Shell Script / Perl para sincronizar base de usuários do AD com o Zimbra [Shell Script]

Shell Script / Perl para sincronizar base de usuários do AD com o Zimbra

Publicado por Daniel Santos 28/03/2009

[ Hits: 10.790 ]

Homepage: mypenguim.wordpress.com

Download ReplicaAD.tar.gz

1 0

Denuncie Favoritos Indicar

Este script faz a sincronia dos usuários do Active Directory (AD) com a base de dados de usuários do Zimbra.

Basta configurar os arquivos .pl e .sh para atender as credenciais e variáveis de seu ambiente.

Esconder código-fonte

#!/bin/bash
#
# (c) Copyright by Daniel Santos (danlsgiga@yahoo.com.br)
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#    ( http://www.fsf.org/licenses/gpl.txt )
#####################################################################
# Replication of AD accounts to Zimbra-Postfix v2.0

cd /opt/zimbra/ReplicaAD

diffUsersFile=diffUsers
diffGroupsFile=diffGroups
ADUsersFile=ADUsersFile
ADGroupsFile=ADGroupsFile
ADGroupsFile_old=ADGroupsFile_old
ADUsersFile_old=ADUsersFile_old
LogReplicaAD=LogReplica.log
UsersDefaultPasswd="coloqueumasenhacomplicadaaqui"

# Update user data
./ReplicaUsersAD.pl 2> /dev/null
diff $ADUsersFile_old $ADUsersFile > $diffUsersFile
cp -f $ADUsersFile $ADUsersFile_old

# Update distribution groups data
./ReplicaGroupsAD.pl 2> /dev/null
diff $ADGroupsFile_old $ADGroupsFile > $diffGroupsFile
cp -f $ADGroupsFile $ADGroupsFile_old


# Create, Modify and Remove Accounts Functions
_createAccount()
{
   date +%d"."%m"."%Y" - "%H":"%M":"%S >> $LogReplicaAD
   echo "-------------------------- Replica AD - Criando conta $2 -------------------------" >> $LogReplicaAD
   if [[ -z $3 ]]; then
      zmprov ca "$2" "$UsersDefaultPasswd" displayName "$1" 2>&1>> $LogReplicaAD
   else
      quotaBytes=$(($3*1024*1024))
      zmprov ca "$2" "$UsersDefaultPasswd" displayName "$1" zimbraMailQuota "$quotaBytes" 2>&1>> $LogReplicaAD
   fi;
   aliasExemplo=`echo $2 | awk -F'@' '{ print $1 }'`"@exemplo.com.br"
   zmprov aaa "$2" "$aliasExemplo" 2>&1>> $LogReplicaAD
   echo "$1" >> $LogReplicaAD
   echo "$2" >> $LogReplicaAD
   echo "$aliasExemplo" >> $LogReplicaAD
   echo "$3""MB" >> $LogReplicaAD
   echo "---------------------------- Replica AD - Conta $2 criada -------------------------" >> $LogReplicaAD
return
}

_modifyAccount()
{
   date +%d"."%m"."%Y" - "%H":"%M":"%S >> $LogReplicaAD
   echo "-------------------------- Replica AD - Modificando conta $2 ----------------------" >> $LogReplicaAD
   if [ "$1" != "$4" ]; then
      zmprov ma "$2" displayName "$4" 2>&1>> $LogReplicaAD
   fi;
   
   if [ "$3" != "$6" ]; then
        quotaBytes=$(($6*1024*1024))
         zmprov ma "$2" zimbraMailQuota "$quotaBytes" 2>&1>> $LogReplicaAD
   fi;

   if [ "$2" != "$5" ]; then
      aliasExemplo=`echo $2 | awk -F'@' '{ print $1 }'`"@exemplo.com.br"
      aliasExemploNovo=`echo $5 | awk -F'@' '{ print $1 }'`"@exemplo.com.br"
      zmprov ra "$2" "$5" 2>&1>> $LogReplicaAD
     zmprov raa "$5" "$aliasExemplo" 2>&1>> $LogReplicaAD
     zmprov aaa "$5" "$aliasExemploNovo" 2>&1>> $LogReplicaAD
   fi;
   
   echo "$1" >> $LogReplicaAD
   echo "$2" >> $LogReplicaAD
   echo "$aliasExemplo" >> $LogReplicaAD
   echo "$3""MB" >> $LogReplicaAD
   echo "$4" >> $LogReplicaAD
   echo "$5" >> $LogReplicaAD
   echo "$aliasExemploNovo" >> $LogReplicaAD
   echo "$6""MB" >> $LogReplicaAD
   echo "---------------------------- Replica AD - Conta $2 modificada ---------------------" >> $LogReplicaAD
   return
}

