How do I Move or migrate user accounts to from old Linux server a new Cent OS Linux server including mails? This new system a fresh installation.

You can migrate users from old Linux server to new Linux sever with standard commands such as tar, awk, scp and others. This is also useful if you are using old Linux distribution such as Redhat 9 or Debian 2.x.

Following files/dirs are required for traditional Linux user management:
* /etc/passwd – contains various pieces of information for each user account

* /etc/shadow – contains the encrypted password information for user’s accounts and optional the password aging information.

* /etc/group – defines the groups to which users belong

* /etc/gshadow – group shadow file (contains the encrypted password for group)

* /var/spool/mail – Generally user emails are stored here.

* /home – All Users data is stored here.

WARNING: The information below needs a good understanding of Linux concepts. The author is not responsible for any damages.

You need to backup all of the above files and directories from old server to new Linux server.

Commands to type on old Linux system

First create a tar ball of old uses (old Linux system). Create a directory:
# mkdir /root/move/
Setup UID filter limit:
# export UGIDLIMIT=500
Now copy /etc/passwd accounts to /root/move/passwd.mig using awk to filter out system account (i.e. only copy user accounts)
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig
Copy /etc/group file:
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/group > /root/move/group.mig
Copy /etc/shadow file:
# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534) {print $1}' /etc/passwd | tee - |egrep -f - /etc/shadow > /root/move/shadow.mig
Copy /etc/gshadow (rarely used):
# cp /etc/gshadow /root/move/gshadow.mig
Make a backup of /home and /var/spool/mail dirs:
# tar -zcvpf /root/move/home.tar.gz /home
# tar -zcvpf /root/move/mail.tar.gz /var/spool/mail


  • Users that are added to the Linux system always start with UID and GID values of as specified by Linux distribution or set by admin. Limits according to different Linux distro:
    • RHEL/CentOS/Fedora Core : Default is 500 and upper limit is 65534 (/etc/libuser.conf).
    • Debian and Ubuntu Linux : Default is 1000 and upper limit is 29999 (/etc/adduser.conf).
  • You should never ever create any new system user accounts on the newly installed Cent OS Linux. So above awk command filter out UID according to Linux distro.
  • export UGIDLIMIT=500 – setup UID start limit for normal user account. Set this value as per your Linux distro.
  • awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/passwd > /root/move/passwd.mig – You need to pass UGIDLIMIT variable to awk using -v option (it assigns value of shell variable UGIDLIMIT to awk program variable LIMIT). Option -F: sets the field separator to : . Finally awk read each line from /etc/passwd, filter out system accounts and generates new file /root/move/passwd.mig. Same logic is applies to rest of awk command.
  • tar -zcvpf /root/move/home.tar.gz /home – Make a backup of users /home dir
  • tar -zcvpf /root/move/mail.tar.gz /var/spool/mail – Make a backup of users mail dir

Use scp or usb pen or tape to copy /root/move to a new Linux system.
# scp -r /root/move/*

Commands to type on new Linux system

First, make a backup of current users and passwords:
# mkdir /root/newsusers.bak
# cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak

Now restore passwd and other files in /etc/
# cd /path/to/location
# cat passwd.mig >> /etc/passwd
# cat group.mig >> /etc/group
# cat shadow.mig >> /etc/shadow
# /bin/cp gshadow.mig /etc/gshadow

Please note that you must use >> (append) and not > (create) shell redirection.

Now copy and extract home.tar.gz to new server /home
# cd /
# tar -zxvf /path/to/location/home.tar.gz

Now copy and extract mail.tar.gz (Mails) to new server /var/spool/mail
# cd /
# tar -zxvf /path/to/location/mail.tar.gz

Now reboot system; when the Linux comes back, your user accounts will work as they did before on old system:
# reboot

Please note that if you are new to Linux perform above commands in a sandbox environment. Above technique can be used to UNIX to UNIX OR UNIX to Linux account migration. You need to make couple of changes but overall the concept remains the same.

