Page 1 of 1

Urgent - Script to Reset Passwords - Please look

Posted: Wed Jul 06, 2016 11:54 am
by christianrj
Hi!

Can anyone check the script bellow and tell me if it will work and reset all user passwords in Zimbra 8.6?

Today our datacenter disabled our IP because one of our accounts was caught sending SPAM. I fear they will cancel our server if any other account is compromised. So I want to change all passwords for all users and then enforce new password rules.

Thank you!

Code: Select all

#!/bin/bash
clear
USERS=`su - zimbra -c 'zmprov -l gaa'`;

for ACCOUNT in $USERS; do
ACC1=`echo $ACCOUNT | awk -F@ '{print $1}'`;
ACC=`echo $ACC1 | cut -d '.' -f1`;

if [ $ACC == "admin" ] || [ $ACC == "wiki" ] || [ $ACC == "galsync" ] || [ $ACC == "ham" ] || [ $ACC == "spam" ]; then
echo "Skipping system account, $NAME...";
else
echo "Modifying $ACCOUNT password...";
USERNEWPASSWORD=$(cat /dev/urandom | tr -dc "a-zA-Z0-9!@#$%^&*()?" | fold -w 32 | head -n 1)
su - zimbra -c "zmprov sp $ACCOUNT $USERNEWPASSWORD";
echo "Done!"
echo ""
# read anykey
fi
done
echo "Modifying password for all user has been finished successfully"

Re: Urgent - Script to Reset Passwords - Please look

Posted: Thu Jul 07, 2016 1:55 pm
by fs.schmidt
Hi,

Everthing looks correct and it is a good script IMHO.

Re: Urgent - Script to Reset Passwords - Please look

Posted: Thu Jul 07, 2016 7:18 pm
by christianrj
Thanks!

It can also be used to mass change settings for mail users, like enable or disable POP/IMAP, and others.

Re: Urgent - Script to Reset Passwords - Please look

Posted: Fri Jul 08, 2016 8:54 am
by lippyrich
I would like to use your script if possible please, I have found my server has been compromised twice with different accounts in the last two days.
How does it interact with you/users regarding the passwords changing, does it give you a list of them or does it just make them change theirs to a minimum complexity.

Re: Urgent - Script to Reset Passwords - Please look

Posted: Fri Jul 08, 2016 5:11 pm
by christianrj
lippyrich wrote:I would like to use your script if possible please, I have found my server has been compromised twice with different accounts in the last two days.
How does it interact with you/users regarding the passwords changing, does it give you a list of them or does it just make them change theirs to a minimum complexity.
The script automatically changes all passwords with secure random passwords. You must after this, send temporary passwords to all users.

Because you never know if a user has a weak password, this is a emergency measure to make your Zimbra server more secure. After this, you must send temporary passwords to users so that they can change them.

Of course, someone can improve this script so that it generate a list of all generated passwords for their respective accounts to ease management and automatically set all accounts to change their passwords on the next login.

Also, change the password policies to be more strict to improve security. I also recommend to disable POP/IMAP for all accounts and enable only on a case by case.