_removeAccount()
{
   date +%d"."%m"."%Y" - "%H":"%M":"%S >> $LogReplicaAD
   echo "-------------------------- Replica AD - Removendo conta $1 -------------------------" >> $LogReplicaAD
   zmprov da "$1" 2>&1>> $LogReplicaAD
   echo "$1" >> $LogReplicaAD
   echo "---------------------------- Replica AD - Conta $1 removida ------------------------" >> $LogReplicaAD
   return
}

_removeDistributionList()
{
   date +%d"."%m"."%Y" - "%H":"%M":"%S >> $LogReplicaAD
   echo "-------------------------- Replica AD - Removendo Distribution List $1 -------------------------" >> $LogReplicaAD
   aliasExemplo=`echo $1 | awk -F'@' '{ print $1 }'`"@exemplo.com.br"
   zmprov ddl "$1" 2>&1>> $LogReplicaAD
   zmprov ddl "$aliasExemplo" 2>&1>> $LogReplicaAD
   echo "$1" >> $LogReplicaAD
   echo "$aliasExemplo" >> $LogReplicaAD
   echo "---------------------------- Replica AD - Distribution List $1 removida ------------------------" >> $LogReplicaAD
   return
}

_removeDistributionListMember()
{
   date +%d"."%m"."%Y" - "%H":"%M":"%S >> $LogReplicaAD
   echo "-------------------------- Replica AD - Removendo Membro da Distribution List $1 -------------------------" >> $LogReplicaAD
   aliasExemplo=`echo $1 | awk -F'@' '{ print $1 }'`"@exemplo.com.br"
   zmprov rdlm "$1" "$2" 2>&1>> $LogReplicaAD
   zmprov rdlm "$aliasExemplo" "$2" 2>&1>> $LogReplicaAD
   echo "$1" >> $LogReplicaAD
   echo "$aliasExemplo" >> $LogReplicaAD
   echo "$2" >> $LogReplicaAD
   echo "---------------------------- Replica AD - Membro da Distribution List $1 removido ------------------------" >> $LogReplicaAD
   return
}

_addDistributionList()
{
   date +%d"."%m"."%Y" - "%H":"%M":"%S >> $LogReplicaAD
   echo "-------------------------- Replica AD - Criando a Distribution List $1 -------------------------" >> $LogReplicaAD
   aliasExemplo=`echo $1 | awk -F'@' '{ print $1 }'`"@exemplo.com.br"
   zmprov cdl "$1" 2>&1>> $LogReplicaAD
   zmprov cdl "$aliasExemplo" 2>&1>> $LogReplicaAD
   echo "$1" >> $LogReplicaAD
   echo "$aliasExemplo" >> $LogReplicaAD
   echo "---------------------------- Replica AD - Distribution List $1 criada ------------------------" >> $LogReplicaAD
   return
}

_addDistributionListMember()
{
   date +%d"."%m"."%Y" - "%H":"%M":"%S >> $LogReplicaAD
   echo "-------------------------- Replica AD - Adicionando Membro na Distribution List $1 -------------------------" >> $LogReplicaAD
   aliasExemplo=`echo $1 | awk -F'@' '{ print $1 }'`"@exemplo.com.br"
   zmprov adlm "$1" "$2" 2>&1>> $LogReplicaAD
   zmprov adlm "$aliasExemplo" "$2" 2>&1>> $LogReplicaAD
   echo "$1" >> $LogReplicaAD
   echo "$aliasExemplo" >> $LogReplicaAD
   echo "$2" >> $LogReplicaAD
   echo "---------------------------- Replica AD - Membro adicionado na Distribution List $1 ------------------------" >> $LogReplicaAD
   return
}