Further readings

  • Read man pages of awk, passwd(5), shadow(5), group(5), tar command

Updated for accuracy.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 106 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
106 comments… add one
  • podee Dec 21, 2006 @ 4:00


    I followed your instuction on CentOS 4.4. When I reboot I lost my root user and gdm din’t start.
    I could login from all user but not root.
    Can you help to give me some advices please?


  • 🐧 nixCraft Dec 21, 2006 @ 7:59

    You made mistake somewhere. But don’t worry you can login into single user mode (rescue mode) and reset root account password.

  • ssdon Jan 2, 2007 @ 22:25

    Great! The following line is probably a typo as I’m assuming you mean to back this up with a copy, otherwise you nuke the password files (probably what happened to nixcraft)

    # mv /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak

    # cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak

  • 🐧 nixCraft Jan 3, 2007 @ 1:50


    Typo has been fixed.

    Appreciate your feedback.

  • Tom Jan 3, 2007 @ 2:17

    There is an error in the article. In the step where you back up the passwd, group, shadow, and gshadow files from the new system to the newuser.bak directory, use the cp command, not mv.

    In other words, the article should read:

    “Commands to type on new Linux system

    First, make a backup of current users and passwords:
    # mkdir /root/newsusers.bak
    # cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak”

  • Bud Jan 15, 2007 @ 17:50

    Your instructions worked perfectly when migrating accounts from Redhat 4ES to another Redhat 4ES. I added a couple of steps to move all the aliases and aliase folders to the new server. Thanks

  • Oduor Sam Jan 21, 2007 @ 20:09

    I am looking for a payrise after rescuing a dying server. It has worked for me perfectly.

  • Rick Jan 31, 2007 @ 3:34

    It may sound complicated, however, I am much more happy to do this with Linux than with Mickey$oft O/S’s, in fact, I am much more happy to do ANYTHING with Linux over Windoze!

  • _ranger_ Jan 31, 2007 @ 12:38

    If you had used LDAP for user accounts, then you wouldn’t have needed to migrate user accounts ….

    Also, you could skip the whole tar aspect by just using rsync, e.g. rsync -e ssh -avtP /home/ newserver:/home

  • Charles Witt Jan 31, 2007 @ 14:55

    Thanks for the howto. This is really close to what I have been looking for. In my particular situation LDAP and NIS do not fit as well as your howto does. Also thanks for the comments of everyone, as they are helpful.

  • exi Feb 5, 2007 @ 13:14

    you might wanne consider runing sshfs on your new server, then u can login to the old (if sshd is running) and simply copy the requierd data true fx. mc, and get all the file rights w you…
    its fast is simpel, and you only need to have secure shell intstalled on the old box`s to make it work… (and most boxses have… ;)

    just a littet advice for the data moving part.

  • Phil Feb 9, 2007 @ 7:45

    I have a problem, for starters, it look lie I was kind of doing the right thing myself but this blog really helps, thanks. Anyway everything works fine untill I get to the bit where I am extraction all the users data from the home.tar.gz. (kind of important bit) and it fails with text flying up the screen saying “Cannot change ownership to uid 511, gid 511” and “Cannot mkdir: Permission denied” and ” Cannot open: Permission denied”

    obviously I do not have permissions :o(

    I am loged in as root and the home directory of the new server has these permissions:

    drwxrwxrwx 12 root root 0 Feb 8 19:28 home

    I’m not sure how it is possible to obtaim more permissions than that. I have tried with other privilages on the home directory and it still does it.

    PLease can someone help me

    Many thanks

  • GT4NE1 Feb 14, 2007 @ 18:06

    Don’t forget about migrating cron jobs.


    Anything else we haven’t thought of?

  • aleksb Apr 17, 2007 @ 9:45


    I tried your howto, and everything went along great until i rebooted and tried to log on with the users i just copied over. root works fine. The passwords are not accepted, and i cannot change them with passwd. “passwd: Authentication token manipulation error”. Im using fedora core 6.

