Migrating Users from One AIX System to Another AIX System

Technote (FAQ)

Question

Migrating Users from One AIX System to Another AIX System

Answer

This document discusses migrating users from one AIX system to another. This does not include transferring the user's personal data or home directories.

The information in this document applies to AIX 5.2 and above.

Since the files involved in the following procedure are flat ASCII files and their format has not changed from V4 to V5, the users can be migrated between systems running the same or different versions of AIX (for example, from V4 to V5).

---

/etc/group

/etc/passwd

/etc/security/group

/etc/security/limits

/etc/security/passwd

/etc/security/.ids

/etc/security/environ

/etc/security/.profile

NOTE: Edit the passwd file so the root entry is as follows:

   root:!:0:0::/:/usr/bin/ksh

When you copy the /etc/passwd and /etc/group files, make sure they contain at least a minimum set of essential user and group definitions.

Listed specifically as users are the following:

·         root

·         daemon

·         bin

·         sys

·         adm

·         uucp

·         guest

·         nobody

·         lpd

Listed specifically as groups are the following:

·         system

·         staff

·         bin

·         sys

·         adm

·         uucp

·         mail

·         security

·         cron

·         printq

·         audit

·         ecs

·         nobody

·         usr

If the bos.compat.links fileset is installed, you can copy the /etc/security/mkuser.default file over. If it is not installed, the file belongs in the /usr/lib/security directory.

If you copy over mkuser.default, changes must be made to the stanzas. Replace group with pgrp, nd program with shell. A proper stanza should look like the following:

    user:

            pgrp = staff

            groups = staff

            shell = /usr/bin/ksh

            home = /home/$USER

The following files may also be copied over, as long as the AIX version in the new machine is the same:

   /etc/security/login.cfg

   /etc/security/user

NOTE: If you decide to copy these two files, open the /etc/security/user file and make sure that variables such as tty, registry, auth1 and so forth are set properly with the new machine. Otherwise, do not copy these two files, and just add all the user stanzas to the new created files in the new machine.

Once the files are moved over, execute the following:

    usrck -t ALL

    pwdck -t ALL

    grpck -t ALL

This will clear up any discrepancies (such as uucp not having an entry in /etc/security/passwd). Ideally this should be run on the source system before copying over the files as well as after porting these files to the new system.

NOTE: It is possible to find user ID conflicts when migrating users from older versions of AIX to newer versions. AIX has added new user IDs in different release cycles. These are reserved IDs and should not be deleted. If your old user IDs conflict with the newer AIX system user IDs, it is advised that you assign new user IDs to these older IDs.