Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

LDIFDE script error. Please help to solve it

Posted on 2014-12-15
16
235 Views
Last Modified: 2015-01-27
Hello,
I am getting the error below when trying to import ldf file with bunch of attributes. WE have custom schema so I need to find out which attributes it is complaning about.

DO you know how can I compare attributes source and target schemas and determine the custom attributes that I am missing in my target schema? I can then use script to import only the ones that I have in the schema. Please note that LDIFDE script doesn't allow me to exclude attributes but I can list the attributes that I want to import. So, I would like to get the list of the attributes that are present in both schemas and attributes that are custom.


Here is the error:
Add error on line 2: No Such Attribute
The server side error is "The parameter is incorrect."
0 entries modified successfully.
An error has occurred in the program

Also this error tells me the line 2.....but still not sure which attribute on line 2. See below:
onnecting to "server01.lab.contoso.com"
Logging in as current user using SSPI
Importing directory from file "OutputUser2.ldf"
Loading entries
1: CN=Ong\, Khoon Doe,OU=Asia Pacific,OU=Terminated Users,DC=lab,DC=contoso,DC=com
Entry DN: CN=Ong\, Khoon Doe,OU=Asia Pacific,OU=Terminated Users,DC=lab,DC=contoso,DC=com
changetype: add
Attribute 0) objectClass:top person organizationalPerson user
Attribute 1) cn:Ong, Khoon Doe
Attribute 2) sn:Ong
Attribute 3) c:CN
Attribute 4) l:Tsimshatsui
Attribute 5) st:Hong Kong ,SAR
0
Comment
Question by:creative555
  • 9
  • 7
16 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40502575
make sure there is no space in between DN:CN
make sure there are no extra spaces at the bottom of the file.
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40502593
Make sure you have the exact spelling including lower and upper cases in the OU names etc.
Make sure there are no too many spaces in between and after words, The tool is very sensitive.

remove \ and see if that works

Ong\, Khoon Doe,
to
Ong, Khoon Doe,

Check the following if that helps.
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_21381822.html
0
 

Author Comment

by:creative555
ID: 40503157
I remove the space  between DN:CN but it is still shows no such attributues
Also just noticed that not all OUs got copied with this script. THe first user that it is trying to do is in OU that doesn't exist in the target. how do I make sure that All OUs get copied?

I used this script for OU

ldifde -f exportOu.ldf -s servername -d "dc=test,dc=lab,dc=com" -p subtree -r "(objectClass=organizationalUnit)" -l "cn,objectclass,ou"
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 19

Accepted Solution

by:
Raheman M. Abdul earned 500 total points
ID: 40503549
use -k switch to ignore the errors and continue processing.
 The operation has an object class violation
       This violation means that the specified object class does not exist, if the object being imported has no other attributes.

refer  for details: http://technet.microsoft.com/en-us/library/cc731033.aspx
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40503756
can you post the exported .ldf file (of course after renaming the secure information to XXXXX)
0
 

Author Comment

by:creative555
ID: 40503797
Ok. So I re-imported the users using this script wich includes only 4 attributes and it worked! So, I will have to start adding one by one now. Four attributes are below.
cn,givenName,objectclass,samAccountName

Since I have so many attributes, do you know if there is a known exclusion list with attributes that just wont work and need to be exclude during export?? I already tried the second script below with the excluded list but still not able to import it. Seems that there are more exclusions.....See the second script where we need to add more exclusions

Please advise.

ldifde -f Exportuser.ldf -s <Server1> -d "dc=Export,dc=com" -p subtree
-r "(&(objectCategory=person)(objectClass=User)(givenname=*))"
-l "cn,givenName,objectclass,samAccountName"

ldifde -f Exportuser.ldf -s <Server1> -d "dc=Export,dc=com" -p subtree -r
"(&(objectCategory=person)(objectClass=User)(givenname=*))" -o "badPasswordTime,badPwdCount,lastLogoff,lastLogon,logonCount,
memberOf,objectGUID,objectSid,primaryGroupID,pwdLastSet,sAMAccountType"
0
 

Author Comment

by:creative555
ID: 40503807
ok. Here is the list of all attributes....Please advise the one we want to include and need to exclude. THank you!

