Scenario: While my question basically pertains to ldif the reason for it is that we are trying to implement user based quarantine for the barracuda anti-spam firewall. We have a parent and a child domain. We can point the barracuda to either a DC in the parent domain or a DC in the child domain and it resolves the ldap query for users in each respective domain but cannot point to one domain and resolve users in both the parent and child. The barracuda does not allow you to point to more than one domain controller for ldap and we cannot get it work even when we point to the GC server. Barracuda tech support has recommended that we run ldif on DC's in both domains to compare users in both domains to see if for some reason AD is not updating/replicating correctly between the parent/child domain.
I am a ldifde newbie. I know I need to use the export command, but I want be sure that I am only making a COPY of users into a txt file and that I will not be literally exporting users out of my domain controllers. I am probably reading too much into this command, but I want to be absolutely sure before I do it. I was planning on using the following command because the barracuda uses SAMAccountName as the LDAP UID.
ldifde -f domainusers.txt -s xyzdc1 -d "dc=Mydomain,dc=local" -p subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -l "cn=givenName,objectclass,samAccountName
We have Win Server 2003, Any help or guidance would be appreciated. Thanks,