Navigation

New from ETES: Zimbra/LDAP Sync Script

By on August 27, 2020 in Community, Open Source, Partners

Hello Zimbra Friends, Customers & Partners,

We are happy to bring you a guest post from our Silver BSP Partner, ETES GmbH. Headquartered in Stuttgart, Germany, ETES is an IT service company focused on Linux and Open Source products like Zimbra. As a BSP Partner, they deliver Software-as-a-Service (SaaS) email & collaboration to their customers … with over 80,000+ mailboxes.

ETES’s LDAP sync script for Zimbra

Zimbra manages users and group information in an LDAP server, which is automatically configured during installation. The maintenance of users and groups is typically done via the administration console of Zimbra. Zimbra does not connect directly to an existing LDAP or ActiveDirectory server, but the two servers can be synchronized with each other.

ETES developed an LDAP Sync Script that performs the synchronization automatically between the external LDAP/AD directory and the local Zimbra LDAP/AD directory. Via configurable LDAP attributes, all users and groups are written to Zimbra’s own LDAP. The leading and unique attribute is always the primary email address.

The following information is transferred for users:

  • LDAP user for external authentication (zimbraAuthLdapExternalDn)
  • Primary email address
  • Alias addresses
  • Display name
  • User Status (Locked/Active)
  • Uniform distribution of users across multiple mailbox servers (MBS in multi-server setups), unless it is a Zimbra archive server
  • Data for the global address list of Zimbra (GAL)

For groups or distribution groups, the following information is required:

  • Email address of the distribution group
  • Alias addresses
  • Members of the distribution group (including nested groups)

Both users and distribution groups can be excluded from synchronization. This allows certain users or groups to be managed in addition to those synchronized via the Zimbra administration console.

With the sync script, a number of functionalities are available:

  • Scripting interface based on shell scripts for various events during synchronization (hooks)
  • Precise logging for traceability
  • Miscellaneous Operating modes (full synchronization/ partial synchronization)
  • Support of email statistics
  • Free configuration of LDAP search queries from directory services
  • Support for dynamic mapping of attributes and templating of basic settings
  • Support name changes of users (e.g. marriage)
  • Recovery tool for failed user synchronizations
  • Annex of group aliases
  • It is also possible to change an email address using additional, configurable attributes

The LDAP sync script is available under the AGPL License. You can get your LDAP sync script subscription in the ETES shop.

Thanks,

Your Zimbra Team

P.S. Are you a Zimbra Partner and want to do a guest post? Let us know!

, , , ,

Comments are closed.

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures