Zmprov: Difference between revisions

No edit summary
 
 
(45 intermediate revisions by 17 users not shown)
Line 1: Line 1:
{{BC|Community Sandbox}}
__FORCETOC__
<div class="col-md-12 ibox-content">
=Zmprov=
{{KB|{{Unsupported}}|{{ZCS 6.0}}|{{ZCS 5.0}}|}}
{{WIP}}
For the most recent information on this CLI, including syntax and description, see [https://www.zimbra.com/docs/ne/8.6.0/administration_guide/wwhelp/wwhimpl/js/html/wwhelp.htm#href=860_admin_ne.Appendix_A%E2%80%82Command_Line_Utilities.html ZCS Administrator's Guide Network Edition > Appendix A Command-Line Utilities].


*[[How To Create an Admin Account]]
:'''''Important:''' When using international symbols as attribute values for create* and modify* commands make sure '''LC_ALL''' environment variable is set to the value corresponding the character set you enter new values in.''
 
=ZCS 6.0.x=
*[http://bugzilla.zimbra.com/show_bug.cgi?id=23920 Bug 23920] - a new CLI command, '''zmprov desc''', prints all attribute names.
*[http://bugzilla.zimbra.com/show_bug.cgi?id=32321 Bug 32321] - zmprov usage for '''gaa''' now requires '''-l''' in the command so that account information is retrieved via LDAP.
:'''''Important:''' When upgrading - If you created a script using '''zmprov gaa''' to retrieve all accounts, you will need to modify the script to include '''-l''' in the command.''
 
*[http://bugzilla.zimbra.com/show_bug.cgi?id=33973 Bug 33973] - A new option was added to the zmprov CLI to force the command to use the value of ldap_master_url when retrieving information (zmprov -l -m)
 
==zmprov (Provisioning)==
The '''zmprov''' tool performs all provisioning tasks in Zimbra LDAP, including creating accounts, aliases, domains, COS, distribution lists, and calendar resources. Each operation is invoked through command-line options, each of which has a long name and a short name.
 
The syntax for modify can include the prefix “+” or “-” so that you can make changes to the attributes affected and do not need to reenter attributes that are not changing.
 
*Use + to add a new instance of the specified attribute name without changing any existing attributes.
*Use - to remove a particular instance of an attribute.
 
===Syntax===
zmprov [cmd] [argument]
 
The following objects use this syntax:
 
*ModifyAccount
*ModifyDomain
*ModifyCos
*ModifyServer
*ModifyConfig
*ModifyDistributionList
*ModifyCalendarResource
 
The following example would add the attribute '''zimbraZimletUserProperties''' with the value “blue” to user 1 and would not change the value of any other instances of that attribute.
 
zmprov ma user1 +zimbraZimletUserProperties "com_company_testing:favoriteColor:blue"
 
===Description===
The commands in the following table are divided into the tasks types - General, Account, Calendar Resources, Config, COS, Distribution List, Documents, Domain, Server, and Miscellaneous.
 
{|style="width:100%" border="1" cellpadding="5" cellspacing="0"
! align="left" bgcolor="tan" |Long Name
! align="left" bgcolor="tan" |Short Name
! align="left" bgcolor="tan"|Description
|-
! colspan="3" align="left" bgcolor="wheat" |General Options
|-
|style="background=white" |<nowiki>--help</nowiki>
|<nowiki>-h</nowiki>
|display usage
|-
|<nowiki>--file</nowiki>
|<nowiki>-f</nowiki>
|use file as input stream
|-
|<nowiki>--server</nowiki>
|<nowiki>-s</nowiki>
|<nowiki>{host}[:{port}]</nowiki> server hostname and optional port
|-
|<nowiki>--ldap</nowiki>
|<nowiki>-l</nowiki>
|provision via LDAP instead of SOAP
|-
|<nowiki>--log property file</nowiki>
|<nowiki>-L</nowiki>
|log 4j property file, valid only with -l
|-
|<nowiki> 
--account {name}</nowiki>
|<nowiki>-a</nowiki>
|account name to auth as
|-
|<nowiki>--password {pass}</nowiki>
|<nowiki>-p</nowiki>
|password for account
|-
|<nowiki>--passfile {file}</nowiki>
|<nowiki>-P</nowiki>
|read password from file
|-
|<nowiki>--zadmin</nowiki>
|<nowiki>-z</nowiki>
|use Zimbra admin name/password from localconfig for admin/password
|-
|<nowiki>--authtoken (authtoken)</nowiki>
|<nowiki>-y</nowiki>
|use auth token string (has to be in JSON format) from command line
|-
|<nowiki>--authtoken (authtoken file)</nowiki>
|<nowiki>-Y</nowiki>
|use auth token string (has to be in JSON format) from command line
|-
|<nowiki>--verbose</nowiki>
|<nowiki>-v</nowiki>
|verbose mode (dumps full exception stack trace)
|-
|<nowiki>--debug</nowiki>
|<nowiki>-d/</nowiki>
|debug mode (dumps SOAP messages)
|-
|<nowiki>--master</nowiki>
|<nowiki>-m</nowiki>
|use LDAP master. This only valid with -l
|-
! colspan="3" align="left" bgcolor="wheat" |Account Provisioning Commands
|-
|<nowiki>addAccountAlias</nowiki>
|<nowiki>aaa</nowiki>
|<nowiki>{name@domain|id|adminName} {alias@domain}</nowiki>
'''zmprov aaa joe@domain.com joe.smith@engr.domain.com'''
|-
|<nowiki>checkPasswordStrength</nowiki>
|<nowiki>cps</nowiki>
|Syntax: <nowiki>{name@domain|id} {password}</nowiki>
'''''Note:''' This command does not check the password age or history.''
 
'''zmprov cps joe@domain.com test123'''
|-
|<nowiki>createAccount</nowiki>
|<nowiki>ca</nowiki>
|Syntax:{name@domain} {password} [attribute1 value1 etc]
Type on one line.
 
