has to be in JSON format) from command line |
| –verbose | -v | verbose mode (dumps full exception stack trace) |
| –debug | -d/ | debug mode (dumps SOAP messages) |
| –master | -m | use LDAP master. This only valid with -l |
| Account Provisioning Commands | ||
| addAccountAlias | aaa | {name@domain|id|adminName} {alias@domain}
zmprov aaa joe@domain.com joe.smith@engr.domain.com |
| checkPasswordStrength | cps | Syntax: {name@domain|id} {password}
Note: This command does not check the password age or history. zmprov cps joe@domain.com test123 |
| createAccount | ca | Syntax:{name@domain} {password} [attribute1 value1 etc]
Type on one line. zmprov ca joe@domain.com test123 displayName JSmith |
| createDataSource | cds | {name@domain} {ds-type} {ds-name} [attr1 value1 [attr2 value2…]] |
| createIdentity | cid | {name@domain} {identity-name} [attr1 value1 [attr2 value2…]] |
| createSignature | csig | {name@domain} {signature-name} [attr1 value1 [attr2 value2…]] |
| deleteAccount | da | Syntax:{name@domain|id|adminName}<p< a=””> style=”margin-top: 0px; margin-bottom: 10px; line-height: 1.5;”>zmprov da joe@domain.com |
| deleteDataSource | dds | {name@domain|id} {ds-name|ds-id} |
| deleteIdentity | did | {name@domain|id} {identity-name} |
| deleteIdentity | did | {name@domain|id} {identity-name} |
| deleteSignature | dsig | {name@domain|id} {signature-name} |
| getAccount | ga | Syntax:{name@domain|id|adminName}<p< a=””> style=”margin-top: 0px; margin-bottom: 10px; line-height: 1.5;”>zmprov ga joe@domain.com |
| getAccountMembership | gam | {name@domain|id} |
| getAllAccounts | gaa | Syntax: [-v] [{domain}]
zmprov -l gaa zmprov -l gaa -v domain.com |
| getAllAdminAccounts | gaaa | Syntax: gaaa
zmprov gaaa |
| getDataSources | gds | {name@domain | id} [arg 1 [arg 2…]] |
| getIdentities | gid | {name@domain | id} [arg 1 [arg 2…]] |
| getSignatures | gsig | {name@domain | id} [arg 1 [arg 2…]] |
| modifyAccount | ma | {name@domain|id|adminName} [attribute1 value1 etc]
zmprov ma joe@domain.com zimbraAccountStatus maintenance |
| modifyDataSource | mds | {name@domain | id} {ds-name |ds-id} [attr 1 value 1 [attr2 value 2…]] |
| modifyIdentity | mid | {name@domain |id} {identity-name} [attr 1 value 1 [attr 2 value 2…]] |
| modifySignature | msig | {name@domain |id} {signature-name | signature-id} [attr 1 value 1 [attr 2 value 2…]] |
| removeAccountAlias | raa | {name@domain|id|adminName} {alias@domain}
zmprov raa joe@domain.com joe.smith@engr.domain.com |
| renameAccount | ra | {name@domain|id} {newname@domain}
zmprov ra joe@domain.com joe23@domain.com Note: After you rename an account, you should run a full backup for that account. zmbackup -f – <servername.com> -a <newaccountname@servername.com>; |
| setAccountCOS | sac | {name@domain|id|adminName} {cos-name|cos-id}
zmprov sac joe@domain.com FieldTechnician |
| setPassword | sp | {name@domain|id|adminName} {password}
Note: Passwords cannot included accented characters in the string. Example of accented characters that cannot be used: ã, é, í, ú, ü, ñ. zmprov sp joe@domain.com test321 |
| Calendar Resource Provisioning Commands | ||
| createCalendarResource | ccr | {name@domain} [attr1 value1 [attr2 value2…]] |
| deleteCalendarResource | dcr | {name@domain|id} |
| getAllCalendarResources | gacr | [-v] [{domain}] |
| getCalendarResource | gcr | {name@domain|id} |
| modifyCalendarResource | mcr | {name@domain|id} [attr1 value1 {attr2 value2…]] |
| renameCalendarResource | rcr | {name@domain|id} {newName@domain} |
| searchCalendarResources | scr | [-v] domain attr op value {attr op value…] |
| Free Busy Commands | ||
| getAllFbp | gafbp | [-v] |
| getFreebusyQueueInfo | gfbqi | [{provider-name}] |
| pushFreebusy | pfb | {domain | account-id} [account-id…] |
| Domain Provisioning Commands | ||
| countAccount | cta | {domain|id}
This lists each COS, the COS ID and the number of accounts assigned to each COS |
