Files that can be copied over
/etc/group /etc/passwd /etc/security/group /etc/security/limits /etc/security/passwd /etc/security/.ids /etc/security/environ /etc/security/.profile
NOTE: Edit the passwd file so the root entry is as follows:
root:!:0:0::/:/usr/bin/ksh
When you copy the /etc/passwd and /etc/group files, make sure they contain at least a minimum set of essential user and group definitions.
Listed specifically as users are the following:
- root
- daemon
- bin
- sys
- adm
- uucp
- guest
- nobody
- lpd
- system
- staff
- bin
- sys
- adm
- uucp
- security
- cron
- printq
- audit
- ecs
- nobody
- usr
If you copy over mkuser.defaults, changes must be made to the stanzas.
Replace group with pgrp, and program with
shell. A proper stanza should look like the following:
user:
pgrp = staff
groups = staff
shell = /usr/bin/ksh
home = /home/$USER
The following files may also be copied over, as long as the AIX version in the
new machine is the same:
/etc/security/login.cfg /etc/security/user
NOTE: If you decide to copy these two files, open the
/etc/security/user
file and make sure that variables such as tty, registry, auth1 and so forth are
set properly with the new machine. Otherwise, do not copy these two files, and
just add all the user stanzas to the new created files in the new machine.
Once the files are moved over, execute the following:
usrck -t ALL
pwdck -t ALL
grpck -t ALL
This will clear up any discrepancies (such as uucp not having an entry in
/etc/security/passwd). Ideally this should be run on the source system
before
copying over the files as well as after porting these files to the new system.
NOTE: It is possible to find user ID conflicts when migrating users from
older versions of AIX to newer versions. AIX has added new user IDs in
different release cycles. These are reserved IDs and should not be deleted.
If your old user IDs conflict with the newer AIX system user IDs, it is advised
that you assign new user IDs to these older IDs.
No comments:
Post a Comment