But is it possible to extract the existing accounts from Zimbra including authentication credentials, accounts and aliases, distribution lists, etc -- to run the same servers a la carte, without the Zimbra "suite" involved?
YES
First task that you needs was parsing zimbra LDAP data extracted with this command (taken from this page)
/opt/zimbra/openldap/bin/ldapsearch -LLL -x -D"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_userdn | \
awk '{print $3}'`" -w"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | \
awk '{print $3}'`" -H `/opt/zimbra/bin/zmlocalconfig ldap_url | \
awk '{print $3}'` $*
- All email address listed in
dn
- All password listed in
userPassword. You need to base64-decode it. Zimbra use LDAP to verify password, so the expected hash is same with RFC 2307 hashed passwords.
- All available aliases was listed in
zimbraMailAlias
- All distribution list was listed in all account with
objectClass: zimbraDistributionList. The member can be retrieved from zimbraMailForwardingAddress.
The last one (distribution list) can be substituted with command zmprov gadl and zmprov gdl listname@example.com. See zimbra wiki.
Another step is ensure that courier and postfix backend to understand the password hash from zimbra.
Another way is setup LDAP and export zimbra LDAP to new LDAP. Postfix must be configured so it match zimbra configuration.
[zimbra@mbox ~]$ postconf -n | grep ldap
sender_canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-scm.cf
transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf
virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf
virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf,hash:/home/mailman/maps/virtual_aliases
virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf
virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf
Courier also can be configured to use LDAP backend.
