Tanti Technology

My photo
Bangalore, karnataka, India
Multi-platform UNIX systems consultant and administrator in mutualized and virtualized environments I have 4.5+ years experience in AIX system Administration field. This site will be helpful for system administrator in their day to day activities.Your comments on posts are welcome.This blog is all about IBM AIX Unix flavour. This blog will be used by System admins who will be using AIX in their work life. It can also be used for those newbies who want to get certifications in AIX Administration. This blog will be updated frequently to help the system admins and other new learners. DISCLAIMER: Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility. If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.

Thursday 7 November 2013

Migrating Users from One AIX System to Another AIX System


This document discusses migrating users from one AIX system to another. This does not include transferring the user's personal data or home directories.
The information in this document applies to AIX 5.2 and above.

Since the files involved in the following procedure are flat ASCII files and their format has not changed from V4 to V5, the users can be migrated between systems running the same or different versions of AIX (for example, from V4 to V5).

Files that can be copied over: 
/etc/group 
/etc/passwd
/etc/security/group 
/etc/security/limits 
/etc/security/passwd
/etc/security/.ids 
/etc/security/environ 
/etc/security/.profile 
 
NOTE: Edit the passwd file so the root entry is as follows

 root:!:0:0::/:/usr/bin/ksh

When you copy the /etc/passwd and /etc/group files, make sure they contain at least a minimum set of essential user and group definitions.

Listed specifically as users are the following:
    root 
    daemon 
    bin 
    sys 
    adm 
    uucp 
    guest 
    nobody 
    lpd

      Listed specifically as groups are the following:

        system 
        staff 
        bin 
        sys 
        adm 
        uucp 
        mail 
        security 
        cron 
        printq 
        audit 
        ecs 
        nobody 
        usr 

          If the bos.compat.links fileset is installed, you can copy the /etc/security/mkuser.default file over. If it is not installed, the file belongs in the /usr/lib/security directory.
          If you copy over mkuser.default, changes must be made to the stanzas. Replace group with pgrp, and program with shell. A proper stanza should look like the following:

              user: 
            pgrp = staff 
            groups = staff 
            shell = /usr/bin/ksh 
            home = /home/$USER 
           
          The following files may also be copied over, as long as the AIX version in the new machine is the same:

             /etc/security/login.cfg 
   /etc/security/user 
           
          NOTE: If you decide to copy these two files, open the /etc/security/user file and make sure that variables such as tty, registry, auth1 and so forth are set properly with the new machine. Otherwise, do not copy these two files, and just add all the user stanzas to the new created files in the new machine.

          Once the files are moved over, execute the following:

              usrck -t ALL 
    pwdck -t ALL 
    grpck -t ALL 
           
          This will clear up any discrepancies (such as uucp not having an entry in  /etc/security/passwd). Ideally this should be run on the source system before copying over the files as well as after porting these files to the new system.
          NOTE: It is possible to find user ID conflicts when migrating users from older versions of AIX to newer versions. AIX has added new user IDs in different release cycles. These are reserved IDs and should not be deleted. If your old user IDs conflict with the newer AIX system user IDs, it is advised that you assign new user IDs to these older IDs. 
          Posted by at

          No comments:

          Post a Comment

          Subscribe to: Post Comments (Atom)