Zmprov (Provisioning)
zmprov (Provisioning)
The zmprov tool performs all provisioning tasks in Zimbra LDAP, including creating accounts aliases, domains, and distribution lists. Each operation is invoked through command-line options, each of which has a long name and a short name.
The syntax for modify can include the prefix “ + ” or “-” so that you can make changes to the attributes affected and do not need to reenter attributes that are not changing. Use + to add a new instance of the specified attribute name without changing any existing attributes. Use - to remove a particular instance of an attribute. The syntax is zmprov [cmd] [argument].
The following objects use this syntax:
• |
ModifyAccount |
• |
ModifyDomain |
• |
ModifyCos |
• |
ModifyServer |
• |
ModifyConfig |
In this example, zmprov ma user1 +zimbraZimletUserProperties testing
would add the attribute zimbraZimletUserProperties with the value “testing” to user 1 and would not change the value of any other instances of that attribute.
The following commands can be used as subcommands to zmprov.
Long Name |
Short Name |
Syntax, Example, and Notes |
CreateAccount |
ca |
Syntax:{name@domain} {password} [attribute1 value1 etc] Type on one line. zmprov ca joe@domain.com test123 displayName JSmith |
DeleteAccount |
da |
Syntax:{name@domain|id|adminName} zmprov da joe@domain.com |
GetAccount |
ga |
Syntax:{name@domain|id|adminName} zmprov ga joe@domain.com |
GetAllAccounts |
gaa |
Syntax: [-v] [{domain}] zmprov gaa zmprov gaa -v domain.com |
GetAllAdminAccounts |
gaaa |
Syntax: gaaa zmprov gaaa |
ModifyAccount |
ma |
{name@domain|id|adminName} [attribute1 value1 etc] zmprov ma joe@domain.com zimbraAccountStatus maintenance |
SetPassword |
sp |
{name@domain|id|adminName} {password} zmprov sp joe@domain.com test321 |
AddAccountAlias |
aaa |
{name@domain|id|adminName} {alias@domain} zmprov aaa joe@domain.com joe.smith@engr.domain.com |
RemoveAccountAlias |
raa |
{name@domain|id|adminName} {alias@domain} zmprov raa joe@domain.com joe.smith@engr.domain.com |
SetAccountCOS |
sac |
{name@domain|id|adminName} {cos-name|cos-id} zmprov sac joe@domain.com FieldTechnician |
SearchAccounts |
sa |
[-v] {ldap-query} [limit] [offset] [sortBy {attribute} |
SearchGAL |
sg |
{domain} {name} zmprov sg joe |
RenameAccount |
ra |
{name@domain|id} {newname@domain} zmprov ra joe@domain.com joe23@domain.com Note: After you rename an account, you should run a full backup for that account. zmbackup -f - <servername.com> -a <newaccountname@servername.com> |
CreateDomain |
cd |
{domain} [attribute1 value1 etc] zmprov cd mktng.domain.com zimbraAuthMech zimbra |
DeleteDomain |
dd |
{domain|id} zmprov dd mktng.domain.com |
GetDomain |
gd |
{domain|id} zmprov gd mktng.domain.com |
GetAllDomains |
gad |
[-v] |
ModifyDomain |
md |
{domain|id} [attribute1 value1 etc] zmprov md domain.com zimbraGalMaxResults 50 |
GenerateDomainPreAuthKey |
gdpak |
{domain|id} Generates a pre-authentication key to enable a trusted third party to authenticate to allow for single-sign on. Used in conjunction with GenerateDomainPreAuth. |
GenerateDomainPreAuth |
gdpa |
{domain|id} {name} {name|id|foreighPrincipal} {timestamp|0} {expires|0} Generates preAuth values for comparison. |
CreateCos |
cc |
{name} [attribute1 value1 etc] zmprov cc Executive zimbraAttachmentsBlocked FALSE zimbraAuthTokenLifetime 60m zimbraMailQuota 100M zimbraMailMessageLifetime 0 |
DeleteCos |
dc |
{name|id} zmprov dc Executive |
GetCos |
gc |
{name|id} zmprov gc Executive |
GetAllCos |
gac |
[-v] zmprov gac -v |
ModifyCos |
mc |
{name|id} [attribute1 value1 etc] zmprov mc Executive zimbraAttachmentsBlocked TRUE |
RenameCos |
rc |
{name|id} {newName} zmprov rc Executive Business |
CreateServer |
cs |
{name} [attribute1 value1 etc] |
DeleteServer |
ds |
{name|id} zmprov ds domain.com |
GetServer |
gs |
{name|id} zmprov gs domain.com |
GetAllServers |
gas |
[-v] zmprov gas |
ModifyServer |
ms |
{name|id} [attribute1 value1 etc] zmprov ms domain.com zimbraVirusDefinitionsUpdateFrequency 2h |
GetAllConfig |
gacf |
[-v] All LDAP settings are displayed |
GetConfig |
gcf |
{name} |
ModifyConfig |
mcf |
attr1 value1 Modifies the LDAP settings. |
CreateDistributionList |
cdl |
{list@domain} zmprov cdl needlepoint-list@domain.com |
AddDistributionListMember |
adlm |
{list@domain|id} {member@domain} zmprov adlm needlepoint-list@domain.com singer23@mail.free.net |
RemoveDistributionListMem ber |
rdlm |
{list@domain|id} zmprov rdlm needlepoint-list@domain.com singer23@mail.free.net |
GetAlldistributionLists |
gadl |
[-v] |
GetDistributionList |
gdl |
{list@domain|id} zmprov gdl list@domain.com |
ModifyDistributionList |
md |
{list@domain|id} attr1 value1 {attr2 value2...} zmprov md list@domain.com |
DeleteDistributionList |
ddl |
(list@domain|id} |
AddDistributionListAlias |
adla |
{list@domain|id} {alias@domain} |
RemoveDistributionListAlias |
rdla |
{list@domain|id} {alias@domain} |
RenameDistributionList |
rdl |
{list@domain|id} {newName@domain} |
Examples
• |
Create one account with a password that is assigned to the default COS. |
zmprov ca name@domain.com password
• |
Create one account with a password that is assigned to a specified COS. You must know the COS ID number. To find a COS ID, type gc <COSname>. |
zmprov ca name@domain.com password zimbraCOS cosIDnumberstring
• |
Create one account when the password is not authenticated internally. |
zmprov ca name@domain.com ‘’
The empty single quote is required and indicates that there is no local password.
• |
Using a batch process to create accounts, see Managing the Zimbra Collaboration Suite chapter for the procedure. |
• |
Add an alias to an account. |
zmprov aaa accountname@domain.com aliasname@domain.com
• |
Create distribution list. The ID of the distribution list is returned. |
zmprov cdl listname@domain.com
• |
Add a member to a distribution list. Tip: You can add multiple members to a list from the administration console. |
zmprov adlm listname@domain.com member@domain.com
• |
Change the administrator’s password. Use this command to change any password. Enter the address of the password to be changed. |
zmprov sp admin@domain.com password
• |
Create a domain that authenticates against Zimbra OpenLDAP. |
zmprov cd marketing.domain.com zimbraAuthMech zimbra
• |
Set the default domain. |
zmprov mcf zimbraDefaultDomain domain1.com
• |
To list all COSs and their attribute values. |
zmprov gac -v
• |
To list all user accounts in a domain (domain.com) |
zmprov gaa domain.com
• |
To list all user accounts and their configurations |
zmprov gaa -v domain.com
• |
To enable logger on a single server |
zmprov +zimbraServiceEnabled logger
Then type zmloggerctl start , to start the logger.