LDIFDE - Export / Import data from Active Directory - LDIFDE commands 2 (AN: 555636)
SUMMARYLDIFDE is a robust utility. This utility enabled you to import/export information from/to Active Directory. LDIFDE queries any available domain controller to retrieve/update AD information. MORE INFORMATION16. Sample Import/Modify File Format: One More Example (More than one user) dn: CN=Jane Doe,OU=Staff,DC=microsoft,DC=com changetype: modify replace: streetAddress streetAddress: 1450 Bum Street - replace: st st: Some Street Name - Replace: postalCode postalCode: some postal code - --------------- This blank line must be presented dn: CN=Nirmal,OU=Staff,DC=microsoft,DC=com changetype: modify replace: streetAddress streetAddress: 1450 Bum Street - replace: st st: Some Street Name - Replace: postalCode postalCode: some postal code - This needs a little more explanation. The line beginning with dn indicates which Active Directory object is being worked with. In the case, it is being modified as indicated by the changetype line. Next, the import file is requesting a replacement of the object’s street address, the data for which is given on the next line followed by a dash, which indicates that this modification record is to continue. Next, l (locality or city), st (state), and postalCode (postal code) are all modified. Note the blank line between the last dash of the first record and the first line of the second record. This is critical. If you don’t include it, the modification won’t work. 18. Sample Delete file Format: dn: CN=Jack Brown, OU=Boston, DC=sanao, DC=com changetype: delete 19. Sample Delete file Format – Deleting more than one user dn: CN=Jack Brown, OU=Boston, DC=sanao, DC=com changetype: delete dn: CN=Nirmal, OU=Boston, DC=sanao, DC=com changetype: delete 20. Sample – Delete a property or a value: dn: CN=Jack Brown, OU=Boston, DC=sanao, DC=com changetype: modify delete: otherHomePhone otherHomePhone: 123 456[*] - 21. The following sample Ldif file (chPwd.ldif) changes a password to newPassword: dn: CN=Jack Brown, OU=Boston, DC=sanao, DC=com changetype: modify replace: unicodePwd unicodePwd:: IgBuAGUAdwBQAGEAcwBzAHcAbwByAGQAIgA= - 22. Exportuser.ldf sample file : Exported from a Windows 2003 Computer: dn: CN=nirmal,CN=Users,DC=test,DC=local changetype: add objectClass: top objectClass: person objectClass: organizationalPerson objectClass: user cn: nirmal sn: Last Name Field c: IN l: City Field st: State Field title: GIS Sports Complex description: Description Field postalCode: Zip Field postOfficeBox: PO Box Field physicalDeliveryOfficeName: Office Name telephoneNumber: Tele No. Field givenName: First Name Field initials: INT distinguishedName: CN=nirmal,CN=Users,DC=test,DC=local instanceType: 4 whenCreated: 20060308085141.0Z whenChanged: 20060311150958.0Z displayName: Display Name uSNCreated: 13920 memberOf: CN=Domain Admins,CN=Users,DC=test,DC=local memberOf: CN=Enterprise Admins,CN=Users,DC=test,DC=local memberOf: CN=Domain Controllers,CN=Users,DC=test,DC=local memberOf: CN=Domain Computers,CN=Users,DC=test,DC=local uSNChanged: 20503 co: India department: GIS company: Computer Sciences Corporation streetAddress:: U3RyZWV0IEZpZWxkDQpTdHJlZXQgRmllbGQgMg0KU3RyZWV0IEZpZWxkIDM= wWWHomePage: Web Page Field name: nirmal objectGUID:: QT2p8Y8UzECVvx91vYky/A== userAccountControl: 524802 badPwdCount: 0 codePage: 0 countryCode: 356 homeDirectory: \\amppfilerp01\hkmtmt$ homeDrive: H: badPasswordTime: 0 lastLogoff: 0 lastLogon: 0 scriptPath: qchain.vbs logonHours:: //////////////////////////// pwdLastSet: 0 primaryGroupID: 513 userParameters:: ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUAcaCAFDdHhDZm dQcmVzZW5045S15pSx5oiw44GiGAgBQ3R4Q2ZnRmxhZ3Mx44Cw44Gm44Cy44C5EggBQ3R4U2hhZG93 44Sw44Cw44Cw44CwKgIBQ3R4TWluRW5jcnlwdGlvbkxldmVs44SwGDwBQ3R4V0ZIb21lRGly5oy15o y145C344S344y246C244S246S25pS244iz5oi244yz44C344y25oy145C244S245C344S25oy145C3 44y344C344i35pi245i246S25oy245S244CwIgYBQ3R4V0ZIb21lRGlyRHJpdmXmhLXmhLPjgLAgPg FDdHhXRlByb2ZpbGVQYXRo5oy15oy145C344S344y246C244S246S25pS244iz5oi244yz44C344y2 5oy144C344i35pi245i246S25oy245S244y35oy15pS246S244i35pC244S25oy244Cw profilePath: \\tqchain2k3pc\profiles\nirmal objectSid:: AQUAAAAAAAUVAAAAFoIlbwob4KTIZWgJVAQAAA== adminCount: 1 accountExpires: 9223372036854775807 logonCount: 0 sAMAccountName: SAMLNAME sAMAccountType: 805306368 userPrincipalName: LogonName@test.local objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=test,DC=local msNPAllowDialin: FALSE mail: EmailField@ssss.com homePhone: 9831039062 23. Import Example user account entry with all required and optional fields dn: CN=user1,CN=Users,DC=domain,DC=com changetype: add accountExpires: 0 codePage: 0 cn: zach countryCode: 0 displayName: Test User instanceType: 4 logonHours:: //////////////////////////// distinguishedName: CN=user1,CN=Users,DC=domain,DC=com objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=domain,DC=com objectClass: user name: User1 sAMAccountName: user1 userAccountControl: 66048 uSNChanged: 1556 uSNCreated: 1556 whenChanged: 20001012214849.0Z whenCreated: 20001012214849.0Z LDIFDE General Parameters: Import Specific Paramenters -i Turn on Import Mode (The default is Export) -f filename Input or Output filename -s servername The server to bind to -c FromDN ToDN Replace occurrences of FromDN to ToDN -v Turn on Verbose Mode -j Log File Location -t Port Number (default = 389) -? Help Export Specific Parameters -d RootDN The root of the LDAP search (Default to Naming Context) -r Filter LDAP search filter (Default to "(objectClass=*)") -p SearchScope Search Scope (Base/OneLevel/Subtree) -l list List of attributes (comma separated) to look for in an LDAP search. -o list List of attributes (comma separated) to omit from input -g Disable Paged Search -m Enable the SAM logic on export -n Do not export binary values Import Specific Parameter -k The import will go on ignoring 'Constraint Violation' and 'Object Already Exists' errors Credentials Parameters -a Sets the command to run using the supplied user distinguished name and password. For example: "cn=yourname,dc=yourcompany,dc-com password" -b Sets the command to run as username domain password. The default is to run using the credentials of the currently logged on user. APPLIES TO
COMMUNITY SOLUTIONS CONTENT DISCLAIMER MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES. | Article Translations
|
| United States | Change | | | All Microsoft Sites |
Help and Support
Back to the top
|
