Friday, December 20, 2013

Postfix Roundcube to Zimbra

ADMINISTRATOR

Mekanisme Migrasi Email
1. Melakukan reset password kesemua email di Mail Server lama
2. Melakukan sinkronisasi email, dari mail server lama ke mail server baru. Dimana tools yang digunakan memerlukan password email lama dan password email yang baru



TAHAPAN MIGRASI

A. Instalasi Server Baru
1. Install Centos 6.4 64bit
2. Install Zimbra 8.0
3. Konfigurasi Zimbra dengan domain testdomain.com
4. Masukkan domain lain yaitu plastikinject.com dan rovega,net

B. Restore Nama Account Server Lama ke Server Baru
1. Copy file /etc/passwd dan /etc/shadow server lama ke server baru dan ke PC Desktop Administrator

2. Pengambilan data account email lama dari file /etc/passwd
- Buka file /etc/passwd di excel.
- Pisahkan domain testdomain dengan domain lain dengan cara menghapus tulisan testdomain
- Simpan file passwd.testdomain
- Kirim file tersebut ke server baru.

3. Jalankan script passwd2zmprov. Script ini akan mengambil data dari file passwd.testdomain dan mengisikannya dengan attribut lain agar bisa dimasukkan ke account zimbra yang baru

[root@mail script]# perl passwd2zmprov -domain testdomain.com passwd.testdomain > testdomain.zmp

Contoh file /etc/passwd
anton.prasetyo.testdomain:x:2165:1002:Anton Prasetyo:/home/testdomain/homes/anton.prasetyo:/dev/null
ryansetiawan.swhmedan.testdomain:x:2167:1002:Ryan Agus Setiawan:/home/testdomain/homes/ryansetiawan.swhmedan:/dev/null

Contoh file passwd.testdomain :
anton.prasetyo:x:2165:1002:Anton Prasetyo:/home/testdomain/homes/anton.prasetyo:/dev/null
ryansetiawan.swhmedan:x:2167:1002:Ryan Agus Setiawan:/home/testdomain/homes/ryansetiawan.swhmedan:/dev/null

Contoh file testdomain.zmp
ca "anton.prasetyo@testdomain.com" "" givenName "Anton" sn "Prasetyo" cn "anton.prasetyo" displayName "Anton Prasetyo" zimbraNotes "Migrated Wed Oct 23 11:25:55 2013" zimbraPasswordMustChange FALSE
ca "ryansetiawan.swhmedan@testdomain.com" "" givenName "Ryan" sn "Setiawan" cn "ryansetiawan.swhmedan" displayName "Ryan Agus Setiawan" zimbraNotes "Migrated Wed Oct 23 11:25:55 2013" zimbraPasswordMustChange FALSE

4. Buat account baru di server baru menggunakan file testdomain.zmp. Penggunaan command zmprov harus menggunakan user zimbra
[zimbra@mail script]$ zmprov -f testdomain.com
Account akan langsung otomatis terbuat dengan domain testdomain.com

5. Merestore password lama ke server zimbra yang baru.
- Edit file /etc/shadow. Pisahkan
- Jalankan script
[root@mail script]# ./shadow2zm.pl /etc/shadow > passwd.zm atau
[root@mail script]# ./shadow2zm.pl shadow.testdomain > shadow.testdomain.zm
[root@mail script]# chmod 755 passwd.zm atau
[root@mail script]# chmod 755 passwd.shadow.testdomain.zm
[root@mail script]# su zimbra
[zimbra@mail script]$ ./passwd.zm atau
[zimbra@mail script]$ ./passwd.shadow.testdomain.zm


Contoh file passwd .zm
zmprov ma yudi.handoko@testdomain.com userPassword '{crypt}$6$40186242$89MpB6dPuCOY8XssTdyj9xE78QIU0sDRV5qFfsc7gdgeBrwjvuJ8HA1bU/sWK9MoFKFS5v4tDf/YF1ZmxUuc0/'

C. Restore Mailbox Account Server Lama ke Server Baru

1. Siapkan user dan password setiap account di Server lama dan Server baru.
2. Jalankan script di Server lama

[root@mail1:~]# imapsync --host1 localhost --user1 anton.prasetyo.testdomain --password1 xxxx --authmech1 PLAIN --host2 117.102.94.158 --user2 anton.prasetyo@testdomain.com --password2 xxxx --authmech2 PLAIN --ssl2 --allowsizemismatch –-nofoldersizes --skipsize –-fast





script shadow2zm.pl =========================================================
#!/usr/bin/perl
# Usage: as root   # ./shadow2zm.pl /etc/shadow > shadow.zm
#        as zimbra # zmprov < shadow.zm