    Please help

  • aleksb Apr 17, 2007 @ 9:58

    Nevermind, figured it out :)

    Were missing a statement in the shadow file copy thingamabob

    • Anu Nov 10, 2014 @ 21:12

      What did you do to fix the issue ? I rebooted and when I am logging into other user account , it does nothing and comes back to login screen.My root login works fine.

      Please help asap! Thanks :)

  • vikrant v mankar Apr 24, 2007 @ 13:23

    hi i am new user in linux i am getting every answer from ur are providing great solution on every problem its being great to refer your site thanks for every thing

  • Subhanjan Jul 19, 2007 @ 7:07

    I have a small query my new system already has couple of user accounts now I want to transfer the user accounts from the old system I have checked both the systems there is no conflicts in UID,GID so shall I go ahead with it.


  • Subhanjan Jul 19, 2007 @ 12:38

    The things worked beautifully for me.
    Thanks to the author.One more thing cant I script the steps that are done by the command awk?


  • NewLinuxUser Aug 23, 2007 @ 18:13

    I was able to migrate the home folders and accounts from RedHad Linx to Fedora but it seems that I cannot log in with the migrated accounts although I am able to see them under USERS. Am I missing anything? Please help.

  • Prashantshant Aug 27, 2007 @ 8:02

    I am very much thankful that I got migration solution of user. How to transfer printer settings of each user from one m/c to another? we have localy connected the printers to thin clients.

  • Paul Douglas Franklin Sep 19, 2007 @ 18:30

    Thank you so much. This is beautiful. I’m trying to upgrade to a new physical box, different distro, switch to ldap, and from Samba 2 to Samba 3. All this without messing up the working server. I’ve messed up the new box several times, and your migration page is very helpful in avoiding mistakes during this stage. BTW, I used rsync instead of tar for the home directories.

  • asaguru Oct 10, 2007 @ 10:40

    now i am using centos 3 in a dell server now in that server i am running sendmail squid and iptables ftp now i want to migrate the server in to new dell server running in centos 5

    please any one help me on this issue

  • RaM Oct 30, 2007 @ 8:51

    everyone i have question im a newbie admin can anyone give me advise or help me if how can i backup my old linux email server III to new one or migrate to cent mail..tnx what are the important files to back up for linux suse email server III?

  • Eliena Andrews Nov 27, 2007 @ 10:12

    i followed the procedure above, after all steps. USers password is not getting accepted, what could have went wrong ?

    Eliena Andrews

  • Kevin Smith Dec 24, 2007 @ 22:28

    I cut and pasted the commands into an SSH terminal & checked the passwd.mig and shodow.mig to find they were empty!
    I double checked the lines and they were correct (values ect.)
    Plus I end up with a file called “-” which I’m guessing comes from the “/etc/shadow” line “tee -” (typo maybe?)
    Id really like to get this working as it would be quite helpful with my project. My Level is slightly above newbie Admin.


  • mj40 Feb 6, 2008 @ 1:51

    First of all i just wanna say thank you guys! This is my first time to get into the linux world! ….

    I follow the instruction regarding how to’s .. then after rebooting my new centos5 box error message appears:

    “The user database cannot be read. The problem is most likely caused by a mismatch between /etc/passwd and /etc/shadow or /etc/group and /etc/shadow. The program will exit now.”

    I follow the instructions twice and i got same message error. I dont know how to fix this one. Please help me…


  • Augusto Feb 19, 2008 @ 20:34

    this how to works great :) But now Im stuck i need to migrate from Redhat to Debian the UGIDLIMIT are different on this distros? any advice ?

  • Betty Harvey Jun 17, 2008 @ 12:27

    Great instructions easy to follow!!! Worked like a charm!! Thanks for making this available – I
    have it bookmarked for when I do this again!

  • Peter Thomson Jun 18, 2008 @ 1:49

    RE: Augusto need to migrate from Redhat to Debian the UGIDLIMIT are different on this distros
    this advice would be useful for me too. Is it possible to adjust the /etc/passwd and /etc/group files?