'''zmprov ca joe@domain.com test123 displayName JSmith'''
|-
|<nowiki>createDataSource</nowiki>
|<nowiki>cds</nowiki>
|{name@domain} {ds-type} {ds-name} [attr1 value1 [attr2 value2...]]
|-
|<nowiki>createIdentity</nowiki>
|<nowiki>cid</nowiki>
|{name@domain} {identity-name} [attr1 value1 [attr2 value2...]]
|-
|<nowiki>createSignature</nowiki>
|<nowiki>csig</nowiki>
|{name@domain} {signature-name} [attr1 value1 [attr2 value2...]]
|-
|<nowiki>deleteAccount</nowiki>
|<nowiki>da</nowiki>
|Syntax:<nowiki>{name@domain|id|adminName}</nowiki>
 
'''zmprov da joe@domain.com'''
|-
|<nowiki>deleteDataSource</nowiki>
|<nowiki>dds</nowiki>
|<nowiki>{name@domain|id} {ds-name|ds-id}</nowiki>
|-
|<nowiki>deleteIdentity</nowiki>
|<nowiki>did</nowiki>
|<nowiki>{name@domain|id} {identity-name}</nowiki>
|-
|<nowiki>deleteIdentity</nowiki>
|<nowiki>did</nowiki>
|<nowiki>{name@domain|id} {identity-name}</nowiki>
|-
|<nowiki>deleteSignature</nowiki>
|<nowiki>dsig</nowiki>
|<nowiki>{name@domain|id} {signature-name}</nowiki>
|-
|<nowiki>getAccount</nowiki>
|<nowiki>ga</nowiki>
|<nowiki>Syntax:{name@domain|id|adminName}</nowiki>
 
'''zmprov ga joe@domain.com'''
|-
|<nowiki>getAccountMembership</nowiki>
|<nowiki>gam</nowiki>
|<nowiki>{name@domain|id}</nowiki>
|-
|<nowiki>getAllAccounts</nowiki>
|<nowiki>gaa</nowiki>
|<nowiki>Syntax: [-v] [{domain}] </nowiki>
 
'''zmprov -l gaa'''
 
'''zmprov -l gaa -v domain.com'''
|-
|<nowiki>getAllAdminAccounts</nowiki>
|<nowiki>gaaa</nowiki>
|<nowiki>Syntax: gaaa</nowiki>
 
'''zmprov gaaa'''
|-
|<nowiki>getDataSources</nowiki>
|<nowiki>gds</nowiki>
|<nowiki>{name@domain | id} [arg 1 [arg 2...]]</nowiki>
|-
|<nowiki>getIdentities</nowiki>
|<nowiki>gid</nowiki>
|<nowiki>{name@domain | id} [arg 1 [arg 2...]]</nowiki>
|-
|<nowiki>getSignatures</nowiki>
|<nowiki>gsig</nowiki>
|<nowiki>{name@domain | id} [arg 1 [arg 2...]]</nowiki>
|-
|<nowiki>modifyAccount</nowiki>
|<nowiki>ma</nowiki>
|<nowiki>{name@domain|id|adminName} [attribute1 value1 etc]</nowiki>
 
'''zmprov ma joe@domain.com zimbraAccountStatus maintenance'''
|-
|<nowiki>modifyDataSource</nowiki>
|<nowiki>mds</nowiki>
|<nowiki>{name@domain | id} {ds-name |ds-id} [attr 1 value 1 [attr2 value 2...]]</nowiki>
|-
|<nowiki>modifyIdentity</nowiki>
|<nowiki>mid</nowiki>
|<nowiki>{name@domain |id} {identity-name} [attr 1 value 1 [attr 2 value 2...]]</nowiki>
|-
|<nowiki>modifySignature</nowiki>
|<nowiki>msig</nowiki>
|<nowiki>{name@domain |id} {signature-name | signature-id} [attr 1 value 1 [attr 2 value 2...]]</nowiki>
|-
|<nowiki>removeAccountAlias</nowiki>
|<nowiki>raa</nowiki>
|<nowiki>{name@domain|id|adminName} {alias@domain}</nowiki>
 
'''zmprov raa joe@domain.com joe.smith@engr.domain.com'''
|-
|<nowiki>renameAccount</nowiki>
|<nowiki>ra</nowiki>
|<nowiki>{name@domain|id} {newname@domain}</nowiki>
 
'''zmprov ra joe@domain.com joe23@domain.com'''
 
'''''Note:''' After you rename an account, you should run a full backup for that account.''
 
'''zmbackup -f - <servername.com> -a <newaccountname@servername.com>'''
|-
|<nowiki>setAccountCOS</nowiki>
|<nowiki>sac</nowiki>
|<nowiki>{name@domain|id|adminName} {cos-name|cos-id}</nowiki>
 
'''zmprov sac joe@domain.com FieldTechnician'''
|-
|<nowiki>setPassword</nowiki>
|<nowiki>sp</nowiki>
|<nowiki>{name@domain|id|adminName} {password} </nowiki>
 
'''''Note:''' Passwords cannot included accented characters in the string. Example of accented characters that cannot be used: ã, é, í, ú, ü, ñ.''
 
'''zmprov sp joe@domain.com test321'''
|-
! colspan="3" align="left" bgcolor="wheat" |Calendar Resource Provisioning Commands
|-
|<nowiki>createCalendarResource</nowiki>
|<nowiki>ccr</nowiki>
|<nowiki>{name@domain} [attr1 value1 [attr2 value2...]]</nowiki>
|-
|<nowiki>deleteCalendarResource</nowiki>
|<nowiki>dcr</nowiki>
|<nowiki>{name@domain|id}</nowiki>
|-
|<nowiki>getAllCalendarResources</nowiki>
|<nowiki>gacr</nowiki>
|<nowiki>[-v] [{domain}]</nowiki>
|-
|<nowiki>getCalendarResource</nowiki>
|<nowiki>gcr</nowiki>
|<nowiki>{name@domain|id}</nowiki>
|-
|<nowiki>modifyCalendarResource</nowiki>
|<nowiki>mcr</nowiki>
|<nowiki>{name@domain|id} [attr1 value1 {attr2 value2...]]</nowiki>
|-
|<nowiki>renameCalendarResource</nowiki>
|<nowiki>rcr</nowiki>
|<nowiki>{name@domain|id} {newName@domain}</nowiki>
|-
|<nowiki>searchCalendarResources</nowiki>
|<nowiki>scr</nowiki>
|<nowiki>[-v] domain attr op value {attr op value...]</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Free Busy Commands
|-
|<nowiki>getAllFbp</nowiki>
|<nowiki>gafbp</nowiki>
|<nowiki>[-v]</nowiki>
|-
|<nowiki>getFreebusyQueueInfo</nowiki>
|<nowiki>gfbqi</nowiki>
|<nowiki>[{provider-name}]</nowiki>
|-
|<nowiki>pushFreebusy</nowiki>
|<nowiki>pfb</nowiki>
|<nowiki>{domain | account-id} [account-id...]</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Domain Provisioning Commands
|-
|<nowiki>countAccount</nowiki>
|<nowiki>cta</nowiki>
|<nowiki>{domain|id}</nowiki>
 