Attribute      0)      objectClass
Attribute      1)      cn
Attribute      2)      sn
Attribute      3)      c
Attribute      4)      l
Attribute      5)      st
Attribute      6)      title
Attribute      7)      description
Attribute      8)      physicalDeliveryOfficeName
Attribute      9)      telephoneNumber
Attribute      10)      facsimileTelephoneNumber
Attribute      11)      givenName
Attribute      12)      initials
Attribute      13)      distinguishedName
Attribute      14)      instanceType
Attribute      15)      whenCreated
Attribute      16)      whenChanged
Attribute      17)      displayName
Attribute      18)      uSNCreated
Attribute      19)      uSNChanged
Attribute      20)      co
Attribute      21)      department
Attribute      22)      company
Attribute      23)      homeMTA
Attribute      24)      proxyAddresses
Attribute      25)      publicDelegates
Attribute      26)      homeMDB
Attribute      27)      streetAddress
Attribute      28)      mDBStorageQuota
Attribute      29)      mDBOverQuotaLimit
Attribute      30)      publicDelegatesBL
Attribute      31)      mDBUseDefaults
Attribute      32)      directReports
Attribute      33)      mailNickname
Attribute      34)      extensionAttribute15
Attribute      35)      replicatedObjectVersion
Attribute      36)      name
Attribute      37)      userAccountControl
Attribute      38)      codePage
Attribute      39)      countryCode
Attribute      40)      employeeID
Attribute      41)      scriptPath
Attribute      42)      logonHours
Attribute      43)      userParameters
Attribute      44)      comment
Attribute      45)      accountExpires
Attribute      46)      sAMAccountName
Attribute      47)      sIDHistory
Attribute      48)      managedObjects
Attribute      49)      legacyExchangeDN
Attribute      50)      userPrincipalName
Attribute      51)      lockoutTime
Attribute      52)      objectCategory
Attribute      53)      msNPAllowDialin
Attribute      54)      dSCorePropagationData
Attribute      55)      lastLogonTimestamp
Attribute      56)      textEncodedORAddress
Attribute      57)      mail
Attribute      58)      manager
Attribute      59)      homePhone
Attribute      60)      msExchPoliciesIncluded
Attribute      61)      msExchHomeServerName
Attribute      62)      replicationSignature
Attribute      63)      msExchALObjectVersion
Attribute      64)      msExchHideFromAddressLists
Attribute      65)      msExchMailboxSecurityDescriptor
Attribute      66)      msExchUserAccountControl
Attribute      67)      mDBOverHardQuotaLimit
Attribute      68)      msExchMailboxGuid
Attribute      69)      mat-budgetCenter
Attribute      70)      mat-mailDrop
Attribute      71)      mat-locationCode
Attribute      72)      mat-locationDescription
Attribute      73)      mat-supervisorEmployeeID
Attribute      74)      mat-supervisorName
Attribute      75)      mat-employeeStatus
Attribute      76)      mat-supervisorEmail
Attribute      77)      msExchOmaAdminWirelessEnable
Attribute      78)      msExchELCMailboxFlags
Attribute      79)      msExchWhenMailboxCreated
Attribute      80)      msRTCSIP-UserPolicies
Attribute      81)      msExchRecipientDisplayType
Attribute      82)      msExchMailboxTemplateLink
Attribute      83)      msExchTextMessagingState
Attribute      84)      msRTCSIP-UserRoutingGroupId
Attribute      85)      msExchUMDtmfMap
Attribute      86)      msExchRecipientTypeDetails
Attribute      87)      msExchVersion
Attribute      88)      msRTCSIP-DeploymentLocator
Attribute      89)      msExchRBACPolicyLink
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40503816
You are on the right path to find out which attributes are causing the failure of the script.
I (or someone)  will come up with a modified script to automate the above process considering each attribute and testing the outcome.
0
 

Author Comment

by:creative555
ID: 40503845
oh. So I just realized that now that I imported only four users which are - cn,givenName,objectclass,samAccountName....
I tried to add additional line to the the ldif file as shown but it tells me 0 entries modified.....

Now do I need to change all entries from add to modify??
0
 

Author Comment

by:creative555
ID: 40503848
sorry I meant imported all users with only four attributes...
0
 

Author Comment

by:creative555
ID: 40503850
So, I added more attribs and now it is not working...Do I need to change from modify now??

dn: CN=Ong\, Khoon Doe,OU=Asia Pacific,OU=Terminated Users,DC=test,DC=lab,DC=com
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Ong, Khoon Kung
givenName: Khoon Kung
sAMAccountName: ONGKK001
0
 

Author Comment

by:creative555
ID: 40503854
DO you have the script to delete all the users and attributes and start over?
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40505205
remove-adobject cmdlet  and use -recursive
0
 

Author Comment

by:creative555
ID: 40505352
WHere do I need to run this command from? I get unrecognized as internal or external command. I tried running it on the DC (2008 and 2003) and cmd and powershell. Still not able to run it.
0
 

Author Closing Comment

by:creative555
ID: 40571645
-k switched worked. THank you
0
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 40572672
Glad I could help you.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
With User Account Control (UAC) enabled in Windows 7, one needs to open an elevated Command Prompt in order to run scripts under administrative privileges. Although the elevated Command Prompt accomplishes the task, the question How to run as script…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question