Howto transfer a crypt password to a new UCS srv

Hello, have a UCS srv with some mail users,
and now I want to create a new srv, because need the change the hardware… but I want to transfer the existing users.
The user recreation is not a problem, but how to create with the same passwd?
Is any possibility?

Hi,

if I am not completely wrong you should be able to do it with “udm”.

See: here

Read: if you can export full users you can easily export the password.

So as mentioned, do some scripting around and you should be fin with “udm”.

/CV

I get the impression that we could see some kind of XY problem here.

If the general goal is to replace the hardware one could also look into setting up a new DC backup, moving the data and finally do a backup2master.
This method will retain all relevant informations about users without the need to migrate passwords. The migration of the data will of course depend on the used mail software.

If the goal is to replace the system without creating a new master one could look into the steps described in Cool Solution - Single Server Backup and Restore,

Finally one could really use the way you are probably looking at, create users using udm and transfer passwords.
udm has only the capability to set passwords. But you need to know them (or use a fixed value and force the users to create a new one). What we have done in those cases, for example when migrating from plain OpenLDAP to UCS, was to use ldapmodify to set attributes like sambaNTPassword or userPassword. While this information is accessible in the source system (just look at univent-ldapsearch or the ldif backup in /var/iunivention-backup), there is a) no general toolchain and b) additional steps, depending on the complete software stack) needed to make sure that other components that are doing authentication (like Kerberos) can use the passwords that are migrated using low-level methods.
I’d check first if one of the first two methods would be possible before starting the hard way.

2 Likes
Mastodon