This lists each COS, the COS ID and the number of accounts assigned to each COS
|-
|<nowiki>createAliasDomain</nowiki>
|<nowiki>cad</nowiki>
|<nowiki>{alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2...]]</nowiki>
|-
|<nowiki>createDomain</nowiki>
|<nowiki>cd</nowiki>
|<nowiki>{domain} [attribute1 value1 etc]</nowiki>
 
'''zmprov cd mktng.domain.com zimbraAuthMech zimbra'''
|-
|<nowiki>deleteDomain</nowiki>
|<nowiki>dd</nowiki>
|<nowiki>{domain|id}</nowiki>
 
'''zmprov dd mktng.domain.com'''
|-
|<nowiki>getDomain</nowiki>
|<nowiki>gd</nowiki>
|<nowiki>{domain|id}</nowiki>
 
'''zmprov gd mktng.domain.com'''
|-
|<nowiki>getDomainInfo</nowiki>
|<nowiki>gdi</nowiki>
|<nowiki>name|id|virtualHostname {value} [attr1 [attr2...]]</nowiki>
|-
|<nowiki>getAllDomains</nowiki>
|<nowiki>gad</nowiki>
|<nowiki>[-v]</nowiki>
|-
|<nowiki>modifyDomain</nowiki>
|<nowiki>md</nowiki>
|<nowiki>{domain|id} [attribute1 value1 etc]</nowiki>
 
'''zmprov md domain.com zimbraGalMaxResults 500'''
 
'''''Note:'''Do not modify '''zimbraDomainRenameInfo''' manually. This is automatically updated when a domain is renamed.''
|-
|<nowiki>renameDomain</nowiki>
|<nowiki>rd</nowiki>
|<nowiki>{domain|id} {newDomain}</nowiki>
 
'''''Note:''' renameDomain can only be used with “'''zmprov -l/--ldap'''”.''
|-
! colspan="3" align="left" bgcolor="wheat" |COS Provisioning Commands
|-
|<nowiki>copyCos</nowiki>
|<nowiki>cpc</nowiki>
|<nowiki>{src-cos-name|id} {dest-cos-name}</nowiki>
|-
|<nowiki>createCos</nowiki>
|<nowiki>cc</nowiki>
|<nowiki>{name} [attribute1 value1 etc]</nowiki>
 
'''zmprov cc Executive zimbraAttachmentsBlocked FALSE zimbraAuthTokenLifetime 60m zimbraMailQuota 100M zimbraMailMessageLifetime 0'''
|-
|<nowiki>deleteCos</nowiki>
|<nowiki>dc</nowiki>
|<nowiki>{name|id}</nowiki>
 
'''zmprov dc Executive'''
|-
|<nowiki>getCos</nowiki>
|<nowiki>gc</nowiki>
|<nowiki>{name|id}</nowiki>
 
'''zmprov gc Executive'''
|-
|<nowiki>getAllCos</nowiki>
|<nowiki>gac</nowiki>
|<nowiki>[-v]</nowiki>
 
'''zmprov gac -v'''
|-
|<nowiki>modifyCos</nowiki>
|<nowiki>mc</nowiki>
|<nowiki>{name|id} [attribute1 value1 etc]</nowiki>
 
'''zmprov mc Executive zimbraAttachmentsBlocked TRUE'''
|-
|<nowiki>renameCos</nowiki>
|<nowiki>rc</nowiki>
|<nowiki>{name|id} {newName}</nowiki>
 
'''zmprov rc Executive Business'''
|-
! colspan="3" align="left" bgcolor="wheat" |Server Provisioning Commands
|-
|<nowiki>createServer</nowiki>
|<nowiki>cs</nowiki>
|<nowiki>{name} [attribute1 value1 etc]</nowiki>
|-
|<nowiki>deleteServer</nowiki>
|<nowiki>ds</nowiki>
|<nowiki>{name|id}</nowiki>
 
'''zmprov ds domain.com'''
|-
|<nowiki>getServer</nowiki>
|<nowiki>gs</nowiki>
|<nowiki>{name|id}</nowiki>
 
'''zmprov gs domain.com'''
|-
|<nowiki>getAllServers</nowiki>
|<nowiki>gas</nowiki>
|<nowiki>[-v]</nowiki>
 
'''zmprov gas'''
|-
|<nowiki>getAllReverseProxyBackends</nowiki>
|<nowiki>garpb</nowiki>
|<nowiki></nowiki>
|-
|<nowiki>modifyServer</nowiki>
|<nowiki>ms</nowiki>
|<nowiki>{name|id} [attribute1 value1 etc]</nowiki>
 
'''zmprov ms domain.com zimbraVirusDefinitionsUpdateFrequency 2h'''
|-
|<nowiki>getAllReverseProxyURLs</nowiki>
|<nowiki>garpu</nowiki>
|<nowiki>Used to publish into nginx.conf what servers should be used for reverse proxy lookup.</nowiki>
|-
|<nowiki>getAllMtaAuthURLs</nowiki>
|<nowiki>gamau</nowiki>
|<nowiki>Used to publish into saslauthd.conf what servers should be used for saslauthd.conf MTA auth</nowiki>
|-
|<nowiki>getAllMemcachedServers</nowiki>
|<nowiki>gamcs</nowiki>
|<nowiki>Used to list memcached servers (for nginix use).</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Config Provisioning Commands
|-
|<nowiki>getAllConfig</nowiki>
|<nowiki>gacf</nowiki>
|<nowiki>[-v]</nowiki>
 
