Solved

Need help with removing data from an LDIFde export of users

Posted on 2008-06-09
13
1 solution
851 Views
Last Modified: 2012-06-27
Hi everyone,
Ok so I've exported a group of users from a server to be imported on another new server. When I export the users all their information is exported fine, however at the end of each entry I get a few additional lines of data starting with dsCorePropagationData
example:
dsCorePropagationData:2498416498464

After working on the import of the users that kept failing I realized that it was these lines of data that were causing the import to fail. After removing the lines the user entry would import without a problem.

Here is the command I'm using to export  the users.

Ldifde f dndousers.ldf s nstd-admin d "OU=dndousers, dc=initech,dc=org" -p subtree -r
"(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount,
memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"

How do I get this to export these users without including this dsCorePropagationData?

Let me know if you know or if you have any further questions.
0
Comment
Question by:nstd-sts
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Join The Community
  • 6
  • 3
13 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 21747339
I'm not sure all of those attributes can be migrated in this manner.  That attribute (dsCorePropagationData) seems to be a System flag for data that needs to replicate to a Global Catalog.  I would imagine some of the attributes you are attempting to capture are in that set.  

Have you attempted to move some users with ADMT?  I think this would be a cleaner method.


0
 
LVL 1

Author Comment

by:nstd-sts
ID: 21750641
ADMT doesn't work for what we are doing, we aren't moving users we are just copying them and to totally different networks that are not connected in anyway.

All the specific attributes in that ldifde command are the ones being ignored and not exported, I've done this same method with new user accounts for testing and that extra information isn't included in the export so I'm guessing it is something thats added due to all the extra information thats attached to these user accounts, I just don't know which one.
0
 
LVL 1

Author Comment

by:nstd-sts
ID: 21751304
Here is an example of what I'm getting, I understand now that the problem is being caused because I have three entries that are the same, I just need to know how to either stop them from being exported or a good way of removing them from my output. It was fine when I had to move 16 users, now I'm up against copying 250 and I can't manually go through and remove the entries.

> dSCorePropagationData: 20040917192502.0Z
> dSCorePropagationData: 20040917192502.0Z
> dSCorePropagationData: 20040917192502.0Z
> dSCorePropagationData: 16010108151056.0Z
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Start My Trial Now
 
LVL 51

Expert Comment

by:Netman66
ID: 21751326
I would think it's the password information (not the password itself) - like last set, bad password count, etc.

Since those are somewhat urgent replication attributes they would likely cause the dsCorePropogationData to be set.

Try only the user account first to see if that is successful.
0
 
LVL 1

Author Comment

by:nstd-sts
ID: 21752412
Those attributes are ignored in the command with the -o
0
 
LVL 51

Expert Comment

by:Netman66
ID: 21752636
Funny, I looked at that a number of times and only realized after your last post that the command was for Export...  wow...I sure need some glasses.


Try exporting using -l with specific attributes (like "cn,givenName,objectclass,samAccountName") instead of the -o switch to omit.

0
 
LVL 1

Accepted Solution

by:
nstd-sts earned 0 total points
ID: 21752845
Ldifde f dndousers.ldf s bolton01 d "OU=dndousers, dc=initech,dc=org" -p subtree -r
"(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount,
memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"

There is the command I use to export, if you think I can use a -l one better then write me up the correct command and if it works you win! lol

Thanks for you help.
0
 
LVL 1

Author Comment

by:nstd-sts
ID: 21867947
finished
0
 
LVL 1

Author Comment

by:nstd-sts
ID: 21868372
Basically I'm just going to use a fine and replace to take out all the data that is causing the problems.
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Register Now
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question
How to resolve Exchange 2013 DR server Database Copy Status Displays unknown in the ECP console
Article by: Ganesh Kumar
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Security updates for Microsoft End of Life operating systems..
Article by: Andrew
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Backup Exec 2012 – Deploying Remote Agents to Servers
Video by: Rodney
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
How to remove "Get Windows 10" icon from the notification area (system tray) - Part 1
Video by: Joe
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Advertise Here

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Advertise Here