Geekly Articles each Day
📜 ⬆️ ⬇️

Creating and updating mailing lists in Zimbra Collaboration OSE based on Active Directory groups and users

1. A couple of words from the author


Article updated. Scripts changed. Added script to update one mailing list.

In the comments to the previous article I was asked an interesting question about the automatic generation of mailing lists based on AD security groups. There is a problem - there is a solution. So let's go.

2. Baseline


Server OS : CentOS 7
')
About the OS
In fact, the difference between CentOS7 and any other system will be solely in the commands to the server to install packages, and possibly the location of some files. The work is carried out mainly with Zimbra cmdlets, so the configuration differences will be minimal.

Zimbra Domain : zimbramail.home.local
Path mount balls on Zimbra host : / mnt / ZM /

3. Customization


  1. We mount the Windows ball to our Linux server. This is to simplify and automate the transfer of data from Windows PowerShell to Linux Bash. The mounting procedure was described in the previous article. I will not repeat.
  2. We create a separate OU in AD, in which we create groups, on the basis of which mailing lists will be created in Zimbra. Group name = distribution list name.
  3. Add to groups created in the new OU, users or security groups, on the basis of which Zimbra mailing lists will be filled. The script runs recursively, which means that it will collect all the data about users in groups that are added to groups in the target OU. Learn more about the output of the Get-ADGroupMember command .
  4. Create a data collection script from Active Directory.
  5. We create a script for adding mailing lists and their filling by users on the basis of the data obtained in the previous script.
  6. Enjoying.


3.1. About OU


I created the ZimbraDL OU at the root of the domain and prohibited it from inheriting group policies so that these groups remain separate. They will not participate in the life of the domain in any way, besides forming Distribution Lists in Zimbra Collaboration OSE.

4. PowerShell Script to Collect Data from AD


PowerShell Script
$Path = "C:\ZM\ZimbraDL" $enc = [system.text.encoding] function ReCode ( $f, $t, $line ) { $cp1 = $enc::getencoding( $f ) $cp2 = $enc::getencoding( $t ) $inputbytes = $enc::convert( $cp1, $cp2, $cp2.getbytes( $line )) $outputstring = $cp2.getstring( $inputbytes ) $outputstring | add-content $OutputFile } #  if(test-path $Path) { Remove-Item $Path -Recurse -Force } #   if(!(test-path $Path)) { New-Item -ItemType Directory -Force -Path $Path } if(!(Test-Path $Path\Groups)) { New-Item -ItemType Directory -Force -Path $Path\Groups } if(!(Test-Path $Path\Users)) { New-Item -ItemType Directory -Force -Path $Path\Users } if(!(Test-Path $Path\UsersTemp)) { New-Item -ItemType Directory -Force -Path $Path\UsersTemp } #   Import-Module ActiveDirectory Get-AdGroup -filter * -SearchBase "OU=ZimbraDL,DC=home,DC=local" | select samaccountname | Out-File $Path\Groups\GetGroupsAD.txt #   (Get-Content "$Path\Groups\GetGroupsAD.txt") -notmatch "samaccountname" | where {$_ -ne ""} | where {$_ -ne "--"} | Where-Object {$_ -notmatch '-'} | out-file "$Path\Groups\GetGroupsAD.txt" $File = @(Get-Content $Path\Groups\GetGroupsAD.txt) foreach ($File1 in $File) { $string=$File1.TrimStart('"') $string=$string.TrimEnd('"') $string=$string.TrimStart(' ') $string=$string.TrimEnd(' ') | Out-File $Path\Groups\GroupsListTemp.txt -Append } Remove-Item $Path\Groups\GetGroupsAD.txt -Force $InputFile = gc $Path\Groups\GroupsListTemp.txt $OutputFile = "$Path\Groups\GroupsList.txt" foreach ($line in $InputFile) { ReCode -f "windows-1251" -t "utf-8" $line } Remove-Item $Path\Groups\GroupsListTemp.txt -Force #        $GroupName = @(Get-Content $Path\Groups\GroupsList.txt) Foreach ($Group in $GroupName) { Get-ADGroupMember $Group -recursive | ft SamAccountName | out-file "$Path\UsersTemp\$Group.txt" -Append (get-content "$Path\UsersTemp\$Group.txt") -notmatch "Name" | where {$_ -ne ""} | where {$_ -ne "--"} | Where-Object {$_ -notmatch '-'} | out-file "$Path\UsersTemp\$Group.txt" $File=@(Get-Content $Path\UsersTemp\$Group.txt) foreach ($File1 in $File) { $string=$File1.TrimStart('"') $string=$string.TrimEnd('"') $string=$string.TrimStart(' ') $string=$String.TrimEnd(' ') | Out-File "$Path\UsersTemp\$Group" -Append } $InputFile = gc $Path\UsersTemp\$Group $OutputFile = "$Path\Users\$Group" foreach ($line in $InputFile) { ReCode -f "windows-1251" -t "utf-8" $line } } Remove-Item "$Path\UsersTemp\" -Recurse -Force Remove-Item "$Path\Groups" -Recurse -Force