All LDAP settings are displayed
|-
|<nowiki>getConfig</nowiki>
|<nowiki>gcf</nowiki>
|<nowiki>{name}</nowiki>
|-
|<nowiki>modifyConfig</nowiki>
|<nowiki>mcf</nowiki>
|<nowiki>attr1 value1</nowiki>
 
Modifies the LDAP settings.
|-
! colspan="3" align="left" bgcolor="wheat" |Distribution List Provisioning Commands
|-
|<nowiki>createDistributionList</nowiki>
|<nowiki>cdl</nowiki>
|<nowiki>{list@domain}</nowiki>
 
'''zmprov cdl needlepoint-list@domain.com'''
|-
|<nowiki>addDistributionListMember</nowiki>
|<nowiki>adlm</nowiki>
|<nowiki>{list@domain|id} {member@domain}</nowiki>
 
'''zmprov adlm needlepoint-list@domain.com singer23@mail.free.net'''
|-
|<nowiki>removeDistributionListMember</nowiki>
|<nowiki>rdlm</nowiki>
|<nowiki>{list@domain|id}</nowiki>
 
'''zmprov rdlm needlepoint-list@domain.com singer23@mail.free.net'''
|-
|<nowiki>getAlldistributionLists</nowiki>
|<nowiki>gadl</nowiki>
|<nowiki>[-v]</nowiki>
|-
|<nowiki>get DistributionListmembership</nowiki>
|<nowiki>gdlm</nowiki>
|<nowiki>{name@domain|id}</nowiki>
|-
|<nowiki>getDistributionList</nowiki>
|<nowiki>gdl</nowiki>
|<nowiki>{list@domain|id}</nowiki>
 
'''zmprov gdl list@domain.com'''
|-
|<nowiki>modifyDistributionList</nowiki>
|<nowiki>mdl</nowiki>
|<nowiki>{list@domain|id} attr1 value1 {attr2 value2...}</nowiki>
 
'''zmprov mdl list@domain.com'''
|-
|<nowiki>deleteDistributionList</nowiki>
|<nowiki>ddl</nowiki>
|<nowiki>{list@domain|id}</nowiki>
|-
|<nowiki>addDistributionListAlias</nowiki>
|<nowiki>adla</nowiki>
|<nowiki>{list@domain|id} {alias@domain}</nowiki>
|-
|<nowiki>removeDistributionListAlias</nowiki>
|<nowiki>rdla</nowiki>
|<nowiki>{list@domain|id} {alias@domain}</nowiki>
|-
|<nowiki>renameDistributionList</nowiki>
|<nowiki>rdl</nowiki>
|<nowiki>{list@domain|id} {newName@domain}</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Zimbra Documents Provisioning Commands
|-
|<nowiki>importNotebook</nowiki>
|<nowiki>impn</nowiki>
|<nowiki>{name@domain} {directory} {folder}</nowiki>
 
Before importing files, any file that will become a Documents page (wiki-style page), must be renamed to include the extension “.wiki”. If not it is imported as a file, accessed either as an attachment or an image.
 
'''impn joe@domain.com /opt/zimbra/wiki/template template'''
|-
|<nowiki>initNotebook</nowiki>
|<nowiki>in</nowiki>
|<nowiki>[{name@domain}]</nowiki>
 
'''in joe@domain.com'''
|-
|<nowiki>initDomainNotebook</nowiki>
|<nowiki>idn</nowiki>
|<nowiki>{domain} [{name@domain}]</nowiki>
 
Creates the domain Documents account
 
'''idn domain.com domainwiki@domain.com'''
|-
|<nowiki>UpdateTemplates</nowiki>
|<nowiki>ut</nowiki>
|<nowiki>[-h host] {template-directory}</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Mailbox Commands
|-
|<nowiki>getMailboxInfo---</nowiki>
|<nowiki>gmi</nowiki>
|<nowiki>{account}</nowiki>
|-
|<nowiki>getQuotaUsage---</nowiki>
|<nowiki>gqu</nowiki>
|<nowiki>{server}</nowiki>
|-
|<nowiki>reIndexMailbox</nowiki>
|<nowiki>rim</nowiki>
|<nowiki>{name@domain|id} {action} [{reindex-by} {value1} [value2...]]</nowiki>
|-
|<nowiki>RecalculateMailboxCounts</nowiki>
|<nowiki>rmc</nowiki>
|<nowiki>{name@domain|id}</nowiki>
 
When unread message count and quota usage are out of sync with the data in the mailbox, use this command to immediately recalculate the mailbox quota usage and unread messages count.
 
'''''Important:'''Recalculating mailbox quota usage and message count should be schedule to run in off peak hours and used on one mailbox at a time.''
|-
|<nowiki>selectMailbox</nowiki>
|<nowiki>sm</nowiki>
|<nowiki>{account-name} [{zmmailbox commands}]</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Logs
|-
|<nowiki>addAccount Logger</nowiki>
|<nowiki>aal</nowiki>
|<nowiki>{name@domain|id} {logging-category} {debug|info|warn|error}</nowiki>
 
Creates custom logging for a single account
|-
|<nowiki>getAccountLoggers</nowiki>
|<nowiki>gal</nowiki>
|<nowiki>[-s/--server hostname] {name@domain|id} {logging-category} {debug|info|warn|error}</nowiki>
|-
|<nowiki>getAllAccountLoggers</nowiki>
|<nowiki>gaal</nowiki>
|<nowiki>[-s/--server hostname] </nowiki>
 
Shows all individual custom logger account
|-
|<nowiki>removeAccountLogger</nowiki>
|<nowiki>ral</nowiki>
|<nowiki>[-s/ --server hostname] {name@domain|id} {logging-category}</nowiki>
 
When name@domain is specified, removes the custom logger created for the account otherwise removes all accounts all account loggers from the system.
|-
| colspan="3" align="left"|See the [http://www.zimbra.com/docs/ne/latest/administration_guide/A_app-command-line.20.3.html#1286471 zmprov Log Categories] for a list of logging categories.
|-
! colspan="3" align="left" bgcolor="wheat" |Search
|-
|<nowiki>searchGAL</nowiki>
|<nowiki>sg</nowiki>
|<nowiki>{domain} {name}</nowiki>
 
