zmprov with encrypted password

Looking to migrate to ZCS? Ask here. Got a great tip or script that helped you migrate? Post it here.
Post Reply
bonoboslr
Advanced member
Advanced member
Posts: 117
Joined: Fri Sep 12, 2014 11:19 pm

zmprov with encrypted password

Post by bonoboslr »

i am migrating users from another mail platform, but unfortunately I only have the encrypted MD5 passwords in LDAP. How can I provision these accounts with zmprov? I do not want to ldapmodify the zimbra ldap server.
Thanks
ple
Advanced member
Advanced member
Posts: 115
Joined: Sat Sep 13, 2014 12:00 am
Location: United States
Contact:

zmprov with encrypted password

Post by ple »

I run into the same roadblock as yours. Did you finally migrate all users without using ldapmodify utility?

Thanks.

PL
bonoboslr
Advanced member
Advanced member
Posts: 117
Joined: Fri Sep 12, 2014 11:19 pm

zmprov with encrypted password

Post by bonoboslr »

Yes, you need to give zmprov the encrypted password. As long as the prefix ({MD5}) is present, then it understands to insert the password in the encrypted format.
ple
Advanced member
Advanced member
Posts: 115
Joined: Sat Sep 13, 2014 12:00 am
Location: United States
Contact:

zmprov with encrypted password

Post by ple »

Say if I use zmprov to create an account John Doe using zmprov
"createAccount jdoe@domain.com {SSHA}8G1S3pulE0JnCz7Q0j02hlHxfNxxOHpMShBmdQ== displayName 'John Doe' givenName John sn Doe"

In other words, should I include the {SSHA} part or not? Thanks.

PL
linuradu
Posts: 4
Joined: Mon Apr 24, 2017 6:18 pm

Re: zmprov with encrypted password

Post by linuradu »

Does anyone have a solution for this issue?
My existing passwords are MD5; I want to migrate from dovecot to Zimbra.

I've tried with the following options
zmprov sp test@test.org '{SSHA}25d55ad283aa400af464c76d713c07ad'
zmprov sp test@test.org '{MD5}25d55ad283aa400af464c76d713c07ad'
zmprov sp test@test.org '{crypt}25d55ad283aa400af464c76d713c07ad'

AND

zmprov sp test@test.org {SSHA}25d55ad283aa400af464c76d713c07ad
zmprov sp test@test.org {MD5}25d55ad283aa400af464c76d713c07ad
zmprov sp test@test.org {crypt}25d55ad283aa400af464c76d713c07ad

Also with

zmprov ma test@test.org ....

but doesn't work:

The password that should I use to login after editing with that commands is: "{crypt}25d55ad283aa400af464c76d713c07ad" or another one with prefixes.

Does anyone have an answer for this issue?
Was changed Zimbra API and should we use another command to insert encrypted password?
mqaroush
Posts: 42
Joined: Sun Aug 03, 2014 4:31 am

Re: zmprov with encrypted password

Post by mqaroush »

Hello
are you fix that or not??
User avatar
DualBoot
Elite member
Elite member
Posts: 1326
Joined: Mon Apr 18, 2016 8:18 pm
Location: France - Earth
ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
Contact:

Re: zmprov with encrypted password

Post by DualBoot »

you can set the password with zmprov like that :
zmprov -l ma account_name@domain.tld userPassword "{SSHA512}blabalabalebdjehzhezhobalabalabbalab"

Regards,
saman_s1
Posts: 4
Joined: Sat Sep 13, 2014 2:17 am

Re: zmprov with encrypted password

Post by saman_s1 »

Hi all,
I have almost same issue, and after 6 years it seems that this command not working properly for some reason, I search all forums, google, etc., but nobody knows why it's not working,
but with try and test over and over, I found somehow it works for me BUT just one time, let me explain more,
I user ubuntu 18.04 with zimbra 8.6 and try to migrate my user with their hashed password {SSHA512}
I found if I use this two syntax it will work for users just one time login, it means when I use the commands, my user can login one time and after that they can't login again and have the error that user name or password is wrong (the general error I mean), also at first login if they try to change password, while they input old password they faced that the old password is wrong !!!
When I do the commands again on shell they can login just one more time, and again the same error, it is really weird for me !!
another issue that I face was I can't use the 2nd command repetitively and in that way its not working at all, so I try over and over and found if I use 1st command then use 2nd one it will work just one time and if I use twice the 2nd command it not working at all, each time for changing password to its original (hash password) I have to use both 1st and 2nd command to work only one time login !

here is the command that I use:
1st: zmprov ma user@domain userPassword "xxxxxx" the xxxxxx is clear text password like 123456
2nd: zmprov -l ma user@domain userPassword {SSHA512}xxRthmDaYFzAkP97efJA1QUMtPNQYLwifJF20oJoPNmxeYh5vDJgv3BCQtWFBThOEI1dOh7H+jS2+MovqcrQhkbAlA=

right now I'm going to migrate from iredmail to zimbra and I can't change my users password also I can't use this command, so any help will make me happy, thanks.
User avatar
DualBoot
Elite member
Elite member
Posts: 1326
Joined: Mon Apr 18, 2016 8:18 pm
Location: France - Earth
ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
Contact:

Re: zmprov with encrypted password

Post by DualBoot »

When you use zmprov -l you directly change the ldap value of your attribute.
Zimbra works a lot of with cache so maybe there is a problem here. Another trail is replication between Zimbra LDAP.

After changing your password, flush all the cache to check this hypothesis.
saman_s1
Posts: 4
Joined: Sat Sep 13, 2014 2:17 am

Re: zmprov with encrypted password

Post by saman_s1 »

DualBoot wrote:When you use zmprov -l you directly change the ldap value of your attribute.
Zimbra works a lot of with cache so maybe there is a problem here. Another trail is replication between Zimbra LDAP.

After changing your password, flush all the cache to check this hypothesis.
Thanks, I do FlushCache and also reboot server, but the issue still exist. :/
Post Reply