bernhard: doc/raw-howtos move-rename-user.txt,NONE,1.1

cvs at intevation.de cvs at intevation.de
Wed Mar 22 11:41:15 CET 2006 

Author: bernhard

Update of /kolabrepository/doc/raw-howtos
In directory doto:/tmp/cvs-serv25332

Added Files:
	move-rename-user.txt 
Log Message:
Adding new raw instruction document.


--- NEW FILE: move-rename-user.txt ---
How to migrate a set of users to another server while potentially renaming.
---------------------------------------------------------------------------
Principal Author: Bernhard Reiter
Relevance: Kolab Server 2.0.x, Kolab Server 2.1.x
Tested with Kolab Server 2.1.0-beta1

Goal: Manually move a user from one server and domain to another, 
      potentially renaming it on the way. 

Remarks: 
      Manually means: using the command line as root on both servers.
      It probably is more elegant and desireable 
      to implement all this with a tool that speaks imap.
      Nevertheless, this text contains some hints for manual intervention
      for the experienced administrator. 

Old user: 	user.a at old.example.org
New user: 	user.b at new.example.org

We need to consider:
	Emails
		Permissions
		Quota
		Annotations
		Seen DB
		Subscriptions
		

	Notes:  no problem expected.
	Tasks:  might be interesting if a task has been delegated (TODO)
	Contacts: no problem expected for the user.
		  Other might have saved the old email address,
		  see calendar items below.

	LDAP entries:  outside the scope of this instructions
		Quota
		FreeBusy Intervall
 
	Calendar-Items:  an alias for the old email address might be handy
		         for updates to reach everybody and freebusy lists.
		Subcases: a) Organiser (TODO)
			  b) Attendee (TODO)

Instructions:
-------------

a) Make sure no email comes in and the user cannot log in.

b) Create the fresh user user.b at new.example.org on the new server
   via the directory server.
   This account should also have the right quota for the quotaroot.

c) Most recovery operations have to be done as Cyrus user, so switch to it.
 	su - kolab-r

d) For better comparison, dump out the mailbox.db
   (You do have a backup of both servers anyway, right?)

	ctl_mboxlist -d >mailbox-dump-old.txt

e) Copy the files from the old server, including the cyrus.* 
   E.g. if on the same file system:
	cp -a imapd/spool/domain/old.example.org/user/user^a \
	      imapd/spool/domain/new.example.org/user/user^b

f) Before reconstruction, we have to decide where to get the information from
   that will populate the mailboxes.db.

   cyrreconstruct -f (without -x) will use some out of cyrus.header 
   and cyrus.index. But cyrus.header still contains the old domain
   and email names for quota root and permissions.

   We can fix this by replacing this information in the copied files.
   There are many unix ways to do this, my suggestion is rpl
   (the Free Software implementation in Python from Debian
    http://packages.qa.debian.org/r/rpl.html ).

   We only have one quota root to fix, so here one replacement will do:

         rpl -R -xcyrus.header 'old.example.org!user.user^a' \
                                'new.example.org!user.user^b'   ./user^b

  But permissions might have granted for several other users.
  Assuming that we move them all from old.example.org to new.example.org,
  we can adjust all domain parts:

   rpl -R -xcyrus.header '@old.example.org' '@new.example.org' ./user^b
 
  Now for each changed user name, we can do a replacement like:

   rpl -R -xcyrus.header 'user.a@' 'user.b@' user^b

  If only a part of the users is moved,
  a detailed list for the replacements have to be used.

e) Now we can add the new user to the mailboxes.db:
	cyrreconstruct -rf user/user^b at new.example.org

   For a double check, have a look at the difference
	ctl_mboxlist -d >mailbox-dump-new.txt
        diff mailbox-dump-old.txt mailbox-dump-new.txt

f) The /vendor/kolab annotations should be copied, 
   because they indicate what a folder contains, e.g. a calendar.

   There is a perl script listannotations.pl in
	http://kolab.org/cgi-bin/viewcvs-kolab.cgi/utils/admin/
   which can help a bit, see the documentation within the script how to use it.

g) The "Seen" db saves which email is unread and which read.
   To preserve this information (optional), we can try to copy it over.
   Depending on the structure of the new mailbox, 
   this might not work, but it is worth a try:

 	cp -a ./domain/o/old.example.org/user/a/user^a.seen \
	      ./domain/n/new.example.org/user/b/user^b.seen

h) Optionally we can preserve the information which folders the user
   subscribed, to.
	cp -a ./domain/o/old.example.org/user/a/user^a.sub \
	      ./domain/n/new.example.org/user/b/user^b.sub
   Now again we need to replace the old user and domain with the new one:
         rpl -R -x cyrus.header 'old.example.org!user.user^a' \
                                'new.example.org!user.user^b'   ./user^b

i) Fix the quota (for all users)
	cyrquota -f

$Id: move-rename-user.txt,v 1.1 2006/03/22 10:41:13 bernhard Exp $

More information about the commits mailing list