Move or migrate user accounts from old Linux server to a new Linux server
Q. How do I Move or migrate user accounts to from old Linux server a new Cent OS Linux server including mails? This new system a fresh installation.
A. You can migrate users from old Linux server to new Linux sever with standard commands such as tar, awk, scp and others. This is also useful if you are using old Linux distribution such as Redhat 9 or Debian 2.x.
Following files/dirs are required for traditional Linux user management:
* /etc/passwd - contains various pieces of information for each user account
* /etc/shadow - contains the encrypted password information for user's accounts and optional the password aging information.
* /etc/group - defines the groups to which users belong
* /etc/gshadow - group shadow file (contains the encrypted password for group)
* /var/spool/mail - Generally user emails are stored here.
* /home - All Users data is stored here.
You need to backup all of the above files and directories from old server to new Linux server.
Commands to type on old Linux system
First create a tar ball of old uses (old Linux system). Create a directory:
# mkdir /root/move/
Setup UID filter limit:
# export UGIDLIMIT=500
Now copy /etc/passwd accounts to /root/move/passwd.mig using awk to filter out system account (i.e. only copy user accounts)
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig
Copy /etc/group file:
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/group > /root/move/group.mig
Copy /etc/shadow file:
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534) {print $1}' /etc/passwd | tee - |egrep -f - /etc/shadow > /root/move/shadow.mig
Copy /etc/gshadow (rarely used):
# cp /etc/gshadow /root/move/gshadow.mig
Make a backup of /home and /var/spool/mail dirs:
# tar -zcvpf /root/move/home.tar.gz /home
# tar -zcvpf /root/move/mail.tar.gz /var/spool/mail
Where,
- Users that are added to the Linux system always start with UID and GID values of as specified by Linux distribution or set by admin. Limits according to different Linux distro:
- RHEL/CentOS/Fedora Core : Default is 500 and upper limit is 65534 (/etc/libuser.conf).
- Debian and Ubuntu Linux : Default is 1000 and upper limit is 29999 (/etc/adduser.conf).
- You should never ever create any new system user accounts on the newly installed Cent OS Linux. So above awk command filter out UID according to Linux distro.
- export UGIDLIMIT=500 - setup UID start limit for normal user account. Set this value as per your Linux distro.
- awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig - You need to pass UGIDLIMIT variable to awk using -v option (it assigns value of shell variable UGIDLIMIT to awk program variable LIMIT). Option -F: sets the field separator to : . Finally awk read each line from /etc/passwd, filter out system accounts and generates new file /root/move/passwd.mig. Same logic is applies to rest of awk command.
- tar -zcvpf /root/move/home.tar.gz /home - Make a backup of users /home dir
- tar -zcvpf /root/move/mail.tar.gz /var/spool/mail - Make a backup of users mail dir
Use scp or usb pen or tape to copy /root/move to a new Linux system.
# scp -r /root/move/* user@new.linuxserver.com:/path/to/location
Commands to type on new Linux system
First, make a backup of current users and passwords:
# mkdir /root/newsusers.bak
# cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak
Now restore passwd and other files in /etc/
# cd /path/to/location
# cat passwd.mig >> /etc/passwd
# cat group.mig >> /etc/group
# cat shadow.mig >> /etc/shadow
# /bin/cp gshadow.mig /etc/gshadow
Please note that you must use >> (append) and not > (create) shell redirection.
Now copy and extract home.tar.gz to new server /home
# cd /
# tar -zxvf /path/to/location/home.tar.gz
Now copy and extract mail.tar.gz (Mails) to new server /var/spool/mail
# cd /
# tar -zxvf /path/to/location/mail.tar.gz
Now reboot system; when the Linux comes back, your user accounts will work as they did before on old system:
# reboot
Please note that if you are new to Linux perform above commands in a sandbox environment. Above technique can be used to UNIX to UNIX OR UNIX to Linux account migration. You need to make couple of changes but overall the concept remains the same.
