Solved

LDIFDE Import AD Account and Set Password

Posted on 2011-03-14
4
2,526 Views
Last Modified: 2012-05-11
Hello I am trying to use LDIFDE to import a user account and set the user's password. I am sucessful in importing the user but I do not understand the syntax for setting the user's password in the add step.

Here is what I am using to sucessfully create the user account. (account is created with blank password and is flagged as disabled due to no password)

--------------------------------------------------------------------------------

dn: CN=user0234567,OU=2010,OU=Students,OU=Customers,DC=mydomain,DC=edu
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: user0234567
sn: Doe
description: 123456
givenName: John
initials: E
displayName: John Doe
name: user0123456
accountExpires: 129472308000000000
sAMAccountName: 0123456
userPrincipalName: user0123456@witcc.edu
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=mydomain,DC=edu

--------------------------------------------------------------------------------------


I would like to have the user account enabled and set the password to a static string of something like     USER12345

Can someone tell me what I need to add to this ldf file to accomplish this?

thank you!
0
Comment
Question by:miteldatanet
  • 2
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35133209
You have this Question in two Zones... Are you using AD 2003 or AD 2008, and what is the OS you are using to do the import?
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 35133283
In your Example above:

dn: CN=user0234567,OU=2010,OU=Students,OU=Customers,DC=mydomain,DC=edu
changetype: modify
replace: unicodePwd
unicodePwd::IgBuAGUAdwBQAGEAcwBzAHcAbwByAGQAIgA=

Source: http://support.microsoft.com/kb/263991

If memory serves, you have to create the account first, then set the password, then undisable it.  The item for lockout is, if memory serves, useraccountcontrol, but I cannot remember how to change it from disabled to enabled.

DrUltima
0
 

Accepted Solution

by:
miteldatanet earned 0 total points
ID: 35343893
We ended up using DSADD and a CSV to accomplish what we need.
0
 

Author Closing Comment

by:miteldatanet
ID: 35372965
could not get ldefide to import password.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question