################################  Users AD Replication (BEGIN) ####################################
if [ -e $diffUsersFile ]; then
   while read LINHA; do
     if [ "${LINHA:0:1}" = "<" ]; then
       nomeUsuario=`echo $LINHA | sed 's/< //g' | awk -F',' '{ print $1 }'`
             emailUsuario=`echo $LINHA | sed 's/< //g' | awk -F',' '{ print $2 }'`
             quotaUsuario=`echo $LINHA | sed 's/< //g' | awk -F',' '{ print $3 }'`
       if [ `egrep "$nomeUsuario|$emailUsuario" $diffUsersFile | grep -c "^>"` = "1" ]; then
          nomeUsuarioAlterado=`egrep "$nomeUsuario|$emailUsuario" $diffUsersFile | grep "^>" | sed 's/> //g' | awk -F',' '{ print $1 }'`
                   emailUsuarioAlterado=`egrep "$nomeUsuario|$emailUsuario" $diffUsersFile | grep "^>" | sed 's/> //g' | awk -F',' '{ print $2 }'`
                   quotaUsuarioAlterado=`egrep "$nomeUsuario|$emailUsuario" $diffUsersFile | grep "^>" | sed 's/> //g' | awk -F',' '{ print $3 }'`
          _modifyAccount "$nomeUsuario" "$emailUsuario" "$quotaUsuario" "$nomeUsuarioAlterado" "$emailUsuarioAlterado" "$quotaUsuarioAlterado"
       else
          _removeAccount "$emailUsuario"
       fi;
      elif [ "${LINHA:0:1}" = ">" ]; then
           nomeUsuario=`echo $LINHA | sed 's/> //g' | awk -F',' '{ print $1 }'`
           emailUsuario=`echo $LINHA | sed 's/> //g' | awk -F',' '{ print $2 }'`
           quotaUsuario=`echo $LINHA | sed 's/> //g' | awk -F',' '{ print $3 }'`
      if [ `egrep "$nomeUsuario|$emailUsuario" $diffUsersFile | grep -c "^<"` = "0" ]; then
                  _createAccount "$nomeUsuario" "$emailUsuario" "$quotaUsuario"
            fi;
      fi;
   done < $diffUsersFile
fi;

################################  Users AD Replication (END) ####################################

##########################  Distribution Groups AD Replication (BEGIN) ##########################
if [ -e $diffGroupsFile ]; then
   while read LINHA; do
     if [ "${LINHA:0:1}" = "<" ]; then
       emailGrupo=`echo $LINHA | sed 's/< //g' | awk -F'#' '{ print $1 }'`
             emailUsuariosAD=`echo $LINHA | sed 's/< //g' | awk -F'#' '{ print $2 }'`
       if [ `grep "$emailGrupo" $diffGroupsFile | grep -c "^>"` = "1" ]; then
                  emailUsuariosAlterado=`grep "$emailGrupo" $diffGroupsFile | grep "^>" | sed 's/> //g' | awk -F'#' '{ print $2 }'`
         emailsZimbra=`zmprov gdl $emailGrupo | grep zimbraMailForwardingAddress: | sed 's/zimbraMailForwardingAddress: //g'`
             arrayEmail=`echo $emailUsuariosAlterado | awk '{ split($0,a,","); for (i in a) print a[i] }'`
             for i in $emailsZimbra; do
            if [ "`echo $emailUsuariosAlterado | grep -c $i`" != "1" ]; then
               _removeDistributionListMember "$emailGrupo" "$i"
            fi;
             done
                   for i in $arrayEmail; do
            if [ "`echo $emailsZimbra | grep -c $i`" != "1" ]; then
               _addDistributionListMember "$emailGrupo" "$i"
            fi;
         done
       else
         _removeDistributionList "$emailGrupo"
       fi;
      elif [ "${LINHA:0:1}" = ">" ]; then
       emailGrupo=`echo $LINHA | sed 's/> //g' | awk -F'#' '{ print $1 }'`
       if [ `grep "$emailGrupo" $diffGroupsFile | grep -c "^<"` = "0" ]; then
                  emailUsuariosAD=`echo $LINHA | sed 's/> //g' | awk -F'#' '{ print $2 }'`
                  _addDistributionList "$emailGrupo"
                  arrayEmail=`echo $emailUsuariosAD | awk '{ split($0,a,","); for (i in a) print a[i] }'`
                for i in $arrayEmail; do
         _addDistributionListMember "$emailGrupo" "$i"
       done
       fi;
      fi;
   done < $diffGroupsFile
fi;

##########################  Distribution Groups AD Replication (END) ########################

Scripts recomendados

Jogo da velha em rede local

Um super limpador do sistema KDu

Script de backup interativo

Script de Autenticação simples do Speedy HOme

Envio de backps de bancos por ftp com notificação por email

Comentários

[1] Comentário enviado por eduardoellery em 12/04/2010 - 16:20h

Caros, já existe esse script para Windows 2008 R2? Ou é para funcionar com ele tbm?

0 0

[2] Comentário enviado por danlsgiga em 13/04/2010 - 13:11h

Eduardo, é pra funcionar normalmente. O script trabalha com LDAPv3 diretamente.

0 0

[3] Comentário enviado por daltonstrauss em 28/09/2010 - 13:05h

Boa tarde Daniel!

Fiz esse script para rodar com o zimbra aqui, porém apresentou alguns erros. O erro principal e que me bloqueia o acesso é a questão da senha.

Quando importo um usuário, na lista de usuários aparece ele sem problemas, mas quando tento digitar a senha, ou aparece um erro de senha errada ou sessão expirada.

A versão do zimbra que estou aqui é a última (6.0.8).

Obrigado!!

0 0