How to Extend the Active Directory Schema Using an LDIF File

hcl_ptc used Ask the Experts™

I am not able to import the "ConfigMgr_ad_schema.ldf" (sccm schema upgrade), please see the below error message

E:\ConfigMgr07SP2Eval_RTM_ENU\SMSSETUP\BIN\I386>ldifde -i -f ConfigMgr_ad_schema
.ldf -v -j c:\sccm.txt
Invalid Parameter: Bad argument '-i'

LDIF Directory Exchange

General Parameters
-i              Turn on Import Mode (The default is Export)
-f filename     Input or Output filename
-s servername   The server to bind to (Default to DC of computer's domain)
-c FromDN ToDN  Replace occurences of FromDN to ToDN
-v              Turn on Verbose Mode
-j path         Log File Location
-t port         Port Number (default = 389)
-u              Use Unicode format
-w timeout      Terminate execution if the server takes longer than the
                specified number of seconds to respond to an operation
                (default = no timeout specified)
-h              Enable SASL layer encryption
-?              Help

Export Specific
-d RootDN       The root of the LDAP search (Default to Naming Context)
-r Filter       LDAP search filter (Default to "(objectClass=*)")
-p SearchScope  Search Scope (Base/OneLevel/Subtree)
-l list         List of attributes (comma separated) to look for
                in an LDAP search
-o list         List of attributes (comma separated) to omit from
-g              Disable Paged Search.
-m              Enable the SAM logic on export.
-n              Do not export binary values
-x              Include deleted objects (tombstones)

-k              The import will go on ignoring 'Constraint Violation'
                and 'Object Already Exists' errors
-y              The import will use lazy commit for better performance
                (enabled by default)
-e              The import will not use lazy commit
-q threads      The import will use the specified number of threads
                (default is 1)

Credentials Establishment
Note that if no credentials is specified, LDIFDE will bind as the currently
logged on user, using SSPI.

-a UserDN [Password | *]            Simple authentication
-b UserName Domain [Password | *]   SSPI bind method

Example: Simple import of current domain
    ldifde -i -f INPUT.LDF

Example: Simple export of current domain
    ldifde -f OUTPUT.LDF

Example: Export of specific domain with credentials
    ldifde -m -f OUTPUT.LDF
           -s SERVERNAME
           -d "cn=users,DC=DOMAINNAME,DC=Microsoft,DC=Com"
           -r "(objectClass=user)"
No log files were written.  In order to generate a log file, please
specify the log file path via the -j option.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

your LDIFDE syntax looks correct. Did you copy+paste the command maybe from some other web site? Please try again by typing the command manually at the console... it could be a strange character content set in the clipboard


I hope you have edited the ldf file for the domain name parameters


Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial