I wanted to migrate existing multiple users & groups with same uid & gid from one server to other server.

Can anyone suggest how this can be done through a script.

It all depends on how your users and groups are stored.

Legacy Unix/Linux systems use simple text files as user and group databases:

• /etc/passwd contains the user database
• /etc/shadow contains password hashes for the users in /etc/passwd
• /etc/group contains all groups
• /etc/gshadow contains group password hashes

If you just want to copy all user accounts and groups from one system to another, you can simply copy the files. This will of course overwrite the files on the destination system, and any locally defined users/groups will effectively be deleted. Also, the destination system will inherit all UIDs from the source system, which may not be what you want, especially if you're using different distributions (some common system accounts have distribution-specific UIDs).

Keeping user accounts in sync across systems is a really old problem in Unix, and there are several solutions:

• NIS (originally yp - Yellow Pages) and NIS+ (Solaris only, I believe) are a set of daemons that copy user and group accounts between systems
• Hesiod is a system that places account information and password hashes in DNS records (not recommended for security reasons)
• Kerberos uses a centralized user/password database
• various directory services can be used with LDAP authentication

If you want to keep accounts in sync across many systems, use a directory service. The Linux authentication subsystem can be configured to use LDAP via PAM modules. The most common products are OpenLDAP and Active Directory (yes, really). The latter does not require Windows servers if you use Samba.

1 members found this post helpful.

Good answer above....
As mentioned watch out for overlapping accts on the old vs new system. Also, some versions of Linux start non-priv accts at uid 500, some start at 1000.
Do you really just want the accts OR also all the users' files as well?

We dont have any directory services configured, I am only considering /etc/passwd & /etc/groups & also dont want to copy the whole file to other server.

Can we achieve the same through a simple bash script.

No, because the script would be nothing you could call "simple":

• How should it parse the files?
• How should it transfer information between servers?
• How would it keep track of which servers to include in the synchronization scheme?
• How should it insert information into the files? What should it do if a file happens to be in use?
• How would it be able to tell user accounts and system accounts apart?
• What should it do if an account exists on A but not B? Copy from A to B, or delete on A?
• What should it do if an account exists on A and B, but the password differs? Which password should it keep?

Etc etc etc. To do this properly, you'd basically have to reinvent NIS and/or a directory service.

Do yourself a favour, and just use NIS or OpenLDAP or Samba. You'll save time and end up with something that's both usable and maintainable.

yes its possible with simple bash script as I had placed the new users & groups in separate files with same format as /etc/passwd & /etc/group files & used the for loop which worked.