'''zmprov sg joe'''
|-
|<nowiki>autoCompleteGal</nowiki>
|<nowiki>acg</nowiki>
|<nowiki>{domain} {name}</nowiki>
|-
|<nowiki>searchAccounts</nowiki>
|<nowiki>sa</nowiki>
|<nowiki>[-v] {ldap-query} [limit] [offset] [sortBy {attribute} [sortAscending 0|1] [domain {domain}]</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Share Provisioning Commands
|-
| colspan="3" align="left"|For a GUI view of results, see Distribution List Shares tab on the administration console
|-
|<nowiki>getPublishedDistributionListShareInfo</nowiki>
|<nowiki>gpdlsi</nowiki>
|<nowiki>{dl-name|dl-id} [{owner-name|owner-id}]</nowiki>
|-
|<nowiki>getShareInfo</nowiki>
|<nowiki>gsi</nowiki>
|<nowiki>{owner-name|owner-id}</nowiki>
|-
|<nowiki>publishDistribtionListShareInfo</nowiki>
|<nowiki>pdlsi</nowiki>
|<nowiki>{+|-} {dl-name@domain|id} {owner-name|owner-id} [{folder-path|folder-id}]</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Miscellaneous Provisioning Commands
|-
|-
|<nowiki>describe</nowiki>
|<nowiki>desc</nowiki>
|<nowiki>[[-v] [-ni] [{entry-type}]] | [-a {attribute-name}]</nowiki>
 
Prints all attribute names (account, domain, COS, servers, etc.).
|-
|<nowiki>generateDomainPreAuthKey</nowiki>
|<nowiki>gdpak</nowiki>
|<nowiki>{domain|id}</nowiki>
 
Generates a pre-authentication key to enable a trusted third party to authenticate to allow for single-sign on. Used in conjunction with GenerateDomainPreAuth.
|-
|<nowiki>generateDomainPreAuth</nowiki>
|<nowiki>gdpa</nowiki>
|<nowiki>{domain|id} {name} {name|id|foreignPrincipal} {timestamp|0} {expires|0}</nowiki>
 
Generates preAuth values for comparison.
|-
|<nowiki>syncGal</nowiki>
|<nowiki>syg</nowiki>
|<nowiki>{domain} [{token}]</nowiki>
|-
|<nowiki>flushCache</nowiki>
|<nowiki>fc</nowiki>
|<nowiki>[skin|local|account|config|cos|domain|server|zimlet} [name1|id]</nowiki>
 
Flush cached LDAP entries for a type. See [http://www.zimbra.com/docs/ne/latest/administration_guide/5_Zimbra_LDAP.05.7.html#1038723 Flushing LDAP Cache]
|-
|<nowiki>getAccountLogger</nowiki>
|<nowiki>gal</nowiki>
|<nowiki>[-s /--server hostname] {name@domain | id}</nowiki>
|-
! colspan="3" align="left" bgcolor="wheat" |Commands specific to Zimbra IMAP/POP proxy
|-
|<nowiki>getAllReverseProxyURLs</nowiki>
|<nowiki>garpu</nowiki>
|<nowiki>Used to publish into nginx.conf what servers should be used for reverse proxy lookup.</nowiki>
|-
|<nowiki>getAllMtaAuthURLs</nowiki>
|<nowiki>gamau</nowiki>
|<nowiki>Used to publish into saslauthd.conf what servers should be used for saslauthd.conf MTA auth</nowiki>
|-
|<nowiki>getAllMemcachedServers</nowiki>
|<nowiki>gamcs</nowiki>
|<nowiki>Used to list memcached servers (for nginix use).</nowiki>
|}
 
===Examples===
*Create one account with a password that is assigned to the default COS.
 
zmprov ca name@domain.com password
 
*Create one account with a password that is assigned to a specified COS. You must know the COS ID number. To find a COS ID, type zmprov gc <COSname>.
 
zmprov ca name@domain.com password zimbraCOSId cosIDnumberstring
 
*Create one account when the password is not authenticated internally.
 
zmprov ca name@domain.com ‘’
 
:'''''Note:''' The empty single quote is required and indicates that there is no local password.''
 
*Using a batch process to create accounts, see the Managing the Zimbra Collaboration Suite chapter in the Zimbra Administration Guide for the procedure.
 
*Add an alias to an account.
 
zmprov aaa accountname@domain.com aliasname@domain.com
 
*Create distribution list. The ID of the distribution list is returned.
 
zmprov cdl listname@domain.com
 
*Add a member to a distribution list.
 
:'''''Tip:''' You can add multiple members to a list from the administration console.''
 
zmprov adlm listname@domain.com member@domain.com
 
*Change the administrator’s password. Use this command to change any password. Enter the address of the password to be changed.
 
zmprov sp admin@domain.com password
 
*Create a domain that authenticates against zimbra OpenLDAP.
 
zmprov cd marketing.domain.com zimbraAuthMech zimbra
 
*Set the default domain.
 
zmprov mcf zimbraDefaultDomainName domain1.com
 
*To list all COSs and their attribute values.
 
zmprov gac -v
 
*To list all user accounts in a domain (domain.com)
 
zmprov gaa domain.com
 
*To list all user accounts and their configurations
 
zmprov gaa -v domain.com
 
*To enable logger on a single server
 
zmprov +zimbraServiceEnabled logger
 
Then type zmloggerctl start, to start the logger.
 
*To modify the purge interval, set zimbraMailPurgeSleepInterval to the duration of time that the server should “sleep” between every two mailboxes. Type:
 
zmprov ModifyServer <server-name> zimbraMailPurgeSleepInterval <Xm>
 
X is the duration of time between mailbox purges; m represents minutes. You could also set <xh> for hours.
 