| createAliasDomain | cad | {alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2…]] |
| createDomain | cd | {domain} [attribute1 value1 etc]
zmprov cd mktng.domain.com zimbraAuthMech zimbra |
| deleteDomain | dd | {domain|id}
zmprov dd mktng.domain.com |
| getDomain | gd | {domain|id}
zmprov gd mktng.domain.com |
| getDomainInfo | gdi | name|id|virtualHostname {value} [attr1 [attr2…]] |
| getAllDomains | gad | [-v] |
| modifyDomain | md | {domain|id} [attribute1 value1 etc]
zmprov md domain.com zimbraGalMaxResults 500 Note:Do not modify zimbraDomainRenameInfo manually. This is automatically updated when a domain is renamed. |
| renameDomain | rd | {domain|id} {newDomain}
Note: renameDomain can only be used with “zmprov -l/–ldap”. |
| COS Provisioning Commands | ||
| copyCos | cpc | {src-cos-name|id} {dest-cos-name} |
| createCos | cc | {name} [attribute1 value1 etc]
zmprov cc Executive zimbraAttachmentsBlocked FALSE zimbraAuthTokenLifetime 60m zimbraMailQuota 100M zimbraMailMessageLifetime 0 |
| deleteCos | dc | {name|id}
zmprov dc Executive |
| getCos | gc | {name|id}
zmprov gc Executive |
| getAllCos | gac | [-v]
zmprov gac -v |
| modifyCos | mc | {name|id} [attribute1 value1 etc]
zmprov mc Executive zimbraAttachmentsBlocked TRUE |
| renameCos | rc | {name|id} {newName}
zmprov rc Executive Business |
| Server Provisioning Commands | ||
| createServer | cs | {name} [attribute1 value1 etc] |
| deleteServer | ds | {name|id}
zmprov ds domain.com |
| getServer | gs | {name|id}
zmprov gs domain.com |
| getAllServers | gas | [-v]
zmprov gas |
| getAllReverseProxyBackends | garpb | |
| modifyServer | ms | {name|id} [attribute1 value1 etc]
zmprov ms domain.com zimbraVirusDefinitionsUpdateFrequency 2h |
| getAllReverseProxyURLs | garpu | Used to publish into nginx.conf what servers should be used for reverse proxy lookup. |
| getAllMtaAuthURLs | gamau | Used to publish into saslauthd.conf what servers should be used for saslauthd.conf MTA auth |
| getAllMemcachedServers | gamcs | Used to list memcached servers (for nginix use). |
| Config Provisioning Commands | ||
| getAllConfig | gacf | [-v]
All LDAP settings are displayed |
| getConfig | gcf | {name} |
| modifyConfig | mcf | attr1 value1
Modifies the LDAP settings. |
| Distribution List Provisioning Commands | ||
| createDistributionList | cdl | {list@domain}
zmprov cdl needlepoint-list@domain.com |
| addDistributionListMember | adlm | {list@domain|id} {member@domain}
zmprov adlm needlepoint-list@domain.com singer23@mail.free.net |
| removeDistributionListMember | rdlm | {list@domain|id}
zmprov rdlm needlepoint-list@domain.com singer23@mail.free.net |
| getAlldistributionLists | gadl | [-v] |
| get DistributionListmembership | gdlm | {name@domain|id} |
| getDistributionList | gdl | {list@domain|id}
zmprov gdl list@domain.com |
| modifyDistributionList | mdl | {list@domain|id} attr1 value1 {attr2 value2…}
zmprov mdl list@domain.com |
| deleteDistributionList | ddl | {list@domain|id} |
| addDistributionListAlias | adla | {list@domain|id} {alias@domain} |
| removeDistributionListAlias | rdla | {list@domain|id} {alias@domain} |
| renameDistributionList | rdl | {list@domain|id} {newName@domain} |
| Zimbra Documents Provisioning Commands | ||
| importNotebook | impn | {name@domain} {directory} {folder}
Before importing files, any file that will become a Documents page (wiki-style page), must be renamed to include the extension “.wiki”. If not it is imported as a file, accessed either as an attachment or an image. impn joe@domain.com /opt/zimbra/wiki/template template |
| initNotebook | in | [{name@domain}] |
| initDomainNotebook | idn | {domain} [{name@domain}]
Creates the domain Documents account idn domain.com domainwiki@domain.com |
| UpdateTemplates | ut | [-h host] {template-directory} |
| Mailbox Commands | ||