  • Brett Knights Jun 26, 2008 @ 17:38

    Thanks, This was very useful.
    I needed to move a couple of system accounts

    so did this:
    awk -F: '($1 ~ /(tomcat|apache)/)' /etc/passwd > /root/move/passwd.mig
    awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd >> /root/move/passwd.mig

    and then couldn’t figure out what the tee gave me and I was moving a set of users not based on UID so did this:
    awk -F: '{print $1}' /root/move/passwd.mig |egrep -f - /etc/shadow > /root/move/shadow.mig


  • Debbie Aug 8, 2008 @ 20:14

    Fabulous! Routine worked great! Thanks for posting it, saved me a ton of time.

  • Bryan Aug 26, 2008 @ 16:34

    Also – a couple of commands to check out if you are having problems with “User database cannot be read” error: pwconv, grpconv and pwck. Works like a charm – now… :)

  • Miro Oct 16, 2008 @ 18:16

    OK, I followed instructions… got stuck with users not being able to log in. If instructions were not correct, how do I fix it now?

  • Alan Nov 7, 2008 @ 11:30

    Excellent! I followed the instructions and did a fresh install of openSuse 11.0 on to 10.3. I have my old /home on a separate partition and didn’t mount it during install because Suse wants an initial user which would have overwritten my original first user (UsId=1000). I installed, logged in as root, deleted the initial user, changed the mount of /home to point to my old /home partition, did the transfer of backed up passwd files etcetera, rebooted and bingo!

    My only worry was, when it came to generating the initial user during install, I had a choice of encryption algorithms for the password. Obviously if I’d chosen the wrong one I’d be stuck (though I could probably log in as root and reset the users’ passwords).

    So my question is: is it possible to tell what encryption algorithm was used for password storage before starting?

    Thanks again for the info.


  • Dominic Nov 26, 2008 @ 10:39

    I am wanting to mirror users/groups to from one Ubuntu server to another. I see that Ubuntu starts off with a user with UID 1000 (created with the name you give it in setup), I guess I should not try to migrate this user since it already exists on the destination machine i.e. I should set UGIDLIMIT=1001?

    What if one re-runs this action later to update the mirror? Do users gets duplicated cos surely one gets multiple entries for same user in /etc/passwd?

  • Mike Dec 17, 2008 @ 2:31

    Great Doc. I was able to migrate a CentOS system to a VM.

  • Ganymede Jan 9, 2009 @ 21:09

    My $0.02: For those who are concerned about UID’s and GID’s…

    …you can change UID’s and GID’s on the old system before migration using:

    groupmod -g (newgid) groupname
    usermod -g (newgid) username OR usermod -G (newgid) username
    (‘g’ changes the initial group or ‘G’ to add an additional group membership)

    Make a backup of the old files first and then change the group GID then change any appropriate users attached to those groups if necessary. Test to make sure all is well. You can do this preemptively if you are going to from a system that starts custom groups at 500 to one that starts custom groups at 1000 or if you don’t want any UID/GID conflicts with your target system. Be the superuser and it would also be prudent to make the changes while none of the users are attached.

    Feel free to pick this post apart.

  • KPryor Jan 10, 2009 @ 22:41

    Very very helpful. I’m going to be needing to do this soon and didn’t really know how to proceed. Thanks!

  • Joe Riley Feb 5, 2009 @ 8:19

    Your FAQ fails to copy over ‘/etc/passwd-‘ as well

    in the command:
    cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak

    should be:

    cp /etc/passwd /etc/passwd- /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak

  • Shawn Feb 17, 2009 @ 16:16

    Fantastic instructions. A+++


  • gczman Mar 2, 2009 @ 15:35

    copied the mbox’s from one unix box and the /etc/passwd and /etc/shadow and it worked perfectly. thanks

  • waloyce Mar 24, 2009 @ 4:26

    Thanks the howto is very useful.But how to migrate the virtual users and domains accounts to a new server

  • Denis Mar 30, 2009 @ 5:07

    Great instructions, worked well for me
    BTW, if I had 2 linux servers, do you think it would be possible to merge the accounts into one of the 2 ?

