?
Solved

Using DSDE to Export a Particular OU to XML

Posted on 2007-10-02
5
Medium Priority
?
894 Views
Last Modified: 2009-02-21
Hi all,

I would like to export an particular subTree of an Organisational Unit in an Active Directory domain to XML. I have installed DSFW on the server and can run the following command successfully:

C:\DSFW\Tools>dsde /mode export /baseDN DC=domain,dc=local /server http://servername.domain.local/dsml/adssoap.dsmlx /protocol DSML /output C:\TEMP\AD.xml /attributes name,sn,givenName,title,telephoneNumber,objectClass,uid /scope subTree

However, this exports everything in the domain.

The tree in AD is as follows that I want to export:

+ Active Directory Users and Groups
++ domain.local
+++ TREE1
++++ TREE2
+++++ TREE3

Where TREE3 contains a number of sub folders (organisational units) and TREE1, TREE2, and TREE3 are organisation units themselves.

I suspect the /baseDN line needs to be changed however, if I change it to /baseDN OU=TREE3,OU=TREE2,OU=TREE1,DC=domain,DC=local then "0 entries were exported successfully".

Also, what's the attribute for the e-mail address of the users? I would like this to be in the XML too.

Any help much appreciated.

Regards,

Ben.
0
Comment
Question by:webtechy
  • 2
3 Comments
 
LVL 19

Expert Comment

by:aissim
ID: 19999691
You're probably correct about the DN path needing some tweaking....for one, if any of the three trees have a space in their name enclose the whole thing in quotes:

/baseDN "OU=Tree 3,OU=Tree 2,OU=Tree 1,DC=domain,DC=local"

Also, make sure all three are indeed OUs and not containers. Say for instance your top level (Tree1) is the default Users folder it would be.....OU=Tree3,OU=Tree2,CN=Users,DC.......

And the e-mail attribute is just 'mail'.
0
 
LVL 2

Author Comment

by:webtechy
ID: 20004835
Thanks Aissim. I did actually try that with no joy. The icon looks like OU groups/folders - are the icons fro containers the same as OU groups? (Not got access to the machine to tell at the moment).
0
 
LVL 19

Accepted Solution

by:
aissim earned 1000 total points
ID: 20007926
The containers are just blank folder icons, whereas the OUs have a little open book on the folder icon.

You could try coming up a couple levels with your baseDN, say to Tree1, just to see if that is successful and the syntax is correct.

/baseDN OU=Tree1,DC=domain,DC=local
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question