work-work.work-logo: A man with brains and a shovel

work-work.work

A blog about goals and obstacles, motivation and procrastination, life's random events and getting things done.

Samba Migrate User Accounts

I run a Samba file server on Ubuntu in my company. Moving from an old to a new server means I have to copy the share-data and the samba config file /etc/smb.conf.

Moving the user accounts is not hard if you know where to look. I'm not running a domain controller active directory, ldap or anything. That means, my user data is in these files:

  • /etc/passwd (users)
  • /etc/shadow (hashed passwords)
  • /etc/skel (the template for /home/$newuser/)
  • /etc/group (system groups)
  • /var/lib/samba/passdb.tdb

Copy Users and Passwords

Don't just copy /etc/passwd and /etc/shadow. Instead copy paste the lines of the users to the corresponding files on your new server. In my case those where the users with in id of 1000 and higher. Don't copy paste the system users.

Copy Samba passwords

Samba can't use /etc/shadow because it uses a different hash algorithm. So each user has an entry in passdb.tdb. That file is binary but in my case it was okay to copy it completely.

The location has changed. On my old server passdb.tdb was in /var/lib/samba/ and the new server has it in /var/lib/samba/private/. If you want to find the right location this command might help

$ smbd -b |grep -e 'PRIVATE_DIR'
PRIVATE_DIR: /var/lib/samba/private

After copying the passdb.tdb file, I restarted samba

$ service smbd restart

I did not copy the /etc/group file (yet). So far, the transition went smoothly, the users did not have to reset their password.

Changing passwords by hand

In case you want to change a user password, it is a good idea to use

$ smbpasswd -U username

that will also update the regular password of that user on this linux machine if /etc/samba/smb.conf has the setting

unix password sync = yes