  • roshan Apr 6, 2009 @ 10:30

    your cp & awk command is so good

  • fidel Apr 23, 2009 @ 10:44

    thanks for this small & easy how-to

    Worked like a charme

  • Juan Carlos Jun 15, 2009 @ 14:30

    there is something similiar for Solaris ?

  • 🐧 nixCraft Jun 15, 2009 @ 14:49


    Solaris uses the same files /etc/passwd and friends. So it should work with a little modification.

  • mstone Jun 16, 2009 @ 17:24

    Also check for aliases because a common multiple recipients solution uses that technique

  • Andy Jul 29, 2009 @ 20:00

    If you use Samba shares; remember to grab /etc/samba/smb.conf, /etc/samba/smbusers, and /etc/samba/smbpasswd

  • John Wood Apr 1, 2010 @ 15:51

    I was getting a “-” file created in /root/move when trying to get the shadow.mig, but I’m not now, and I’m not sure what I did!

    If anyone does get the “-” file, add some spaces around the “tee” command and try again… That’s what I did and it went away!

  • John Wood Apr 1, 2010 @ 15:55

    no, wait, I wasn’t looking in the current directory – I actually don’t get rid of the “-” file…

  • Lukas Johansson Aug 17, 2010 @ 23:52

    Thanks for this guide, managed to migrate a large webserver without any major problem thanks to you!

  • Embedded Oct 6, 2010 @ 13:32

    Thanks for a great guide.
    I have small problem with it.

    From some reason the tar commands don’t work under Red Hat Linux.
    it did not manage to tar or untar the files.

    Do you know how to skip existing files?
    I tried -k flag but no success ;/

  • Ryan Oct 14, 2010 @ 20:42

    Everything worked great. All my users & machines show up in User Manager.

    However I cannot logon as a user, only root. It says wrong password.

  • Tim Nov 29, 2010 @ 3:45

    In Ubuntu, I had a problem following these instructions. When the screensaver was locked, you couldn’t unlock the screen without going to “Switch User” and then put in the password there. In addition, half of the time your gdm session would immediately crash and you’d have to log in from scratch again.

    The problem was that the “shadow” user wasn’t able to read the /etc/shadow and /etc/gshadow files. The /etc/shadow and the /etc/gshadow files need to be chown’d to root:shadow, and chmod’d to 640 like this:

    # chown root:shadow /etc/shadow
    # chown root:shadow /etc/gshadow
    # chmod 640 /etc/shadow /etc/gshadow

  • Irek May 13, 2011 @ 16:16

    I tried to move account details from SUSE to Fedora/RH and password is not working :(

  • Manojg Aug 1, 2011 @ 23:09

    I created account successfully, can login but login take time and gives error:
    /usr/bin/xauth: timeout in locking authority file /home/testuser/.Xauthority

    Any help?

    • LV Jul 21, 2017 @ 19:51

      is it fixed??
      I am getting same error

  • kaleeswari Aug 18, 2011 @ 6:57

    how to create the another root user and how to change the root ?

  • kaleeswari Aug 18, 2011 @ 6:59

    how to transfer the files from one root to another root user in same system using ubunto or fedora?

  • Chris Sep 26, 2011 @ 18:07

    This worked perfect for me migrating users from an old FC3 box to a new Ubuntu 10.04 LTS one. I did run into a problem when I tried to do it a second time. The instructions as they are will result in duplicate entries in the /etc/passwd file. If you want to do this more than once, the *.mig files will need some manual massaging before catting into the destination passwd file. (This may go without saying for most of you, but for me it wasn’t something I thought of ahead of time). I was able to clean it up, but it was a pain.

