![\"zimbra-settings\"](\"https:\/\/xmission.com\/blog\/wp-content\/uploads\/2015\/04\/zimbra-settings.png\")
<\/p>\n<\/p>\n
Mail server administration is not easy. That is why, for over 8 years, XMission has provided\u00a0Zimbra Email & Collaboration<\/a> services for thousands of businesses that don’t have the time and resources to manage their own mail server. We also sell Zimbra server licensing<\/a> for those that do have the resources. This post will focus on the latter.<\/p>\n While your licensing support<\/a> is provided\u00a0directly from the support team at Zimbra.com<\/a> we still get plenty of questions after the sale. The most common questions deal with user data migration, particularly on how to transfer user passwords, and how to compare settings from an old server to a new server when upgrading.<\/p>\n This post is a bit\u00a0more technical than most of our power tips, but will be very helpful for many Zimbra admins\u00a0looking to have a smooth transition. I’m assuming that the reader has working knowledge of Linux systems as well as some\u00a0experience with Zimbra servers. Throughout this post I will use “example.tld” in place of your domain name.<\/p>\n Let’s start with how to transfer\u00a0password credentials, because requiring an immediate password change at server transition time only fuels end-user anxiety and increases your workload.<\/p>\n USER PASSWORD\u00a0MIGRATION<\/strong><\/p>\n Admins often worry that they can’t transfer passwords between servers. Let me put your mind at ease: it is possible to transfer mailbox passwords from one Zimbra server to another. Now, relax, and I will explain how to do this.<\/span><\/p>\n Inside Zimbra, the password crypts are stored in the “userPassword” attribute\u00a0on an account. Crypts can be copied from one install to another to preserve\u00a0account passwords across Zimbra installations. Depending on the crypt format,\u00a0it’s also possible to use crypts from a non-Zimbra mail server. (This is a trick we use when migrating new hosted\u00a0Zimbra customers to our service from other\u00a0providers.)<\/p>\n You can access crypts in the userPassword attribute via either the zmprov tool<\/a> or\u00a0directly through Zimbra’s LDAP. Let’s discuss how to use zmprov. The attribute is accessed almost like any other account attribute, however,\u00a0it will only print the crypt when getting account information with ‘-l’.<\/p>\n The zmprov command-line tool performs all provisioning tasks in Zimbra LDAP, including creating accounts, aliases, domains, CoS, distribution lists, and calendar resources.<\/p>\n Here is an example command:<\/p>\n So the crypt for this user is ‘{SSHA}ZPyiP3Rt8OJHiwNgZJkhT\/0ZifRJdW+M’. You Note that ‘-l’ isn’t needed when *setting* the userPassword attribute.<\/p>\n The zmprov tool supports piping commands into standard input, so you can actually create\u00a0a file with a list of commands to do mass changes. If the file looked like this:<\/p>\n you could then pipe the file to zmprov, and set the passwords for both of these users.<\/p>\n Next up, how not to miss a critical detail.<\/p>\n COMPARING AN OLD SERVER TO NEW SERVER<\/strong><\/p>\n It can be useful to compare settings between the old server and the new server for any number of reasons. Some of the critical components you check may revolve around Class of Service (CoS) settings, backup schedules, or you may have critical settings around how LDAP is handled for your end users.<\/p>\n The following tools can be run from the command line\u00a0on the Zimbra server(s) to output data for easy review:<\/p>\n \n Zimbra.com zmlocalconfig document<\/a><\/p>\n Zimbra.com zmprov document<\/a><\/p>\n If all the mail accounts are migrated, you can<\/span>\u00a0run the following<\/span>\u00a0command on both servers to get\u00a0mailbox size and message count for every account.<\/p>\n \n Zimbra has a lot\u00a0of attributes,\u00a0so you will want to\u00a0use a\u00a0tool that\u00a0compares the contents of the two files, ie diff, such as\u00a0vimdiff<\/a>. It prints all the lines, side-by-side, hides all that\u00a0are the same, and makes it very easy to go attribute-by-attribute checking for\u00a0differences.<\/p>\n I hope you found this post useful. Please, share this post with your tech friends, co-workers, and social networks by clicking on the social media icons below.<\/p>\n You can post any questions in the comments below and I\u00a0will respond.<\/p>\n When you need Zimbra licensing<\/a> for your on-site server, or are considering\u00a0Zimbra Professional Services<\/a> to help with your install, please contact me for a quote.<\/p>\n John Webster<\/a>, VP of Business Development and Zimbra<\/a> Email Product Manager, has worked at XMission<\/a> for over 19 years doing his favorite thing: helping companies communicate with\u00a0customers\u00a0through\u00a0technology to grow their\u00a0business. When he\u2019s not uncovering Zimbra\u2019s secrets<\/a>\u00a0you might find him in our beautiful Utah mountains. \u00a0Connect with him on LinkedIn today!<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":" Mail server administration is not easy. That is why, for over 8 years, XMission has provided\u00a0Zimbra Email & Collaboration services for thousands of businesses that don’t have the time and resources to manage their own mail server. We also sell Zimbra server licensing for those that do have the resources. This post will focus on […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[449,253,255,376,180,397,396,310,352,130,5,399,398,39],"tags":[457,456,501],"class_list":["post-3676","post","type-post","status-publish","format-standard","hentry","category-collaboration","category-email-2","category-exchange-replacement","category-google-apps","category-hosting","category-licensing","category-mail-server","category-open-source","category-system-administration","category-tech","category-tips-helpful-information","category-value-added-reseller","category-var","category-zimbra","tag-administration","tag-email-admin","tag-zimbra"],"_links":{"self":[{"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/posts\/3676","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/comments?post=3676"}],"version-history":[{"count":56,"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/posts\/3676\/revisions"}],"predecessor-version":[{"id":3738,"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/posts\/3676\/revisions\/3738"}],"wp:attachment":[{"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/media?parent=3676"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/categories?post=3676"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xmission.com\/blog\/wp-json\/wp\/v2\/tags?post=3676"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\r\nzimbra@oldserver:~# zmprov -l ga user@example.tld userPassword\r\n# name user@example.tld\r\nuserPassword: {SSHA}ZPyiP3Rt8OJHiwNgZJkhT\/0ZifRJdW+M\r\n<\/pre>\n
\ncan transfer this user’s password to any other account by copying this crypt:<\/p>\n\r\nzimbra@newserver:~# zmprov ma user@example.tld userPassword '{SSHA}ZPyiP3Rt8OJHiwNgZJkhT\/0ZifRJdW+M'\r\n<\/pre>\n\r\nma user1@example.tld userPassword '{SSHA}ZPyiP3Rt8OJHiwNgZJkhT\/0ZifRJdW+M'\r\nma user2@example.tld userPassword '{SSHA}4bha2xATPc35uz3QFp1CPLxhG9d2q8r8'\r\n<\/pre>\nzmlocalconfig<\/pre>\n
zmprov gs servername.example.tld<\/pre>\n
zmprov -l gaa | awk '{ print \"sm \" $1 }' | zmmailbox -z | egrep \"^mailbox\"<\/pre>\n<\/p>\n