Sync from external ldap attribute to zimbra attribute after auto-provisioning

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
daniele.antolini
Posts: 36
Joined: Fri Jul 08, 2016 7:41 am

Sync from external ldap attribute to zimbra attribute after auto-provisioning

Post by daniele.antolini »

Hello,

I've tried to search in the forum and I've tried other questions about my problem but with no answer:

viewtopic.php?t=58244
viewtopic.php?t=6355
viewtopic.php?t=13592
and many more.

So I think there is no way to sync account after auto-provisioned (either lazy or eager mode)
I was thinking the only way is by script. So, for example, I've an external ldap (Active Directory or openLDAP, is the same) where I automatically mapped some attributes to zimbra ldap. I can create a script that does a ldapsearch on the external ldap, looking only for the mapped attribute, and then with "zmprov ma account@domain.tld attrmapped1 value1" I can modify that attribute on the zimbra ldap directory.

The same I can do when I delete an account from external ldap. I do a ldapsearch, I make a difference from external ldap users and zimbra ldap users and when I find a zimbra ldap user that does not exist anymore on external ldap, I can do a "zmprov da account@domain.tld".

Do you think my solution is valid?

Best regards
daniele.antolini
Posts: 36
Joined: Fri Jul 08, 2016 7:41 am

Re: Sync from external ldap attribute to zimbra attribute after auto-provisioning

Post by daniele.antolini »

Hello,

I've written a bash script to do this job. It is attached on this post.

Please, test it and if you have any comment write me.

On commented lines, at the end of the script, there is a function which deletes Zimbra User if it does not exist on AD/LDAP. Uncomment it to test.

Thanks
Attachments
sync_ad2zimbra.tgz
(1.51 KiB) Downloaded 504 times
Post Reply