| getMailboxInfo— | gmi | {account} |
| getQuotaUsage— | gqu | {server} |
| reIndexMailbox | rim | {name@domain|id} {action} [{reindex-by} {value1} [value2…]] |
| RecalculateMailboxCounts | rmc | {name@domain|id}
When unread message count and quota usage are out of sync with the data in the mailbox, use this command to immediately recalculate the mailbox quota usage and unread messages count. Important:Recalculating mailbox quota usage and message count should be schedule to run in off peak hours and used on one mailbox at a time. |
| selectMailbox | sm | {account-name} [{zmmailbox commands}] |
| Logs | ||
| addAccount Logger | aal | {name@domain|id} {logging-category} {debug|info|warn|error}
Creates custom logging for a single account |
| getAccountLoggers | gal | [-s/–server hostname] {name@domain|id} {logging-category} {debug|info|warn|error} |
| getAllAccountLoggers | gaal | [-s/–server hostname]
Shows all individual custom logger account |
| removeAccountLogger | ral | [-s/ –server hostname] {name@domain|id} {logging-category}
When name@domain is specified, removes the custom logger created for the account otherwise removes all accounts all account loggers from the system. |
| See the zmprov Log Categories for a list of logging categories. | ||
| Search | ||
| searchGAL | sg | {domain} {name}
zmprov sg joe |
| autoCompleteGal | acg | {domain} {name} |
| searchAccounts | sa | [-v] {ldap-query} [limit] [offset] [sortBy {attribute} [sortAscending 0|1] [domain {domain}] |
| Share Provisioning Commands | ||
| For a GUI view of results, see Distribution List Shares tab on the administration console | ||
| getPublishedDistributionListShareInfo | gpdlsi | {dl-name|dl-id} [{owner-name|owner-id}] |
| getShareInfo | gsi | {owner-name|owner-id} |
| publishDistribtionListShareInfo | pdlsi | {+|-} {dl-name@domain|id} {owner-name|owner-id} [{folder-path|folder-id}] |
| Miscellaneous Provisioning Commands | ||
| describe | desc | [[-v] [-ni] [{entry-type}]] | [-a {attribute-name}]
Prints all attribute names (account, domain, COS, servers, etc.). |
| generateDomainPreAuthKey | gdpak | {domain|id}
Generates a pre-authentication key to enable a trusted third party to authenticate to allow for single-sign on. Used in conjunction with GenerateDomainPreAuth. |
| generateDomainPreAuth | gdpa | {domain|id} {name} {name|id|foreignPrincipal} {timestamp|0} {expires|0}
Generates preAuth values for comparison. |
| syncGal | syg | {domain} [{token}] |
| flushCache | fc | [skin|local|account|config|cos|domain|server|zimlet} [name1|id] |
| getAccountLogger | gal | [-s /–server hostname] {name@domain | id} |
| Commands specific to Zimbra IMAP/POP proxy | ||
| getAllReverseProxyURLs | garpu | Used to publish into nginx.conf what servers should be used for reverse proxy lookup. |
| getAllMtaAuthURLs | gamau | Used to publish into saslauthd.conf what servers should be used for saslauthd.conf MTA auth |
| getAllMemcachedServers | gamcs | Used to list memcached servers (for nginix use). |
Esempi
. Creare un account con relativa password a cui viene assegnata la COS predefinita del dominio
. Creare un account con relativa password a cui viene assegnata una COS specifica. È necessario conoscere l’ID della COS e per trovarlo bisogna lanciare il comando “zmprov gc <COSname> zimbraID”
. Creare un account quando l’autenticazione non è interna a Zimbra
Nota: Il doppio apice è obbligatorio e indica che l’account non ha alcuna password locale.
. Aggiungere un alias ad un account
. Creare una lista di distribuzione. Viene restituito l’ID della lista di distribuzione
. Aggiungere un membro ad una lista di distribuzione
. Modificare la password in un account
. Creare un dominio
. Impostare il dominio predefinito
. Elencare tutte le COS ed i loro attributi
. Elencare tutti gli account di un dominio
. Elencare tutti gli account di un dominio ed i loro attributi