*Modify zimbraNewMailNotification to customize the notification email template. A default email is sent from Postmaster notifying users that they have received mail in another mailbox. To change the template, you modify the receiving mailbox account. The variables are:
**${SENDER_ADDRESS}
**${RECIPIENT_ADDRESS}
**${RECIPIENT_DOMAIN}
**${NOTIFICATION_ADDRESSS}
**${SUBJECT}
**${NEWLINE}
 
You can specify which of the above variables appear in the Subject, From, or Body of the email. The following example is changing the appearance of the message in the body of the notification email that is received at name@domain.com. You can also change the template in a class of service, use zmprov mc. The command is written on one line.
 
zmprov ma name@domain.com zimbraNewMailNotificationBody ‘Important message from ${SENDER_ADDRESS}.${NEWLINE}Subject:${SUBJECT}’
 
=ZCS 5.0=
*[http://www.zimbra.com/docs/ne/5.0.19/administration_guide/A_app-command-line.18.2.html#1153803 ZCS Administrator's Guide Network Edition 5.0 > Appendix A Command-Line Utilities > zmprov (Provisioning)]
 
 
*[http://bugzilla.zimbra.com/show_bug.cgi?id=30948 Bug 30948] - Documents wiki templates on all domains can be upgraded at once using '''zmprov ut'''.  This updates the Notebook templates for all Notebook system accounts including domain Notebook accounts.  This is upgraded on a per server basis.  -h is used to specify the target host for zmprov ut.
 
=ZCS 4.5=
*[http://www.zimbra.com/docs/ne/4.5.10/administration_guide/A_app-command-line.14.2.html#1153803 ZCS Administrator's Guide Network Edition 4.5 > Appendix A Command-Line Utilities > zmprov (Provisioning)]
 
=Related Articles=
*[[Zmprov Examples]]
*[[Zimbra_Proxy_Guide]]
*[[Zmprov attribute value reference 6.0]]
 
 
{{Article Footer|ZCS 6.0.x|4/5/2006}}
 
[[Category:Command Line Interface]]
[[Category:ZCS 6.0]]
[[Category:ZCS 5.0]]

Latest revision as of 10:56, 19 October 2015

Zmprov

   KB 1395        Last updated on 2015-10-19  




0.00
(0 votes)

For the most recent information on this CLI, including syntax and description, see ZCS Administrator's Guide Network Edition > Appendix A Command-Line Utilities.

Important: When using international symbols as attribute values for create* and modify* commands make sure LC_ALL environment variable is set to the value corresponding the character set you enter new values in.

ZCS 6.0.x

  • Bug 23920 - a new CLI command, zmprov desc, prints all attribute names.
  • Bug 32321 - zmprov usage for gaa now requires -l in the command so that account information is retrieved via LDAP.
Important: When upgrading - If you created a script using zmprov gaa to retrieve all accounts, you will need to modify the script to include -l in the command.
  • Bug 33973 - A new option was added to the zmprov CLI to force the command to use the value of ldap_master_url when retrieving information (zmprov -l -m)

zmprov (Provisioning)

The zmprov tool performs all provisioning tasks in Zimbra LDAP, including creating accounts, aliases, domains, COS, distribution lists, and calendar resources. Each operation is invoked through command-line options, each of which has a long name and a short name.

The syntax for modify can include the prefix “+” or “-” so that you can make changes to the attributes affected and do not need to reenter attributes that are not changing.

  • Use + to add a new instance of the specified attribute name without changing any existing attributes.
  • Use - to remove a particular instance of an attribute.

Syntax

zmprov [cmd] [argument]

The following objects use this syntax:

  • ModifyAccount
  • ModifyDomain
  • ModifyCos
  • ModifyServer
  • ModifyConfig
  • ModifyDistributionList
  • ModifyCalendarResource

The following example would add the attribute zimbraZimletUserProperties with the value “blue” to user 1 and would not change the value of any other instances of that attribute.

zmprov ma user1 +zimbraZimletUserProperties "com_company_testing:favoriteColor:blue"

Description

The commands in the following table are divided into the tasks types - General, Account, Calendar Resources, Config, COS, Distribution List, Documents, Domain, Server, and Miscellaneous.

Long Name Short Name Description
General Options
--help -h display usage
--file -f use file as input stream
--server -s {host}[:{port}] server hostname and optional port
--ldap -l provision via LDAP instead of SOAP
--log property file -L log 4j property file, valid only with -l
--account {name} -a account name to auth as
--password {pass} -p password for account
--passfile {file} -P read password from file
--zadmin -z use Zimbra admin name/password from localconfig for admin/password
--authtoken (authtoken) -y use auth token string (has to be in JSON format) from command line
--authtoken (authtoken file) -Y use auth token string (has to be in JSON format) from command line
--verbose -v verbose mode (dumps full exception stack trace)
--debug -d/ debug mode (dumps SOAP messages)
--master -m use LDAP master. This only valid with -l
Account Provisioning Commands
addAccountAlias aaa {name@domain|id|adminName} {alias@domain}

zmprov aaa joe@domain.com joe.smith@engr.domain.com

checkPasswordStrength cps Syntax: {name@domain|id} {password}

Note: This command does not check the password age or history.

zmprov cps joe@domain.com test123

createAccount ca Syntax:{name@domain} {password} [attribute1 value1 etc]

Type on one line.

zmprov ca joe@domain.com test123 displayName JSmith

createDataSource cds {name@domain} {ds-type} {ds-name} [attr1 value1 [attr2 value2...]]
createIdentity cid {name@domain} {identity-name} [attr1 value1 [attr2 value2...]]
createSignature csig {name@domain} {signature-name} [attr1 value1 [attr2 value2...]]
deleteAccount da Syntax:{name@domain|id|adminName}

zmprov da joe@domain.com

deleteDataSource dds {name@domain|id} {ds-name|ds-id}
deleteIdentity did {name@domain|id} {identity-name}
deleteIdentity did {name@domain|id} {identity-name}
deleteSignature dsig {name@domain|id} {signature-name}
getAccount ga Syntax:{name@domain|id|adminName}

zmprov ga joe@domain.com

getAccountMembership gam {name@domain|id}
getAllAccounts gaa Syntax: [-v] [{domain}]

zmprov -l gaa

zmprov -l gaa -v domain.com

getAllAdminAccounts gaaa Syntax: gaaa

zmprov gaaa

getDataSources gds {name@domain | id} [arg 1 [arg 2...]]
getIdentities gid {name@domain | id} [arg 1 [arg 2...]]
getSignatures gsig {name@domain | id} [arg 1 [arg 2...]]
modifyAccount ma {name@domain|id|adminName} [attribute1 value1 etc]

zmprov ma joe@domain.com zimbraAccountStatus maintenance

modifyDataSource mds {name@domain | id} {ds-name |ds-id} [attr 1 value 1 [attr2 value 2...]]
modifyIdentity mid {name@domain |id} {identity-name} [attr 1 value 1 [attr 2 value 2...]]
modifySignature msig {name@domain |id} {signature-name | signature-id} [attr 1 value 1 [attr 2 value 2...]]
removeAccountAlias raa {name@domain|id|adminName} {alias@domain}

zmprov raa joe@domain.com joe.smith@engr.domain.com

renameAccount ra {name@domain|id} {newname@domain}

zmprov ra joe@domain.com joe23@domain.com

Note: After you rename an account, you should run a full backup for that account.