Further readings
- Read man pages of awk, passwd(5), shadow(5), group(5), tar command
Updated for accuracy.
Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
Related Linux / UNIX FAQ:
- Linux Move a print job from one queue to another
- Adding a user to a Samba (SMB) share
- How do I move spam mail to spam folder?
- Linux Move swap space from one location to another location
- How to add a ssh user in FreeBSD server
Discussion on This FAQ
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Please do not use the comment form to ask for help / question. Ask your question on the excellent Linux tech support forum. Thank you very much for stopping by our site!
Tags: awk_command, encrypted_password, etc_passwd, linux_distribution, linux_server, linux_system, old_server, scp_command, tar_ball, user_accounts, user_account_migration ~ Last updated on: August 16, 2007
December 21st, 2006 at 4:00 am
Hi
I followed your instuction on CentOS 4.4. When I reboot I lost my root user and gdm din’t start.
I could login from all user but not root.
Can you help to give me some advices please?
Pordee
December 21st, 2006 at 7:59 am
You made mistake somewhere. But don’t worry you can login into single user mode (rescue mode) and reset root account password.
http://www.cyberciti.biz/faq/linux-reset-forgotten-root-password/
January 2nd, 2007 at 10:25 pm
Great! The following line is probably a typo as I’m assuming you mean to back this up with a copy, otherwise you nuke the password files (probably what happened to nixcraft)
# mv /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak
# cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak
January 3rd, 2007 at 1:50 am
ssdon,
Typo has been fixed.
Appreciate your feedback.
January 3rd, 2007 at 2:17 am
There is an error in the article. In the step where you back up the passwd, group, shadow, and gshadow files from the new system to the newuser.bak directory, use the cp command, not mv.
In other words, the article should read:
“Commands to type on new Linux system
First, make a backup of current users and passwords:
# mkdir /root/newsusers.bak
# cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak”
January 15th, 2007 at 5:50 pm
Your instructions worked perfectly when migrating accounts from Redhat 4ES to another Redhat 4ES. I added a couple of steps to move all the aliases and aliase folders to the new server. Thanks
January 21st, 2007 at 8:09 pm
Thanks,
I am looking for a payrise after rescuing a dying server. It has worked for me perfectly.
January 31st, 2007 at 3:34 am
It may sound complicated, however, I am much more happy to do this with Linux than with Mickey$oft O/S’s, in fact, I am much more happy to do ANYTHING with Linux over Windoze!
January 31st, 2007 at 11:01 am
From old to new: data migration…
Finally! Somebody managed to write down the very same tasks that I have been doing when I was still managing servers for my department. Whilst it is easier to back-up a partition, the how-to provides enough information one needs when……
January 31st, 2007 at 12:38 pm
If you had used LDAP for user accounts, then you wouldn’t have needed to migrate user accounts ….
Also, you could skip the whole tar aspect by just using rsync, e.g. rsync -e ssh -avtP /home/ newserver:/home
January 31st, 2007 at 2:55 pm
Thanks for the howto. This is really close to what I have been looking for. In my particular situation LDAP and NIS do not fit as well as your howto does. Also thanks for the comments of everyone, as they are helpful.
February 5th, 2007 at 1:14 pm
you might wanne consider runing sshfs on your new server, then u can login to the old (if sshd is running) and simply copy the requierd data true fx. mc, and get all the file rights w you…
its fast is simpel, and you only need to have secure shell intstalled on the old box`s to make it work… (and most boxses have…
just a littet advice for the data moving part.
February 9th, 2007 at 7:45 am
I have a problem, for starters, it look lie I was kind of doing the right thing myself but this blog really helps, thanks. Anyway everything works fine untill I get to the bit where I am extraction all the users data from the home.tar.gz. (kind of important bit) and it fails with text flying up the screen saying “Cannot change ownership to uid 511, gid 511″ and “Cannot mkdir: Permission denied” and ” Cannot open: Permission denied”
obviously I do not have permissions :o(
I am loged in as root and the home directory of the new server has these permissions:
drwxrwxrwx 12 root root 0 Feb 8 19:28 home
I’m not sure how it is possible to obtaim more permissions than that. I have tried with other privilages on the home directory and it still does it.
