How to migrate OS User Accounts from one Linux Server to Other/New Linux Server

We might get into these type of requirements when we are migrating from old server to new server.

Below are the important files to consider while moving users from one server to another

• /etc/passwd contains information about the user.

• /etc/group contains information about the group.

• /etc/shadow contains encrypted password for the user.

• /var/spool/mail contains user mails are stored in this file.

• /home/user contains users home directory, hence it may contain user data.

Users that are added to the Linux system always start with UID and GID values of as specified by Linux distribution or set by admin.

Limits according various Linux distro:

RHEL/CentOS/Fedora Core : Default is 500 and upper limit is 65534 (/etc/libuser.conf).

Debian and Ubuntu Linux : Default is 1000 and upper limit is 29999 (/etc/adduser.conf).

Steps:

Connect as root User on old server

1. Backup the user accounts from old server for all users having user id above 500.

# mkdir -p /stage/common (This can be any directory)

# export UGIDLIMIT=500

# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /stage/common/passws.olds

2. Backup the groups in /etc/group file:

# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/group > /stage/common/group.olds

3. Backup the shadow file:

# awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534) {print $1}' /etc/passwd | tee - |egrep -f - /etc/shadow > /stage/common/shadow.olds

4. Backup the users home directory and users mails:

# tar -zcvpf /stage/common/home.tar.gz /home

5. Backup the user's mails:

# tar -zcvpf /stage/common/mail.tar.gz /var/spool/mail

In case required you can copy the cronjobs for users as well from /var/spool/cron

6. Copy the Backup files to new server using scp or any preferrable method.

7. Restore the data into the new server.

# cat passwd.old >> /etc/passwd

# cat group.old >> /etc/group

# cat shadow.old >> /etc/shadow

# /bin/cp shadow.old /etc/gshadow

8. Restore the user's data as well as the user's mails to the new server.

# tar -zxvf /path/to/location/home.tar.gz

# tar -zxvf /path/to/location/mail.tar.gz

9. Reboot Server

Comments

WebLogic migration to OCI using WDT tool

WebLogic migration to OCI using WDT tool Oracle WebLogic Deploy Tool (WDT) is an open-source project designed to simplify and streamline the management of Oracle WebLogic Server domains. With WDT, you can export configuration and application files from one WebLogic Server domain and import them into another, making it a highly effective tool for tasks like migrating on-premises WebLogic configurations to Oracle Cloud. This blog outlines a detailed step-by-step process for using WDT to migrate WebLogic resources and configurations. Supported WLS versions Why Use WDT for Migration? When moving Oracle WebLogic resources from an on-premises environment to Oracle Cloud (or another WebLogic Server), WDT provides an efficient and reliable approach to: Discover and export domain configurations and application binaries. Create reusable models and archives for deployment in a target domain. Key Pre-Requisites Source System: An Oracle WebLogic Server with pre-configured resources such as: Applica...

How to Validate TDE Wallet Password in Oracle Database

How to Validate TDE Wallet Password in Oracle Database Validating the Transparent Data Encryption (TDE) wallet password is crucial, especially when ensuring that the password is correct without using the OPEN or CLOSE commands in the database. This blog post explains a straightforward method to validate the TDE password using the mkstore utility. Steps to Validate TDE Wallet Password Follow these steps to validate the TDE wallet password: Step 1: Copy the Keystore/Wallet File Navigate to your existing TDE wallet directory. Copy only the ewallet.p12 file to a new directory. If a cwallet.sso file exists, do not copy it . The absence of cwallet.sso ensures that the wallet does not use auto-login, forcing the utility to prompt for the password. Step 2: Validate Using mkstore Use the mkstore utility to check the contents of the wallet file. The mkstore utility will prompt you for the TDE wallet password, allowing you to validate its correctness. Command Syntax To display the conten...

Rename a PDB in Oracle Database Multitenant Architecture in TDE and Non TDE Environment

Rename a PDB in Oracle Database Multitenant Architecture I am sharing a step-by-step guide to help you rename a PDB. This approach uses SQL commands. Without TDE or encryption Wallet Initial Check Check the Current Database Name and Open Mode: SQL > SELECT NAME, OPEN_MODE FROM V$DATABASE; NAME OPEN_MODE --------- -------------------- BEECDB READ WRITE List Current PDBs: SQL > SHOW PDBS; CON_ID CON_NAME OPEN MODE RESTRICTED ---------- ------------------------------ ---------- ---------- 2 PDB$SEED READ ONLY NO 3 FUAT READ WRITE NO We need to RENAME FUAT to BEE Steps to Rename the PDB Step 1: Export ORACLE_SID Set the Oracle SID to the Container Database (CDB): export ORACLE_SID=BEECDB Step 2: Verify Target PDB Name Availability If the target PDB name is different from the current PDB name, ensure no service exists with the target PDB name. Run SQL to Check Exi...

foalabs

Search This Blog