4.1. How the script works


  1. First there is a check for the existence and deletion of the working directory, if it exists. It is necessary that in the process of work the data are not doubled.
  2. PoSh looks into the specified OU, reads user groups in it and writes them to the file GetGroupsAD.txt
  3. It discards everything unnecessary from the received file (PoSh writes all its output to the file, so in the initial output of the command, the first line is Name, the second line is the separator "----", and only after that the groups are listed one per line), changes the encoding from “windows-1251” to utf-8, which results in another GroupsList.txt file
  4. Further, on the basis of the file received, information about the users of the groups contained in the file is read. Files containing usernames (samAccountName)
    placed in the \ Users directory and named after the group names


4.2. Script for reading information from a single group


The script with the ability to read data from only one security group is not much different from the previous one, basically because it contains a block with a suggestion to the user to enter the name of the group, on the basis of which it will be necessary to update the distribution list.

PowerShell script to run with the hands with the ability to read data from only one group
 $Path = "C:\ZM\ZimbraDL" $enc = [system.text.encoding] function ReCode ( $f, $t, $line ) { $cp1 = $enc::getencoding( $f ) $cp2 = $enc::getencoding( $t ) $inputbytes = $enc::convert( $cp1, $cp2, $cp2.getbytes( $line )) $outputstring = $cp2.getstring( $inputbytes ) $outputstring | add-content $OutputFile } #  if(test-path $Path) { Remove-Item $Path -Recurse -Force } #   if(!(test-path $Path)) { New-Item -ItemType Directory -Force -Path $Path } if(!(Test-Path $Path\Groups)) { New-Item -ItemType Directory -Force -Path $Path\Groups } if(!(Test-Path $Path\Users)) { New-Item -ItemType Directory -Force -Path $Path\Users } if(!(Test-Path $Path\UsersTemp)) { New-Item -ItemType Directory -Force -Path $Path\UsersTemp } #   Import-Module ActiveDirectory $Groupname = Read-Host '  ,   ,  ALL     ' If ($Groupname -eq "ALL") { Get-AdGroup -filter * -SearchBase "OU=ZimbraDL,DC=home,DC=local" | select samaccountname | Out-File $path\Groups\GetGroupsAD.txt } Else { $Groupname > "$Path\Groups\GetGroupsAD.txt" } #   (Get-Content "$Path\Groups\GetGroupsAD.txt") -notmatch "samaccountname" | where {$_ -ne ""} | where {$_ -ne "--"} | Where-Object {$_ -notmatch '-'} | out-file "$Path\Groups\GetGroupsAD.txt" $File = @(Get-Content $Path\Groups\GetGroupsAD.txt) foreach ($File1 in $File) { $string=$File1.TrimStart('"') $string=$string.TrimEnd('"') $string=$string.TrimStart(' ') $string=$string.TrimEnd(' ') | Out-File $Path\Groups\GroupsListTemp.txt -Append } Remove-Item $Path\Groups\GetGroupsAD.txt -Force $InputFile = gc $Path\Groups\GroupsListTemp.txt $OutputFile = "$Path\Groups\GroupsList.txt" foreach ($line in $InputFile) { ReCode -f "windows-1251" -t "utf-8" $line } Remove-Item $Path\Groups\GroupsListTemp.txt -Force #        $GroupName = @(Get-Content $Path\Groups\GroupsList.txt) Foreach ($Group in $GroupName) { Get-ADGroupMember $Group -recursive | ft SamAccountName | out-file "$Path\UsersTemp\$Group.txt" -Append (get-content "$Path\UsersTemp\$Group.txt") -notmatch "Name" | where {$_ -ne ""} | where {$_ -ne "--"} | Where-Object {$_ -notmatch '-'} | out-file "$Path\UsersTemp\$Group.txt" $File=@(Get-Content $Path\UsersTemp\$Group.txt) foreach ($File1 in $File) { $string=$File1.TrimStart('"') $string=$string.TrimEnd('"') $string=$string.TrimStart(' ') $string=$String.TrimEnd(' ') | Out-File "$Path\UsersTemp\$Group" -Append } $InputFile = gc $Path\UsersTemp\$Group $OutputFile = "$Path\Users\$Group" foreach ($line in $InputFile) { ReCode -f "windows-1251" -t "utf-8" $line } } Remove-Item "$Path\UsersTemp\" -Recurse -Force Remove-Item "$Path\Groups" -Recurse -Force



5. Script on Bash to create mailing lists


I will make a reservation about copying script files created under Windows
In the last article, we described the method of formatting files using the cat command, which, running with a certain key, removes all unnecessary unreadable characters. Link to the article at the end of the article.