  • Frank Wang Oct 12, 2011 @ 8:43

    For the /etc/shadow file, better use following to prevent ambiguous match, say a local account named db will also match system account dbus
    # awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534) {print $1}’ /etc/passwd | sed -r -e ‘s/(.*)/^\1:/’ | egrep -f – /etc/shadow > /root/move/shadow.mig

  • Paul Dec 11, 2011 @ 20:50

    It worked perfect from FC 11 to FC 15. Btw, may I add the fact that the host keys must be imported/ecported also. Reason: it is possible to have some users which are using their accounts (SFTP) with the help of an automaitc SFTP client. IN order to keep everything transparent for them, the host keys of the machine must be imported/exported (etc/ssh).
    Maybe is better to test it and include it in this tutorial. Btw, the a lot for doing this.

    Have a nice weekend.


  • Montaser Islam Dec 12, 2011 @ 11:59

    cool post;
    it save a lot of time man.

  • tem_dl Apr 5, 2012 @ 3:24

    cool tip. i’m using it. :D. tks so much

  • wfade Apr 19, 2012 @ 8:21

    i think that you should awk at the new system for combine the new file that you had cp

  • AA Apr 25, 2012 @ 12:55

    I am migrating accounts between an RHEL 5 server and RHEL 6 server and noticed that etc/gshadow file entries for even the same group are listed differently between the two servers. For example: ntp:!:: on rhel 6 and ntp:x:: on rhel 5. Your wonderful article shows that the gshadow file is copied in its entirely (as is) from the old server to the new server. This means that the entries on the new server will be completely replaced. Would it be better to append entries from the original gshadow that don’t exist on the new server instead of replacing it with the entire file from the old server? Thanks in advance.

  • Francisco Pérez May 25, 2012 @ 5:27

    Gracias por su procedimiento:
    Solo una pequeña sugerencia / pregunta:
    No sería mejor en lugar de:

    Copia el archivo / etc / gshadow (rara vez utilizada):
    # cp /etc/gshadow /root/move/gshadow.mig

    Usar el mismo procedimiento que para shadow?:
    awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534) {print $1}’ /etc/group | tee – |egrep -f – /etc/gshadow > gshadow.mig

    y ya en el nuevo servidor, en lugar de:
    # /bin/cp gshadow.mig /etc/gshadow

    hacer lo mismo que con los otros archivos:
    # cat gshadow.mig >> /etc/gshadow

    Un saludo afectuoso..

  • ed Jun 10, 2012 @ 21:38

    Great help!


  • Steve Kelem Jun 26, 2012 @ 22:18

    Francisco: (My Spanish is good enough to understand you, but not enough to answer…)
    Your script grabs every user name above UGIDLIMIT and then grabs every matching line from gshadow.
    1. If a user matches the UGID, and is in a group that already exists on the new machine, e.g., adm, disk, lp, man, dialout, lpadmin,… then you get two entries for those groups in the new gshadow.
    2. There is a small (but non-zero) chance that a user’s name is a substring of a group that doesn’t match UGID, then you would get false positives: roo, kern, hal, ack, kit, and other 3-letter initials that some users might (perhaps unwisely) use. The grep should check for lines with words that match exactly the usernames.

  • mark Jul 8, 2012 @ 20:54

    I keep getting permission denied when i attempt to create the shadow.mig ???

    I added my user to the root group but no difference

    -rw-r—– 1 root shadow 982 2012-04-19 13:28 shadow are my permission group has read

  • John Aug 22, 2012 @ 16:02

    Wow, you know you’ve got a great tutorial when it’s copied verbatim by a bunch of others who don’t give one bit of credit to the original.