$domain="testdomain.com";

while(<>) {
    chomp;
    my ($uname,$pass) = split(/:/);

    print qq{zmprov ma $uname\@$domain userPassword '{crypt}$pass'\n};
    print qq{\n};
}



script passhadow2zm.pl =======================================================

#!/usr/bin/perl
#
# $Id: passwd2zmprov,v 1.2 2008/03/05 05:01:29 phil Exp $

=head1 NAME

passwd2zmprov - create zmprov commands from a passwd file

=head1 SYNOPSIS

  usage: passwd2zmprov [options] [[passwd_file] ...] > commands.zmp
     -help   show a brief help message
     -man    show the full documentation

     -domain      [REQUIRED]
     -cosid       [default "Default COS"]
     -password  [default ""]

  Getting a COS id:
    zimbra$ zmprov gc  | grep ^zimbraId:

  Example converting CSV to zmprov commands:
    $ ./passwd2zmprov -domain example.moc /etc/passwd > commands.zmp

  Example provisioning ZCS accounts as 'zimbra' user:
    zimbra$ zmprov -f commands.zmp

=head1 DESCRIPTION:

Tool to create commands suitable for zmprov from a UNIX passwd file.
We don't use getpwent etc., because we are likely working on a copy
and not running as root.

See Also:
  http://wiki.zimbra.com/index.php?title=Bulk_Create

=cut

use strict;
use warnings;
use File::Basename qw(basename);
use Getopt::Long qw(GetOptions);
use Pod::Usage qw(pod2usage);

my $prog = basename($0);
my ( @err, %option );

GetOptions( \%option, 'help|?', 'man', 'domain=s', 'cosid=s', 'password=s' )
  or pod2usage( -verbose => 0 );

pod2usage( -verbose => 1 ) if $option{help};
pod2usage( -verbose => 2 ) if $option{man};

push( @err, "-domain  is required" )
  unless $option{domain};

pod2usage( -verbose => 0, -message => map( "$prog: $_\n", @err ) )
  if @err;

warn("$prog: using Default COS\n") unless $option{cos_id};
warn("$prog: reading passwd like entries from STDIN\n") unless @ARGV;

my $date     = localtime;
my $cosid    = $option{cosid};
my $domain   = $option{domain};
my $password = defined $option{password} ? $option{password} : "";
my $MIN_UID = 500;      # skip system accounts like httpd
my $MAX_UID = 60000;    # skip other system accounts like nfsnobody

# sanitize password
$password =~ s/\"/\\\"/g;

while (<>) {
    chomp;
    next if /^\s*$/;    # skip empty lines

    my ( $uname, $x, $uid, $gid, $gecos, $dir, $shell ) = split( /:/, $_, 7 );

    if ( $uid < $MIN_UID or $uid > $MAX_UID ) {
        warn("$prog: skip $uname: $uid not between $MIN_UID and $MAX_UID\n");
        next;
    }

    # assuming gecos format is First [[MI] [Last]], sanitize a little
    $gecos =~ s/\"/\\\"/g;

    my ( $fullname, $description ) = split( /\s*,\s*/, $gecos, 2 );
    my ( $fname, $mname, $lname ) = split( " ", $fullname, 3 );
    unless ( defined($lname) ) {
        $lname = $mname;
        undef($mname);
    }
    my $displayname = $fname
      . ( defined($mname) ? " $mname" : "" )
      . ( defined($lname) ? " $lname" : "" );

    print(
        qq{ca "$uname\@$domain" "$password"},
        ( defined($cosid)       ? qq{ zimbraCOSid "$cosid"}       : () ),
        ( defined($fname)       ? qq{ givenName "$fname"}         : () ),
        ( defined($lname)       ? qq{ sn "$lname"}                : () ),
        ( defined($uname)       ? qq{ cn "$uname"}                : () ),
        ( defined($displayname) ? qq{ displayName "$displayname"} : () ),
        ( defined($description) ? qq{ description "$description"} : () ),
        qq{ zimbraNotes "Migrated $date"},
        qq{ zimbraPasswordMustChange TRUE},
        qq{\n},
    );
}

=head1 HISTORY

 2007/01/23, Version 1.0/1.1 Dlbewley
 2008/03/04, Version 1.2 Plobbes

=cut
D. Menampilkan List Address Book di semua Domain


su -l zimbra -c "zmprov mcf zimbraGalInternalSearchBase ROOT"
-

Mobile Device Deployment - CISSP (Domain 3)

Mobile Device Deployment Policies Mobile Device Deployment Policy harus diarahkan secara luas terkait penggunaan perangkat yang diizinkan da...