# Migrating users from one ACS 5.5 system to another



## davoje (Sep 29, 2014)

Hi folks,

I need to be able to migrate users from one 5.5 system to another. This is due to a 4.2 to 5.5 migration stalling allowing the new 5.5 to get out of sync with the live 4.2. Changes made in the 5.5 system (group mappings etc) would be lost if we re-migrate from 4.2.

So I've developed a process to update the new 5.5 from the live 4.2 which migrates to a temp 5.5 first then:

Export data from the temp 5.5Munge the data using locally grown scripts to the new 5.5 layout
Import the resulting munged data to the new 5.5 primary

This worked fine for the devices (some 900 odd) but I can't get it to work for the users (nearly 3,000) because the exported data from the temp 5.5 system does seem to contain the users local passwords. Device exports do contain the shared secrets though.


Does anyone know a way to migrate users (including passwords) from one 5.5 to another?


It would be easy if we could make the temp 5.5 a primary and suck the data onto the live 5.5 but the configs are radically different so we can't do it that way.


We could re-migrate from 4.2 to the live 5.5 but then we'll need to make a lot of manual changes (users into groups, devices into groups etc) to get it working before we can cut over..


TIA
Dave


----------