    I have found this on at least 5 other sites with only ONE giving credit to Vivek and

  • ian scott-fleming Aug 29, 2012 @ 16:07

    Is there a reason you use !=65534 instead of =LIMIT) && ($3=LIMIT) && ($3<=UPRLIMIT)'

    Seems like without <= , your awk would pick up values above 65534 (or 29999 for some systems)
    of course, there *shouldn't* be a user 65535 so it should work fine as you've specified. (my systems seem to all have nfsnobody at 65534)

    Maybe my shell scripting is a little rusty, but I think the "export" is unnecessary here, unless you want to put the migration commands in a shell script and run it in a subshell. With export there, any other subshells you run (until you log out) will also see that export. (Don't ask me how I know that…ouch)

  • Niels Mouthaan Sep 23, 2012 @ 11:29

    Great post! Thanks for this :-)

  • PhilipV Oct 19, 2012 @ 2:50

    I did it successfully. Thanks.

  • dali Oct 29, 2012 @ 15:57

    think you……..

  • Jeremy Dec 12, 2012 @ 16:46

    I followed your instructions to migrate from redhat kernel 2.4 to centos 6 and for the most part, they worked great. The only problem I am experiencing is when I go into the user manager I get the error “I couldnt find the numerical IDs of these groups:” and it lists about 10 groups. (ident, mailnull, netdump, news, nscd, pcap, piranha, pvm, rpm, squid, xfs) I didnt see these groups in /etc/group or /etc/gshadow and I am not sure that any of the corresponding programs are loaded on the new machine. Any help on this would be greatly appreciated. Thanks!

    • Jeremy Dec 12, 2012 @ 16:51

      Correction. They are in /etc/gshadow but not in /etc/group

  • Jeremy Dec 12, 2012 @ 17:31

    ahhhhhh…. I answered my own question after re-reading my last post. All of the programs I listed had GIDs lower than 500. I edited the the /etc/group file (vigr) and inserted the missing values. All is well now. Thanks for the awesome post.

  • metalmas Jan 1, 2013 @ 9:17

    Unfortunately this tutorial doesn’t working when I tried migrate user with mailboxes from Fedora do CentOS, because when I start postfix + dovecot a lot of error with permissions denied occured in maillog and email klients could not connect :(

  • gamezat Feb 14, 2013 @ 23:53

    thank you so much,
    very useful i moved from server to anthor without any problems
    thank you

  • ion Mar 1, 2013 @ 14:35

    Thank you

  • ilde Mar 26, 2013 @ 7:20

    A very simple and effective approach, which I followed. Then, to copy all directories in /home directory, I used next command as root:
    rsync -avz /home/
    Where /home/ refers to the source machine, and is the IP address of the destination one. All file permissions and ownerships were preserved. Also please make sure you include all slashes shown.
    rsync must be installed in both the source and the destination boxes. Both machines are servers which run Debian Squeeze.

  • VaiN May 16, 2013 @ 7:48

    the shadow part does not work for me either:

    $ sudo awk -v LIMIT=500 -F: ‘($3>=LIMIT) && ($3!=65534) {print $1}’ /etc/passwd | tee – |egrep -f – /etc/shadow > /home/vain/shadow.mig
    egrep: /etc/shadow: Permission denied

    and I just end up with an empty shadow.mig file.

    I’m using Ubuntu Sever and wanting to switch to Debian Squeeze. currently there is no root user, though I obviously have sudo.

    • todd Sep 19, 2014 @ 0:05

      If you’re using sudo you have to put a ‘sudo’ in front of the ‘tee’ command and the ‘egrep’ commands. Or simply run it as root.

  • Sakrow Jun 30, 2013 @ 10:39

    When I do the import into the new system, mysql stops working

    I’m migrating from Debian 6 to Debian 7

    The problem is that it eliminates the socket

  • PVR Jul 18, 2013 @ 2:26

    I have followed the instruction to migrate users from “CentOS” to “Power RHEL6.4(ppc)” ,
    for me its not working, when i tried to reset password its through “token manipulation error” .
    I have restored old backup file , but same error .
    Can anyone help me on this and i need steps to take single user mode on Power Linux .

  • none Jul 31, 2013 @ 13:52

    Thanks for this smooth instruction and for the comprehensive additional explenations.

