Solved

ldifde import script needed for users and OU

Posted on 2014-12-10
7
299 Views
Last Modified: 2014-12-27
Hello,
I am looking for ldifde script to import the ldf files.

I already exported the OUs and Objects using the commands below, but now I need a script to import them into the target.local domain.

THank you very much!

ldifde -f sourceOu.ldf -s QMM-SRCEXCH -d "dc=source,dc=local" -p subtree -r "(objectClass=organizationalUnit)" -l "cn,objectclass,ou"

ldifde -f sourceuser.ldf -s QMM-SRCEXCH -d "dc=source,dc=local" -p subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount, memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"
0
Comment
Question by:claudiamcse
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
7 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40493991
Refer: http://support.microsoft.com/kb/237677

To import OU:

ldifde -i -f sourceOu.ldf -s QMM-SRCEXCH -d "dc=target,dc=local" -p subtree -r "(objectClass=organizationalUnit)" -l "cn,objectclass,ou"

To Import users:
 ldifde -i -f sourceuser.ldf -s QMM-SRCEXCH -d "dc=target,dc=local" -p subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount, memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"

NOTE: Because LDIFDE does not export passwords, when the users are imported into the directory, the account is disabled and the password is set to null. This is done for security reasons. Also, the account option "User must change password at next logon" is selected.
0
 

Author Comment

by:claudiamcse
ID: 40499676
Outstanding! Thank you
0
 

Author Comment

by:claudiamcse
ID: 40499722
I am sorry. This actually doesn't work....It throws error
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:claudiamcse
ID: 40499726
C:\LDIFDE-exports>ldifde -i -f corpQAUser.ldf -d "dc=corp,dc=testlab,dc=com" -p
subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badP
asswordTime,badPwdCount,lastLogoff,lastLogon,logonCount, memberOf,objectGUID,obj
ectSid,primaryGroupID,pwdLastSet,sAMAccountType"
Invalid Parameter: RootDn not required for import
Invalid Parameter: Filter not required for import
Invalid Parameter: Scope not required for import
Invalid Parameter: Omit List not required for import

I also tried this command but it gives another error since our environment has custom schema.....Is there a way to import users that have attributes exported from custom schema?

Please help.

I tried this command and it also gives an error:
ldifde -i -f Exportuser.ldf -s Server2

this error :

dd error on line 2: No Such Attribute

The server side error is "The parameter is incorrect."

0 entries modified successfully.

An error has occurred in the program
0
 

Accepted Solution

by:
claudiamcse earned 0 total points
ID: 40513344
This issue was resolved by only exporting the attributes that can be imported into the Target schema. Once I determined the attributes that I have in the target and exported only the needed attributes, the import worked.
0
 

Author Closing Comment

by:claudiamcse
ID: 40519479
This was the resolution. The other resolution didn't work
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
A brief introduction to what I consider to be the best editor for PowerShell.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question