Bash script
 #!/bin/bash #  #    Path="/mnt/ZM/ZimbraDL" #  Zimbra Domain="zimbramail.home.local" #   zmprov zmprov="/opt/zimbra/bin/zmprov" #  - log="/mnt/ZM/DLlog.txt" #       DLnames="/mnt/ZM/DLnames" #       UserNames="/mnt/ZM/Usernames" #   echo "  ..." ls $Path/Users > $DLnames if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6) [OK]" echo echo -en "ls directory for Groups correct $(date +%T)\n" >> $log else echo -n "$(tput hpa $(tput cols))$(tput cub 6) [FAIL]" echo echo -en "ls directory for Groups INcorrect $(date +%T)\n" >> $log fi #   echo "   " for DLname in $( cat $DLnames); do #    echo "    $DLname..." Result=$($zmprov gdl $DLname@$Domain) if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6)[OK]" echo echo -en "DL $DLname exist $(date +%T)\n" >> $log #   echo -en "Start deleting DL for group $DLname $(date +%T)\n" >> $log echo "   $DLname..." $zmprov ddl $DLname@$Domain if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6) [OK]" echo echo -en "DL for group $DLname is deleted in $(date +%T)\n" >> $log else echo -n "$(tput hpa $(tput cols))$(tput cub 6) [FAIL]" echo echo -en "DL for group $DLname is NOT deleted in $(date +%T)\n" >> $log fi else echo -n "$(tput hpa $(tput cols))$(tput cub 6)[FAIL]" echo echo -en "DL $DLname not exist! $(date +%T)\n" >> $log fi done for DLname in $( cat $DLnames); do #   echo -en "Start create DL for group $DLname $(date +%T)\n" >> $log echo "     AD $DLname..." $zmprov cdl $DLname@$Domain if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6) [OK]" echo echo -en "DL for group $DLname is created in $(date +%T)\n" >> $log else echo -n "$(tput hpa $(tput cols))$(tput cub 6) [FAIL]" echo echo -en "DL for group $DLname is NOT created in $(date +%T)\n" >> $log fi #   echo "  " for UserName in $( cat $Path/Users/$DLname); do echo "     $UserName..." Result=$($zmprov gmi $UserName@$Domain) if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6) [OK]" echo echo -en "MilBox for user $UserName exist $(date +%T)\n" >> $log echo "  $UserName    $DLname@$Domain..." $zmprov adlm $DLname@$Domain $UserName@$Domain if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6) [OK]" echo echo -en "User $UserName added in $DLname@$Domain correctly in $(date +%T)\n" >> $log else echo -n "$(tput hpa $(tput cols))$(tput cub 6) [FAIL]" echo echo -en "DL for group $DLname is NOT created in $(date +%T)\n" >> $log fi else echo -n "$(tput hpa $(tput cols))$(tput cub 6) [FAIL]" echo echo -en "MilBox for user $UserName is NOT exist $(date +%T)\n" >> $log fi done done #   echo "  " echo "    ..." echo -n > $DLnames if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6)[OK]" echo echo -en "File $DLnames was successfull cleared in $(date +%T)\n" >> $log else echo -n "$(tput hpa $(tput cols))$(tput cub 6) [FAIL]" echo echo -en "File $DLnames was NOT cleared in $(date +%T)\n" >> $log fi # ,      echo "   $Path    ..." rm -rf $Path if [ $? -eq 0 ]; then echo -n "$(tput hpa $(tput cols))$(tput cub 6)[OK]" echo echo -en "Directory $Path was seccessfull deleted in $(date +%T)\n" >> $log else echo -n "$(tput hpa $(tput cols))$(tput cub 6) [FAIL]" echo echo -en "Directory $Path was NOT deleted in $(date +%T)\n" >> $log fi #  -      echo -en "Job complete in $(date +%T)\n" >> $log echo -en "____________________________________\n" >> $log


5.1. How the script works


  1. Write to the file a list of groups
  2. Check the existence of the mailing list in Zimbra, if it exists, delete it
  3. Alternately create mailing lists based on the list of groups, filling each of them with users (the mailing list ID is displayed, this is the standard output of the zmprov cmdlet when creating a DL). This verifies the existence of user mailboxes in Zimbra, and if the mailbox does not exist, the user will not be added to the mailing list. You can, of course, create a new mailbox for the user and add it to the mailing list, but I assume that Zimbra autoprov works in Eager mode, and if the user has not been created automatically, then he has nothing to do in the system
  4. Clear temporary files
  5. Delete working directory

6. Conclusion


In general, the task is not difficult, the problem was only in the transfer of data from PowerShell to Bash. For a long time I tried to find a tool for recoding text files with PoSh output into a form that is digestible for Bash. The result of a multi-day search was the function:
Recoding function
 $InputFile = gc File1.txt $OutputFile = "File2.txt" $enc = [system.text.encoding] function ReCode ( $f, $t, $line ) { $cp1 = $enc::getencoding( $f ) $cp2 = $enc::getencoding( $t ) $inputbytes = $enc::convert( $cp1, $cp2, $cp2.getbytes( $line )) $outputstring = $cp2.getstring( $inputbytes ) $outputstring | add-content $OutputFile } foreach ($line in $InputFile) { ReCode -f "windows-1251" -t "utf-8" $line }


Maybe someone will be useful.

7. PS:


This is the third article in the series “how I implemented Zimbra”. The first is about implementation, LDAP authorization and automatic creation of mailboxes for AD users, right here . The second, about setting up a backup and restore Zimbra entirely and separate boxes - here .

Source: https://habr.com/ru/post/443166/

More articles:


All Articles