[SOLVED] How to automate existing users & groups to other server
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
It all depends on how your users and groups are stored.
Legacy Unix/Linux systems use simple text files as user and group databases:
/etc/passwd contains the user database
/etc/shadow contains password hashes for the users in /etc/passwd
/etc/group contains all groups
/etc/gshadow contains group password hashes
If you just want to copy all user accounts and groups from one system to another, you can simply copy the files. This will of course overwrite the files on the destination system, and any locally defined users/groups will effectively be deleted. Also, the destination system will inherit all UIDs from the source system, which may not be what you want, especially if you're using different distributions (some common system accounts have distribution-specific UIDs).
Keeping user accounts in sync across systems is a really old problem in Unix, and there are several solutions:
NIS (originally yp - Yellow Pages) and NIS+ (Solaris only, I believe) are a set of daemons that copy user and group accounts between systems
Hesiod is a system that places account information and password hashes in DNS records (not recommended for security reasons)
Kerberos uses a centralized user/password database
various directory services can be used with LDAP authentication
If you want to keep accounts in sync across many systems, use a directory service. The Linux authentication subsystem can be configured to use LDAP via PAM modules. The most common products are OpenLDAP and Active Directory (yes, really). The latter does not require Windows servers if you use Samba.
Good answer above....
As mentioned watch out for overlapping accts on the old vs new system. Also, some versions of Linux start non-priv accts at uid 500, some start at 1000.
Do you really just want the accts OR also all the users' files as well?
We dont have any directory services configured, I am only considering /etc/passwd & /etc/groups & also dont want to copy the whole file to other server.
Can we achieve the same through a simple bash script.
We dont have any directory services configured, I am only considering /etc/passwd & /etc/groups & also dont want to copy the whole file to other server.
Can we achieve the same through a simple bash script.
No, because the script would be nothing you could call "simple":
How should it parse the files?
How should it transfer information between servers?
How would it keep track of which servers to include in the synchronization scheme?
How should it insert information into the files? What should it do if a file happens to be in use?
How would it be able to tell user accounts and system accounts apart?
What should it do if an account exists on A but not B? Copy from A to B, or delete on A?
What should it do if an account exists on A and B, but the password differs? Which password should it keep?
Etc etc etc. To do this properly, you'd basically have to reinvent NIS and/or a directory service.
Do yourself a favour, and just use NIS or OpenLDAP or Samba. You'll save time and end up with something that's both usable and maintainable.
yes its possible with simple bash script as I had placed the new users & groups in separate files with same format as /etc/passwd & /etc/group files & used the for loop which worked.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.