zmbackup -f - <servername.com> -a <newaccountname@servername.com>

setAccountCOS sac {name@domain|id|adminName} {cos-name|cos-id}

zmprov sac joe@domain.com FieldTechnician

setPassword sp {name@domain|id|adminName} {password}

Note: Passwords cannot included accented characters in the string. Example of accented characters that cannot be used: ã, é, í, ú, ü, ñ.

zmprov sp joe@domain.com test321

Calendar Resource Provisioning Commands
createCalendarResource ccr {name@domain} [attr1 value1 [attr2 value2...]]
deleteCalendarResource dcr {name@domain|id}
getAllCalendarResources gacr [-v] [{domain}]
getCalendarResource gcr {name@domain|id}
modifyCalendarResource mcr {name@domain|id} [attr1 value1 {attr2 value2...]]
renameCalendarResource rcr {name@domain|id} {newName@domain}
searchCalendarResources scr [-v] domain attr op value {attr op value...]
Free Busy Commands
getAllFbp gafbp [-v]
getFreebusyQueueInfo gfbqi [{provider-name}]
pushFreebusy pfb {domain | account-id} [account-id...]
Domain Provisioning Commands
countAccount cta {domain|id}

This lists each COS, the COS ID and the number of accounts assigned to each COS

createAliasDomain cad {alias-domain-name} {local-domain-name|id} [attr1 value1 [attr2 value2...]]
createDomain cd {domain} [attribute1 value1 etc]

zmprov cd mktng.domain.com zimbraAuthMech zimbra

deleteDomain dd {domain|id}

zmprov dd mktng.domain.com

getDomain gd {domain|id}

zmprov gd mktng.domain.com

getDomainInfo gdi name|id|virtualHostname {value} [attr1 [attr2...]]
getAllDomains gad [-v]
modifyDomain md {domain|id} [attribute1 value1 etc]

zmprov md domain.com zimbraGalMaxResults 500

Note:Do not modify zimbraDomainRenameInfo manually. This is automatically updated when a domain is renamed.

renameDomain rd {domain|id} {newDomain}

Note: renameDomain can only be used with “zmprov -l/--ldap”.

COS Provisioning Commands
copyCos cpc {src-cos-name|id} {dest-cos-name}
createCos cc {name} [attribute1 value1 etc]

zmprov cc Executive zimbraAttachmentsBlocked FALSE zimbraAuthTokenLifetime 60m zimbraMailQuota 100M zimbraMailMessageLifetime 0

deleteCos dc {name|id}

zmprov dc Executive

getCos gc {name|id}

zmprov gc Executive

getAllCos gac [-v]

zmprov gac -v

modifyCos mc {name|id} [attribute1 value1 etc]

zmprov mc Executive zimbraAttachmentsBlocked TRUE

renameCos rc {name|id} {newName}

zmprov rc Executive Business

Server Provisioning Commands
createServer cs {name} [attribute1 value1 etc]
deleteServer ds {name|id}

zmprov ds domain.com

getServer gs {name|id}

zmprov gs domain.com

getAllServers gas [-v]

zmprov gas

getAllReverseProxyBackends garpb
modifyServer ms {name|id} [attribute1 value1 etc]

zmprov ms domain.com zimbraVirusDefinitionsUpdateFrequency 2h

getAllReverseProxyURLs garpu Used to publish into nginx.conf what servers should be used for reverse proxy lookup.
getAllMtaAuthURLs gamau Used to publish into saslauthd.conf what servers should be used for saslauthd.conf MTA auth
getAllMemcachedServers gamcs Used to list memcached servers (for nginix use).
Config Provisioning Commands
getAllConfig gacf [-v]

All LDAP settings are displayed

getConfig gcf {name}
modifyConfig mcf attr1 value1

Modifies the LDAP settings.

Distribution List Provisioning Commands
createDistributionList cdl {list@domain}

zmprov cdl needlepoint-list@domain.com

addDistributionListMember adlm {list@domain|id} {member@domain}

zmprov adlm needlepoint-list@domain.com singer23@mail.free.net

removeDistributionListMember rdlm {list@domain|id}

zmprov rdlm needlepoint-list@domain.com singer23@mail.free.net

getAlldistributionLists gadl [-v]
get DistributionListmembership gdlm {name@domain|id}
getDistributionList gdl {list@domain|id}

zmprov gdl list@domain.com

modifyDistributionList mdl {list@domain|id} attr1 value1 {attr2 value2...}

zmprov mdl list@domain.com

deleteDistributionList ddl {list@domain|id}
addDistributionListAlias adla {list@domain|id} {alias@domain}
removeDistributionListAlias rdla {list@domain|id} {alias@domain}
renameDistributionList rdl {list@domain|id} {newName@domain}
Zimbra Documents Provisioning Commands
importNotebook impn {name@domain} {directory} {folder}

Before importing files, any file that will become a Documents page (wiki-style page), must be renamed to include the extension “.wiki”. If not it is imported as a file, accessed either as an attachment or an image.

impn joe@domain.com /opt/zimbra/wiki/template template

initNotebook in [{name@domain}]

in joe@domain.com

initDomainNotebook idn {domain} [{name@domain}]

Creates the domain Documents account

idn domain.com domainwiki@domain.com

UpdateTemplates ut [-h host] {template-directory}
Mailbox Commands
getMailboxInfo--- gmi {account}
getQuotaUsage--- gqu {server}
reIndexMailbox rim {name@domain|id} {action} [{reindex-by} {value1} [value2...]]
RecalculateMailboxCounts rmc {name@domain|id}

When unread message count and quota usage are out of sync with the data in the mailbox, use this command to immediately recalculate the mailbox quota usage and unread messages count.

