?
Solved

Migrate Password/User Database to another server

Posted on 2003-03-25
8
Medium Priority
?
224 Views
Last Modified: 2010-04-20
Hi guys,

I'm running a customized version of RedHat and I would like to swap the server I'm having with a new one. The new one has the OS installed correctly already, but I would like to know if it is possible to migrate the users and their passwords (!) to the new server.

The idea is that I would like to swap them without the user noticing.

If this is possible, how? And are there any concequences?

Thanks

Wim
0
Comment
Question by:Wimmeke
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 1

Author Comment

by:Wimmeke
ID: 8207700
I also have to mention that I have a directory-tree which uses these accounts in it's security info. So I would also like to know how to copy this tree over to another server, while keeping the security settings.
0
 
LVL 13

Accepted Solution

by:
rhinoceros earned 1000 total points
ID: 8207833
I had done the same case as before, my server is normally running for job now by follow steps.

Take the copy of files "passwd" , "group" , "shadow" , "gshadow" to move to new server on the same location.

Please don't use the 'cp" command, run "tar"

e.g. tar zcvf group.tgz /etc/group (backup)
e.g  tar xzvf group.tgz (restore)

It will keep all permission & ownership during tar processing, Noramlly it's worked.


Except the user/password

Other important point:
My Case : tranferred from Redhat 7.2 to Redhat 8.0
After tar, I found out some services could be started. Because the installation of Redhat 7.2 & 8.0 has some different. Like as SSH, SMTP privilege had been missed from the group/passwd file.

e.g.
group named file "sshd:x:74
passwd named file "sshd:x:74:74:Privilege -separted SSH:/var/empty/sshd:/sbin:/nologin"

Copy above original priviliege setting from the original file to the replaced file. Anyway compare the new & old  file before tar as well.



I hope it can help.
0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 8207847
I suggest you copy the original files of new server to other place for backup at first. If failed, use those files for recovery back to normal as well.


After tar, the root account password will be changed as old server's root password, please noted.



I hope it can help.
0
A new era in Cloud training has arrived.

A day that will go down in Cloud history.. But are you ready for it? Will you accept this Cloud challenge?

 
LVL 1

Author Comment

by:Wimmeke
ID: 8207957
Thanks rhinoceros,

I will give this a try when the new server gets delivered and will tell you my findings afterwards

Probably this will be thursday night

Wim
0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 8215128
Except the username/password, like as /home folder will be created when the new account created. If SMTP service installed, it also create mailbox in /var/spool/mail.


Example:

As before, we mirgated the mail server from Redhat 7.2 to Redhat 8.0 O/S. Except username/password system files,  we also tar (copy) "/home" & "var/spool/mail" folders to the new server to run our service again.


In conclusion, you should clear what service you will need, then copy what kinds of file with their request from the existing server. You must take a fully testing before real migration as well.


I hope it can help.
0
 
LVL 1

Author Comment

by:Wimmeke
ID: 8228372
Well, I have taken what I could get from the old server. I wanted to get a copy of the /etc dir, but I failed to do this.

However, I have all the encrypted passoword stringsof all users. I believe them to be MD5? It's something like 5shXns;hes54d4z7 for every user.

I created all existing users on the new box with the same password.

Is there a way to copy the old encrypted stings somewhere into the new system and give the users their old passwords back?

There are a lot of them and it would be a nightmare to explain how to change their passwords in their mail clients etc.

Thanks
0
 
LVL 13

Expert Comment

by:rhinoceros
ID: 8228954
How to copy (tar) those files in /etc ???

(Backup)
tar -zcvf group.tgz /etc/group
tar -zcvf shadow.tgz /etc/shadow
tar -zcvf passwd.tgz /etc/passwd ......

(Restore)
(go to '/' directory, due to backup from /etc, so it will restore for full path as /etc/group , then directly locate on the same place as well)

copy *.tgz /
cd /
tar -xzvf group.tgz /etc/group
tar -xzvf shadow.tgz /etc/shadow......

It will remind all original permission like as the old server.


Overall, you copy (tar) the four system file "group", "passwd", "shadow", "gshadow" to the new server, it will be kept all old account & password. But you must use the 'vi' editor only when need to edit.



More Information:
The /etc/passwd file, which contains information about all users, including their encrypted password, is readable by all users, making it possible for any user to get the encrypted password of everyone on the system. Though the passwords are encrypted, password-cracking programs are widely available. To combat this growing security threat, shadow passwords were developed.......................

http://www.europe.redhat.com/documentation/HOWTO/User-Authentication-HOWTO/x57.php3


I hope it can help.

0
 
LVL 1

Author Comment

by:Wimmeke
ID: 8229120
Thanks. It would be great if I could still do that, but my old server and it's backup tape are completely wrecked.

However I still had a list of all users and their MD5 passwords. What I did is the following:

I created each and every user manually like on the old server. I gave them a temporary password.

This password was stored as MD5 in the shadow file. I've overwritten the password part with the old MD5 strings and everyone has it's old password again.

So, my problem is solved.

Rhinoceros, thanks for your outstanding help.

Greetings

Wim
Brussels, Belgium

0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month9 days, 1 hour left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question