Migration from NethService/SME Server

Migration is the process to convert a SME Server/NethService machine (source) into a NethServer (destination).


Before running the migration procedure, read carefully all the sections of this chapter.

  1. In the source host, create a full backup archive and move it to the destination host.

  2. In the destination host, install all packages that cover the same features of the source.

  3. Explode the full backup archive into some directory; for instance, create the directory /var/lib/migration.

  4. In destination host, signal the event migration-import:

    signal-event migration-import /var/lib/migration

    This step will require some time.

  5. Check for any error message in /var/log/messages:

    grep -E '(FAIL|ERROR)' /var/log/messages


No custom template is migrated during the migration process. Check the new template files before copying any custom fragment from the old backup.

Accounts provider

You should configure an accounts provider before starting the migration procedure.

  • If the source system was joined to an Active Directory domain (Samba server role was ADS), configure a remote Active Directory accounts provider.
  • If the source system was a NT Primary Domain Controller (Samba server role was PDC) install a local Active Directory accounts provider.
  • If access to Shared Folders on the destination system requires user authentication, install a local Active Directory accounts provider.
  • In any other case, install a local LDAP accounts provider.


If you choose a local Active Directory accounts provider, remember to fully configure and start the DC before executing the migration-import event. See Account providers.


Before running NethServer in production, some considerations about the network and existing mail client configurations are required: what ports are in use, if SMTPAUTH and TLS are enabled. Refer to Client configuration and Special SMTP access policies sections for more informations.

In a mail server migration, the source mail server could be on production even after the backup has been done, and email messages continue to be delivered until it is taken down permanently.

An helper script based on rsync is provided by package nethserver-mail-server. It runs on the destination host and synchronizes destination mailboxes with the source host:

    /usr/share/doc/nethserver-mail-server-<VERSION>/sync_maildirs.sh [-h] [-n] [-p] -s IPADDR
        -h          help message
        -n          dry run
        -p PORT     ssh port on source host (default 22)
        -s IPADDR   rsync from source host IPADDR
        -t TYPE     source type: sme8 (default), ns6

The source host at IPADDR must be accessible by the root user, through ssh with public key authentication.


The SSL cipher suite configuration is not migrated automatically because the source system uses a weak cipher suite by default. To migrate it manually, execute the following commands:

config setprop httpd SSLCipherSuite $(db $MIGRATION_PATH/home/e-smith/db/configuration getprop modSSL CipherSuite)
signal-event nethserver-httpd-update


The ibay concept has been superseded by Shared folders. Supported protocols for accessing Shared folders are:

  • SFTP, provided by the sshd daemon
  • SMB file sharing protocol, typical of Windows networking, implemented by Samba


Read carefully the Shared folders section in the Upgrade from NethServer 6 chapter, because the connection credentials may change when migrating to NethServer 7.

Starting from NethServer 7, Shared folders are not configurable for HTTP access. After migration-import event, old ibays could be migrated according to the following rules of thumb:

  1. If the ibay was a virtual host, install the “Web server” module from the Software center page. Copy the ibay contents to the virtual host root directory. Refer to Virtual hosts.

  2. If the ibay access was restricted with a secret password (for instance, to share contents with a group of people across the internet), the Virtual hosts page still offers the same feature. Also the Nextcloud module could be a good replacement.

  3. If the ibay contents were accessible with an URL like http://<IP>/ibayname the easiest procedure to keep it working is moving it to Apache document root:

    mv -iv /var/lib/nethserver/ibay/ibayname /var/www/html/ibayname
    chmod -c -R o+rX /var/www/html/ibayname
    db accounts delete ibayname
    signal-event nethserver-samba-update