Solved

ldifde import script needed for users and OU

Posted on 2014-12-10
7
288 Views
Last Modified: 2014-12-27
Hello,
I am looking for ldifde script to import the ldf files.

I already exported the OUs and Objects using the commands below, but now I need a script to import them into the target.local domain.

THank you very much!

ldifde -f sourceOu.ldf -s QMM-SRCEXCH -d "dc=source,dc=local" -p subtree -r "(objectClass=organizationalUnit)" -l "cn,objectclass,ou"

ldifde -f sourceuser.ldf -s QMM-SRCEXCH -d "dc=source,dc=local" -p subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount, memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"
0
Comment
Question by:claudiamcse
  • 5
7 Comments
 
LVL 18

Expert Comment

by:Raheman M. Abdul
ID: 40493991
Refer: http://support.microsoft.com/kb/237677

To import OU:

ldifde -i -f sourceOu.ldf -s QMM-SRCEXCH -d "dc=target,dc=local" -p subtree -r "(objectClass=organizationalUnit)" -l "cn,objectclass,ou"

To Import users:
 ldifde -i -f sourceuser.ldf -s QMM-SRCEXCH -d "dc=target,dc=local" -p subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount, memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"

NOTE: Because LDIFDE does not export passwords, when the users are imported into the directory, the account is disabled and the password is set to null. This is done for security reasons. Also, the account option "User must change password at next logon" is selected.
0
 

Author Comment

by:claudiamcse
ID: 40499676
Outstanding! Thank you
0
 

Author Comment

by:claudiamcse
ID: 40499722
I am sorry. This actually doesn't work....It throws error
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:claudiamcse
ID: 40499726
C:\LDIFDE-exports>ldifde -i -f corpQAUser.ldf -d "dc=corp,dc=testlab,dc=com" -p
subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badP
asswordTime,badPwdCount,lastLogoff,lastLogon,logonCount, memberOf,objectGUID,obj
ectSid,primaryGroupID,pwdLastSet,sAMAccountType"
Invalid Parameter: RootDn not required for import
Invalid Parameter: Filter not required for import
Invalid Parameter: Scope not required for import
Invalid Parameter: Omit List not required for import

I also tried this command but it gives another error since our environment has custom schema.....Is there a way to import users that have attributes exported from custom schema?

Please help.

I tried this command and it also gives an error:
ldifde -i -f Exportuser.ldf -s Server2

this error :

dd error on line 2: No Such Attribute

The server side error is "The parameter is incorrect."

0 entries modified successfully.

An error has occurred in the program
0
 

Accepted Solution

by:
claudiamcse earned 0 total points
ID: 40513344
This issue was resolved by only exporting the attributes that can be imported into the Target schema. Once I determined the attributes that I have in the target and exported only the needed attributes, the import worked.
0
 

Author Closing Comment

by:claudiamcse
ID: 40519479
This was the resolution. The other resolution didn't work
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
A brief introduction to what I consider to be the best editor for PowerShell.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question