Important:Recalculating mailbox quota usage and message count should be schedule to run in off peak hours and used on one mailbox at a time.

selectMailbox sm {account-name} [{zmmailbox commands}]
Logs
addAccount Logger aal {name@domain|id} {logging-category} {debug|info|warn|error}

Creates custom logging for a single account

getAccountLoggers gal [-s/--server hostname] {name@domain|id} {logging-category} {debug|info|warn|error}
getAllAccountLoggers gaal [-s/--server hostname]

Shows all individual custom logger account

removeAccountLogger ral [-s/ --server hostname] {name@domain|id} {logging-category}

When name@domain is specified, removes the custom logger created for the account otherwise removes all accounts all account loggers from the system.

See the zmprov Log Categories for a list of logging categories.
Search
searchGAL sg {domain} {name}

zmprov sg joe

autoCompleteGal acg {domain} {name}
searchAccounts sa [-v] {ldap-query} [limit] [offset] [sortBy {attribute} [sortAscending 0|1] [domain {domain}]
Share Provisioning Commands
For a GUI view of results, see Distribution List Shares tab on the administration console
getPublishedDistributionListShareInfo gpdlsi {dl-name|dl-id} [{owner-name|owner-id}]
getShareInfo gsi {owner-name|owner-id}
publishDistribtionListShareInfo pdlsi {+|-} {dl-name@domain|id} {owner-name|owner-id} [{folder-path|folder-id}]
Miscellaneous Provisioning Commands
describe desc [[-v] [-ni] [{entry-type}]] | [-a {attribute-name}]

Prints all attribute names (account, domain, COS, servers, etc.).

generateDomainPreAuthKey gdpak {domain|id}

Generates a pre-authentication key to enable a trusted third party to authenticate to allow for single-sign on. Used in conjunction with GenerateDomainPreAuth.

generateDomainPreAuth gdpa {domain|id} {name} {name|id|foreignPrincipal} {timestamp|0} {expires|0}

Generates preAuth values for comparison.

syncGal syg {domain} [{token}]
flushCache fc [skin|local|account|config|cos|domain|server|zimlet} [name1|id]

Flush cached LDAP entries for a type. See Flushing LDAP Cache

getAccountLogger gal [-s /--server hostname] {name@domain | id}
Commands specific to Zimbra IMAP/POP proxy
getAllReverseProxyURLs garpu Used to publish into nginx.conf what servers should be used for reverse proxy lookup.
getAllMtaAuthURLs gamau Used to publish into saslauthd.conf what servers should be used for saslauthd.conf MTA auth
getAllMemcachedServers gamcs Used to list memcached servers (for nginix use).

Examples

  • Create one account with a password that is assigned to the default COS.
zmprov ca name@domain.com password
  • Create one account with a password that is assigned to a specified COS. You must know the COS ID number. To find a COS ID, type zmprov gc <COSname>.
zmprov ca name@domain.com password zimbraCOSId cosIDnumberstring
  • Create one account when the password is not authenticated internally.
zmprov ca name@domain.com ‘’
Note: The empty single quote is required and indicates that there is no local password.
  • Using a batch process to create accounts, see the Managing the Zimbra Collaboration Suite chapter in the Zimbra Administration Guide for the procedure.
  • Add an alias to an account.
zmprov aaa accountname@domain.com aliasname@domain.com
  • Create distribution list. The ID of the distribution list is returned.
zmprov cdl listname@domain.com
  • Add a member to a distribution list.
Tip: You can add multiple members to a list from the administration console.
zmprov adlm listname@domain.com member@domain.com
  • Change the administrator’s password. Use this command to change any password. Enter the address of the password to be changed.
zmprov sp admin@domain.com password
  • Create a domain that authenticates against zimbra OpenLDAP.
zmprov cd marketing.domain.com zimbraAuthMech zimbra
  • Set the default domain.
zmprov mcf zimbraDefaultDomainName domain1.com
  • To list all COSs and their attribute values.
zmprov gac -v
  • To list all user accounts in a domain (domain.com)
zmprov gaa domain.com
  • To list all user accounts and their configurations
zmprov gaa -v domain.com
  • To enable logger on a single server
zmprov +zimbraServiceEnabled logger

Then type zmloggerctl start, to start the logger.

  • To modify the purge interval, set zimbraMailPurgeSleepInterval to the duration of time that the server should “sleep” between every two mailboxes. Type:
zmprov ModifyServer <server-name> zimbraMailPurgeSleepInterval <Xm>

X is the duration of time between mailbox purges; m represents minutes. You could also set <xh> for hours.

  • Modify zimbraNewMailNotification to customize the notification email template. A default email is sent from Postmaster notifying users that they have received mail in another mailbox. To change the template, you modify the receiving mailbox account. The variables are:
    • ${SENDER_ADDRESS}
    • ${RECIPIENT_ADDRESS}
    • ${RECIPIENT_DOMAIN}
    • ${NOTIFICATION_ADDRESSS}
    • ${SUBJECT}
    • ${NEWLINE}

You can specify which of the above variables appear in the Subject, From, or Body of the email. The following example is changing the appearance of the message in the body of the notification email that is received at name@domain.com. You can also change the template in a class of service, use zmprov mc. The command is written on one line.

zmprov ma name@domain.com zimbraNewMailNotificationBody ‘Important message from ${SENDER_ADDRESS}.${NEWLINE}Subject:${SUBJECT}’

ZCS 5.0


  • Bug 30948 - Documents wiki templates on all domains can be upgraded at once using zmprov ut. This updates the Notebook templates for all Notebook system accounts including domain Notebook accounts. This is upgraded on a per server basis. -h is used to specify the target host for zmprov ut.

ZCS 4.5

Related Articles


Verified Against: ZCS 6.0.x Date Created: 4/5/2006
Article ID: https://wiki.zimbra.com/index.php?title=Zmprov Date Modified: 2015-10-19



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search