  • Ling Oct 17, 2013 @ 23:33

    I followed your instruction step by step to move users from RHEL5.5 to another RHEL5.5. No errors encountered. However, when I try to reboot, the server was not coming up…what could be wrong?

  • Abhinav Kumar Dec 8, 2013 @ 21:47

    I just tried this for one of my use cases. Good info. works well.

    One thing would like to bring to notice which just happened in my case. In my case there are few users who are getting sudo access using wheel group definition in /etc/sudoers file. and since few users in new box are not part of wheel user ( as we have exclude any gid below 500 ), the users didn’t get Sudo access. for now as a workaround I am collecting all user’s group information and putting it in a file and later in new machine I use a loop to compare if the user has all the group mentioned in the file. If not than I make the user part of that group.

    Bit of extra work. any simpler solution?

  • alan Mar 18, 2014 @ 17:49

    Followed your instructions but one problem at login. The prompt I’m getting is ” I have no name!@Ubuntu_Server”. Any ideas what is wrong?

  • Marcelo Apr 15, 2014 @ 14:44

    It works very fine.


  • waldeg Aug 8, 2014 @ 6:57

    It works very perfect


  • Andreas Aug 9, 2014 @ 8:29

    Linux can easily run on lower-class coerutmps (so it will run on a 6GB Hard drive, with pentuim 2) Yes, most distros. of it are free, I reccomend Ubuntu, where it is optional to download, because you can order free CDs. And yes, it is very user friendly, the only thing not user friendly is installing stuff, which can be a pain.

  • Solomy Sep 24, 2014 @ 13:15

    Migrated suucessfuly but it’s unfortunate i can not login to my account.
    How do i go over it and have my logins work?

  • Jenn Oct 9, 2014 @ 22:02

    I copied and pasted this command and nothing happened. I don’t have a passwd.mig file in the move directory.
    # awk -v LIMIT=$UGIDLIMIT -F: ‘($3>=LIMIT) && ($3!=65534)’ /etc/passwd > /root/move/passwd.mig

    Any suggestions?

  • sreekanth Nov 8, 2014 @ 21:06

    really good info. I should delete the existing users and groups before first to make the migration work properly. also i have used pwck and grpck to check the errors in user database

  • Ryan Sep 10, 2015 @ 14:14

    Great info. Thanks.

    • Ubochi Sep 27, 2015 @ 8:56

      Thanks bro! Wonderful info.

  • Efosa Sep 23, 2015 @ 10:32

    Thanks Guys
    Am new to Linux, but I was able to migrated successfully from fedora to centos7, but I can’t login to any of the accounts. except the old root account. when I try to login with squirrel mail it gives this —
    ERROR: Connection dropped by IMAP server.

    Also trying to login from terminal it gives this—
    bash: /home/user/.bashrc: Permission denied

    Please Guys, how do i go over it and have my logins work?


  • jureq Oct 27, 2015 @ 14:17

    Wrong use of egrep:
    if one has real users zzftp and rooter, system accounts root and ftp will be included in shadow file. Try something like print “^”$1″:” in awk

  • Edrick Dec 5, 2016 @ 17:01

    this worked for me, thanks

    but, now i want to migrate to new server without carrying user data in /home/user. the migration must create the /home/user folder though. i also want to create /var/spool/mail/use but without the emails

    thank you

  • Rommel Santos Apr 11, 2017 @ 7:10

    If I too late for this thread? Everything smoothly except for one thing. I can login every account I transferred except in samba sharing on windows “access denied”. Anyone have an idea what happen?

  • xaff May 4, 2017 @ 16:37

    on ubuntu spool/mail is a symlink so I had to
    tar -zcvpf /root/move/mail.tar.gz /var/spool/mail/*
    instead of
    tar -zcvpf /root/move/mail.tar.gz /var/spool/mail

  • Jack Burris Jan 25, 2021 @ 18:58

    Thank you for this article. I still use it on a couple Ubuntu 20.04 servers.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum