Wimmeke
asked on
Migrate Password/User Database to another server
Hi guys,
I'm running a customized version of RedHat and I would like to swap the server I'm having with a new one. The new one has the OS installed correctly already, but I would like to know if it is possible to migrate the users and their passwords (!) to the new server.
The idea is that I would like to swap them without the user noticing.
If this is possible, how? And are there any concequences?
Thanks
Wim
I'm running a customized version of RedHat and I would like to swap the server I'm having with a new one. The new one has the OS installed correctly already, but I would like to know if it is possible to migrate the users and their passwords (!) to the new server.
The idea is that I would like to swap them without the user noticing.
If this is possible, how? And are there any concequences?
Thanks
Wim
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I suggest you copy the original files of new server to other place for backup at first. If failed, use those files for recovery back to normal as well.
After tar, the root account password will be changed as old server's root password, please noted.
I hope it can help.
After tar, the root account password will be changed as old server's root password, please noted.
I hope it can help.
ASKER
Thanks rhinoceros,
I will give this a try when the new server gets delivered and will tell you my findings afterwards
Probably this will be thursday night
Wim
I will give this a try when the new server gets delivered and will tell you my findings afterwards
Probably this will be thursday night
Wim
Except the username/password, like as /home folder will be created when the new account created. If SMTP service installed, it also create mailbox in /var/spool/mail.
Example:
As before, we mirgated the mail server from Redhat 7.2 to Redhat 8.0 O/S. Except username/password system files, we also tar (copy) "/home" & "var/spool/mail" folders to the new server to run our service again.
In conclusion, you should clear what service you will need, then copy what kinds of file with their request from the existing server. You must take a fully testing before real migration as well.
I hope it can help.
Example:
As before, we mirgated the mail server from Redhat 7.2 to Redhat 8.0 O/S. Except username/password system files, we also tar (copy) "/home" & "var/spool/mail" folders to the new server to run our service again.
In conclusion, you should clear what service you will need, then copy what kinds of file with their request from the existing server. You must take a fully testing before real migration as well.
I hope it can help.
ASKER
Well, I have taken what I could get from the old server. I wanted to get a copy of the /etc dir, but I failed to do this.
However, I have all the encrypted passoword stringsof all users. I believe them to be MD5? It's something like 5shXns;hes54d4z7 for every user.
I created all existing users on the new box with the same password.
Is there a way to copy the old encrypted stings somewhere into the new system and give the users their old passwords back?
There are a lot of them and it would be a nightmare to explain how to change their passwords in their mail clients etc.
Thanks
However, I have all the encrypted passoword stringsof all users. I believe them to be MD5? It's something like 5shXns;hes54d4z7 for every user.
I created all existing users on the new box with the same password.
Is there a way to copy the old encrypted stings somewhere into the new system and give the users their old passwords back?
There are a lot of them and it would be a nightmare to explain how to change their passwords in their mail clients etc.
Thanks
How to copy (tar) those files in /etc ???
(Backup)
tar -zcvf group.tgz /etc/group
tar -zcvf shadow.tgz /etc/shadow
tar -zcvf passwd.tgz /etc/passwd ......
(Restore)
(go to '/' directory, due to backup from /etc, so it will restore for full path as /etc/group , then directly locate on the same place as well)
copy *.tgz /
cd /
tar -xzvf group.tgz /etc/group
tar -xzvf shadow.tgz /etc/shadow......
It will remind all original permission like as the old server.
Overall, you copy (tar) the four system file "group", "passwd", "shadow", "gshadow" to the new server, it will be kept all old account & password. But you must use the 'vi' editor only when need to edit.
More Information:
The /etc/passwd file, which contains information about all users, including their encrypted password, is readable by all users, making it possible for any user to get the encrypted password of everyone on the system. Though the passwords are encrypted, password-cracking programs are widely available. To combat this growing security threat, shadow passwords were developed.................
http://www.europe.redhat.com/documentation/HOWTO/User-Authentication-HOWTO/x57.php3
I hope it can help.
(Backup)
tar -zcvf group.tgz /etc/group
tar -zcvf shadow.tgz /etc/shadow
tar -zcvf passwd.tgz /etc/passwd ......
(Restore)
(go to '/' directory, due to backup from /etc, so it will restore for full path as /etc/group , then directly locate on the same place as well)
copy *.tgz /
cd /
tar -xzvf group.tgz /etc/group
tar -xzvf shadow.tgz /etc/shadow......
It will remind all original permission like as the old server.
Overall, you copy (tar) the four system file "group", "passwd", "shadow", "gshadow" to the new server, it will be kept all old account & password. But you must use the 'vi' editor only when need to edit.
More Information:
The /etc/passwd file, which contains information about all users, including their encrypted password, is readable by all users, making it possible for any user to get the encrypted password of everyone on the system. Though the passwords are encrypted, password-cracking programs are widely available. To combat this growing security threat, shadow passwords were developed.................
http://www.europe.redhat.com/documentation/HOWTO/User-Authentication-HOWTO/x57.php3
I hope it can help.
ASKER
Thanks. It would be great if I could still do that, but my old server and it's backup tape are completely wrecked.
However I still had a list of all users and their MD5 passwords. What I did is the following:
I created each and every user manually like on the old server. I gave them a temporary password.
This password was stored as MD5 in the shadow file. I've overwritten the password part with the old MD5 strings and everyone has it's old password again.
So, my problem is solved.
Rhinoceros, thanks for your outstanding help.
Greetings
Wim
Brussels, Belgium
However I still had a list of all users and their MD5 passwords. What I did is the following:
I created each and every user manually like on the old server. I gave them a temporary password.
This password was stored as MD5 in the shadow file. I've overwritten the password part with the old MD5 strings and everyone has it's old password again.
So, my problem is solved.
Rhinoceros, thanks for your outstanding help.
Greetings
Wim
Brussels, Belgium
ASKER