Solved

LDIFDE Import AD Account and Set Password

Posted on 2011-03-14
4
2,415 Views
Last Modified: 2012-05-11
Hello I am trying to use LDIFDE to import a user account and set the user's password. I am sucessful in importing the user but I do not understand the syntax for setting the user's password in the add step.

Here is what I am using to sucessfully create the user account. (account is created with blank password and is flagged as disabled due to no password)

--------------------------------------------------------------------------------

dn: CN=user0234567,OU=2010,OU=Students,OU=Customers,DC=mydomain,DC=edu
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: user0234567
sn: Doe
description: 123456
givenName: John
initials: E
displayName: John Doe
name: user0123456
accountExpires: 129472308000000000
sAMAccountName: 0123456
userPrincipalName: user0123456@witcc.edu
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=mydomain,DC=edu

--------------------------------------------------------------------------------------


I would like to have the user account enabled and set the password to a static string of something like     USER12345

Can someone tell me what I need to add to this ldf file to accomplish this?

thank you!
0
Comment
Question by:miteldatanet
  • 2
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35133209
You have this Question in two Zones... Are you using AD 2003 or AD 2008, and what is the OS you are using to do the import?
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35133283
In your Example above:

dn: CN=user0234567,OU=2010,OU=Students,OU=Customers,DC=mydomain,DC=edu
changetype: modify
replace: unicodePwd
unicodePwd::IgBuAGUAdwBQAGEAcwBzAHcAbwByAGQAIgA=

Source: http://support.microsoft.com/kb/263991

If memory serves, you have to create the account first, then set the password, then undisable it.  The item for lockout is, if memory serves, useraccountcontrol, but I cannot remember how to change it from disabled to enabled.

DrUltima
0
 

Accepted Solution

by:
miteldatanet earned 0 total points
ID: 35343893
We ended up using DSADD and a CSV to accomplish what we need.
0
 

Author Closing Comment

by:miteldatanet
ID: 35372965
could not get ldefide to import password.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Synchronize a new Active Directory domain with an existing Office 365 tenant
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question