Need help with removing data from an LDIFde export of users

Hi everyone,
Ok so I've exported a group of users from a server to be imported on another new server. When I export the users all their information is exported fine, however at the end of each entry I get a few additional lines of data starting with dsCorePropagationData
example:
dsCorePropagationData:2498416498464

After working on the import of the users that kept failing I realized that it was these lines of data that were causing the import to fail. After removing the lines the user entry would import without a problem.

Here is the command I'm using to export the users.

Ldifde f dndousers.ldf s nstd-admin d "OU=dndousers, dc=initech,dc=org" -p subtree -r
"(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount,
memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"

How do I get this to export these users without including this dsCorePropagationData?

Let me know if you know or if you have any further questions.

LVL 1

nstd-stsAsked: 2008-06-09

Who is Participating?

LVL 1

nstd-stsAuthor Commented: 2008-06-10

Ldifde f dndousers.ldf s bolton01 d "OU=dndousers, dc=initech,dc=org" -p subtree -r
"(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount,
memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"

There is the command I use to export, if you think I can use a -l one better then write me up the correct command and if it works you win! lol

Thanks for you help.

LVL 51

Netman66Commented: 2008-06-09

I'm not sure all of those attributes can be migrated in this manner. That attribute (dsCorePropagationData) seems to be a System flag for data that needs to replicate to a Global Catalog. I would imagine some of the attributes you are attempting to capture are in that set.

Have you attempted to move some users with ADMT? I think this would be a cleaner method.

LVL 1

nstd-stsAuthor Commented: 2008-06-10

ADMT doesn't work for what we are doing, we aren't moving users we are just copying them and to totally different networks that are not connected in anyway.

All the specific attributes in that ldifde command are the ones being ignored and not exported, I've done this same method with new user accounts for testing and that extra information isn't included in the export so I'm guessing it is something thats added due to all the extra information thats attached to these user accounts, I just don't know which one.

LVL 1

nstd-stsAuthor Commented: 2008-06-10

Here is an example of what I'm getting, I understand now that the problem is being caused because I have three entries that are the same, I just need to know how to either stop them from being exported or a good way of removing them from my output. It was fine when I had to move 16 users, now I'm up against copying 250 and I can't manually go through and remove the entries.

> dSCorePropagationData: 20040917192502.0Z
> dSCorePropagationData: 20040917192502.0Z
> dSCorePropagationData: 20040917192502.0Z
> dSCorePropagationData: 16010108151056.0Z

LVL 51

Netman66Commented: 2008-06-10

I would think it's the password information (not the password itself) - like last set, bad password count, etc.

Since those are somewhat urgent replication attributes they would likely cause the dsCorePropogationData to be set.

Try only the user account first to see if that is successful.

LVL 1

nstd-stsAuthor Commented: 2008-06-10

Those attributes are ignored in the command with the -o

LVL 51

Netman66Commented: 2008-06-10

Funny, I looked at that a number of times and only realized after your last post that the command was for Export... wow...I sure need some glasses.

Try exporting using -l with specific attributes (like "cn,givenName,objectclass,samAccountName") instead of the -o switch to omit.