PLease can someone help me
Many thanks
Phil
February 14th, 2007 at 6:06 pm
Don’t forget about migrating cron jobs.
/var/spool/cron
Anything else we haven’t thought of?
April 17th, 2007 at 9:45 am
Hi!
I tried your howto, and everything went along great until i rebooted and tried to log on with the users i just copied over. root works fine. The passwords are not accepted, and i cannot change them with passwd. “passwd: Authentication token manipulation error”. Im using fedora core 6.
Please help
Aleks
April 17th, 2007 at 9:58 am
Nevermind, figured it out
Were missing a statement in the shadow file copy thingamabob
April 24th, 2007 at 1:23 pm
hi i am new user in linux i am getting every answer from ur site.you are providing great solution on every problem its being great to refer your site thanks for every thing
July 19th, 2007 at 7:07 am
Hi,
I have a small query my new system already has couple of user accounts now I want to transfer the user accounts from the old system I have checked both the systems there is no conflicts in UID,GID so shall I go ahead with it.
Subhanjan
July 19th, 2007 at 12:38 pm
Hi,
The things worked beautifully for me.
Thanks to the author.One more thing cant I script the steps that are done by the command awk?
Subhanjan
August 23rd, 2007 at 6:13 pm
I was able to migrate the home folders and accounts from RedHad Linx to Fedora but it seems that I cannot log in with the migrated accounts although I am able to see them under USERS. Am I missing anything? Please help.
August 27th, 2007 at 8:02 am
I am very much thankful that I got migration solution of user. How to transfer printer settings of each user from one m/c to another? we have localy connected the printers to thin clients.
September 19th, 2007 at 6:30 pm
Thank you so much. This is beautiful. I’m trying to upgrade to a new physical box, different distro, switch to ldap, and from Samba 2 to Samba 3. All this without messing up the working server. I’ve messed up the new box several times, and your migration page is very helpful in avoiding mistakes during this stage. BTW, I used rsync instead of tar for the home directories.
October 10th, 2007 at 10:40 am
now i am using centos 3 in a dell server now in that server i am running sendmail squid and iptables ftp now i want to migrate the server in to new dell server running in centos 5
please any one help me on this issue
October 30th, 2007 at 8:51 am
hi
everyone i have question im a newbie admin can anyone give me advise or help me if how can i backup my old linux email server III to new one or migrate to cent mail..tnx what are the important files to back up for linux suse email server III?
November 27th, 2007 at 10:12 am
hii,
i followed the procedure above, after all steps. USers password is not getting accepted, what could have went wrong ?
Eliena Andrews
December 24th, 2007 at 10:28 pm
I cut and pasted the commands into an SSH terminal & checked the passwd.mig and shodow.mig to find they were empty!
I double checked the lines and they were correct (values ect.)
Plus I end up with a file called “-” which I’m guessing comes from the “/etc/shadow” line “tee -” (typo maybe?)
Id really like to get this working as it would be quite helpful with my project. My Level is slightly above newbie Admin.
Kev
February 6th, 2008 at 1:51 am
First of all i just wanna say thank you guys! This is my first time to get into the linux world! ….
I follow the instruction regarding how to’s .. then after rebooting my new centos5 box error message appears:
“The user database cannot be read. The problem is most likely caused by a mismatch between /etc/passwd and /etc/shadow or /etc/group and /etc/shadow. The program will exit now.”
I follow the instructions twice and i got same message error. I dont know how to fix this one. Please help me…
Thanks.
February 19th, 2008 at 8:34 pm
this how to works great
But now Im stuck i need to migrate from Redhat to Debian the UGIDLIMIT are different on this distros? any advice ?
thanks