Issue Dovecot backup/sync to second server fails - Error: auth-master: userdb lookup

[kassi]

Server operating system version

Ubuntu 18.04.6 LTS

Plesk version and microupdate number

Obsidian 18.0.52 Update #3

Hi there,
I am trying to prepare for a server failover (having 2 servers and a ClusterIP in place I want to switch when everything is migrated).
Most of the work is done via panel-migrator (through ansible), but I don't want to lose data that changed/arrived in the meantime. Therefore:

Before switching IPs, I'd like to sync the mails once more, then switch, then do a last sync for everything that arrived again.

I am having trouble with a couple of things:

root@source# doveadm -Dv sync -1 -A remote:hostname.desination.server
Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message)
Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so
Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message)
Debug: auth-master: userdb list: Started listing users (user_mask=)
Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb: Connecting
Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb (pid=17744,uid=0): Client connected (fd=10)
Error: auth-master: userdb list: User listing returned failure
Debug: auth-master: userdb list: Listing users failed
Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb (pid=17744,uid=0): Disconnected: Connection closed (fd=10)

doveadm: Error: Failed to iterate through some users

This seems to be another open issue: Question - Dovecot Error: auth-master: userdb list: User listing returned failure

Workaround: I could iterate through the users by

root@source# plesk bin mail --list | egrep '^Mail name' | awk '{print $3}' | xargs -n 1 -I{} doveadm -Dv sync -1 -u {} remote:hostname.desination.server

However a single user won't even sync:

root@source# doveadm -Dv sync -1 -u [email protected] remote:hostname.desination.server
service=doveadm, [email protected], ip=[]. Error: auth-master: userdb lookup([email protected]): connect(/var/run/dovecot/auth-userdb) failed: Connection refused
doveadm([email protected]): Error: User lookup failed: Internal error occurred. Refer to server log for more information.

Here's how it's set up, pretty much plesk standard (I even tried plesk repair mail)

root@source# ls -l /var/run/dovecot/auth-userdb
srw------- 1 popuser popuser 0  /var/run/dovecot/auth-userdb

root@source# ls -la /etc/dovecot/conf.d
-rw-r--r-- 1 root root  28  10-master.conf
-rw-r--r-- 1 root root 537  10-plesk-security.conf
-rw-r--r-- 1 root root 476  11-plesk-security-ssl.conf
-rw-r--r-- 1 root root 386  15-plesk-auth.conf
-rw-r--r-- 1 root root 384  20-plesk-quota-warning.conf
-rw-r--r-- 1 root root 244  21-plesk-additional-symbols.conf
-rw-r--r-- 1 root root 780  90-plesk-sieve.conf
-rw-r--r-- 1 root root 207  92-plesk-service-imap.conf
-rw-r--r-- 1 root root 213  92-plesk-service-imap-login.conf
-rw-r--r-- 1 root root 207  92-plesk-service-pop.conf
-rw-r--r-- 1 root root 213  92-plesk-service-pop-login.conf
-rw-r--r-- 1 root root 184  92-plesk-userip_connections.conf

root@source# cat /etc/dovecot/conf.d/10-master.conf
# Avoid getting dovecot startup errors:
# dovecot: config: Warning: service auth { client_limit=1000 } is lower than required under max. load (2248).
default_client_limit = 2500

root@source# cat /etc/dovecot/conf.d/15-plesk-auth.conf
##
## Authentication for Plesk mail users.
##

# PLEASE DON'T EDIT ANYTHING IN THIS FILE! ANY CHANGES WILL BE LOST ON UPGRADE.

service auth { # applies when blocking=no
  user =
  group =
}

service auth-worker { # applies when blocking=yes
  user =
  group =
}


passdb {
  driver = plesk
}

userdb {
  driver = static
  args = uid=popuser gid=popuser
}

# vim:ts=2 sts=2 sw=2 et:

I tried granting read permissions to /var/run/dovecot/auth-userdb (0644) but without effect.
When I try running as popuser I don't even get to the point of auth because popuser obviously can't login to the remote.
Interestingly: If I use mdbox:/tmp/mailbackup instead of remote: then it seems to work. destination server is set up identically with same conf files etc, as mentioned before: initially migrated with panel-migrator.

How can I solve this and have a safe sync without loss of emails, best without installing yet another extension (which I would need to trigger from the command line).
Actually thinking about a simple rsync of the mail base folder, but I don't know what may not be working afterwards due to some differences in ids maybe.