Migrating from courier-imap without passwords using Imapsync

From Zimbra :: Wiki

Jump to: navigation, search

Migrate e-mail accounts from courier-imap, postfixadmin to zimbra without having user passwords

First, we needed to pull the account names and passwords from postfixadmin over to the new Zimbra system. This article demonstrates a php script that did the job well, querying the encrypted passwords from the MySQL backup into a file. You can also modify it to retrieve aliases and subscribers from MySQL.

http://wiki.zimbra.com/index.php?title=Password_Migration[1]

The script will run this SQL command from a mysql backup of your old mail server:

mysql> SELECT username,password,name,maildir,quota,domain FROM mailbox where username like '%jones%';

and it grabs the line containing the encrypted password, adding it to your user create/modify script.


Using the exported.sh file that was generated, which calls the zmprov command, it creates the users on Zimbra and sets their passwords using 'zmprov ma'. Grep out all the lines with 'zmprov ma username' into another file, called reset_passwords.sh, to use for resetting account passwords after the imapsync. (add #!/bin/bash on the top line to make it a script, 'chmod +x reset_passwords.sh' to make it executable.) At this point, we want to change the account passwords to be all the same for the time it takes to do the imapsync migration - add the password to the 'zimpassfile2' file as specified in the imapsync command.

Migrating manually

Migrating e-mail using imapsync was complicated when trying to use the --auth-user postfixadmin 'super-user' option, so we decided instead to create a new e-mail account via postfixadmin, called migrate1, set a password, and then manually change the symlink for the mail folder in this way:

ln -s /usr/local/virtual/jbond@domain.com /usr/local/virtual/migrate1@domain.com

Then running imapsync worked:

/usr/bin/imapsync --buffersize 8192000 --nosyncacls --subscribe --syncinternaldates --host1 postfixserver.domain.com \
--user1 migrate1 --passfile1 zimpassfile1 --host2 zimbraserver.domain.com --user2 jbond@domain.com --passfile2 zimpassfile2 \
--noauthmd5

Then delete the symlink for migrate1 and recreate it for the next user, so you can run imapsync again:

rm /usr/local/virtual/migrate1@domain.com 
ln -s /usr/local/virtual/user2@domain.com /usr/local/virtual/migrate1@domain.com

Migrate all accounts at once under the migrate1 account

We were able pull all user accounts over by logging into Squirrelmail as the migrate1 account. Create symlinks to each user's mail subfolder under migrate1's folder:

ln -s /usr/local/virtual/drno@domain.com /usr/local/virtual/migrate1@domain.com/.drno@domain.com 

and then Subscribe to each user's folder in Squirrelmail's Folder menu. With the user accounts now available as the migrate1 user, imapsync was able to use this syntax to pull each folder to the appropriate user's inbox:

/usr/bin/imapsync --buffersize 8192000 --nosyncacls --subscribe --syncinternaldates --host1 postfixserver.domain.com --user1 \
migrate1@domain.com --passfile1 zimpassfile1 --host2 zimbraserver.domain.com --user2 username@domain.com --passfile2 zimpassfile2 \
 --folderrec INBOX.username@domain.com --regextrans2 's/(.*)/INBOX/' --noauthmd5

Here is a script that will imapsync all user accounts:

#!/bin/bash
# imapsyncrun.sh. Script to migrate imap mailboxes under the account migrate1
DATE=`date +%m%d%y_%H:%M`
LOGFILE="imapsync.log"
echo "IMAPSync starting..  $DATE" >> $LOGFILE 

# Begin 'for' loop, calling the list of user names already collected
for ACCTNAME in `cat /home/zimbra/userlist`
do
# Reset the zimbra password temporarily:
zmprov setPassword $ACCTNAME xxxxxxx

# Then migrate:

/usr/bin/imapsync --buffersize 8192000 --nosyncacls --subscribe --syncinternaldates --host1 postfixserver.domain.com \
--user1 migrate1@domain.com --passfile1 zimpassfile1 --host2 zimbra.domain.com --user2 $ACCTNAME --passfile2 zimpassfile2 \
--folderrec INBOX.$ACCTNAME --regextrans2 's/(.*)/INBOX/' --noauthmd5

echo Done with $ACCTNAME on $DATE >> $LOGFILE

done

# Change the password back to the encrypted one on file.
reset_passwords.sh

echo "" >> $LOGFILE
echo "IMAPSync Finished..  $DATE" >> $LOGFILE
echo "------------------------------------" >> $LOGFILE

After all the accounts have synced, the reset_passwords.sh script that contains the 'zmprov ma' commands will reset all user passwords to the same ones which they had on the old mail server.

For performance, as recommended we ran two imapsync processes concurrently on different servers to reduce the time for migration. We configured accounts migration1 and migration2 on the old mail server so we could point to two different mail folders at one time under /usr/local/virtual.


MS

Personal tools