CSVDE / LDIFDE (installable option either via RSAT /AD DS or adminpack.msi)

Import or Export Active Directory data to a file. The syntax of these two commands is identical, the difference being that one works with CSV files and one with LDIF files.

Syntax

   Export to file:
             CSVDE [-f FileName] [options]
            LDIFDE [-f FileName] [options]
Import from File: CSVDE -i [-f FileName] [options] LDIFDE -i [-f FileName] [options] Key -f Filename Input or Output filename -s servername The server to bind to -c FromDN ToDN Replace occurrences of FromDN to ToDN -v Verbose -j Path Folder to store log files -t Port_Number (default = 389) -? Help
Export options
     -d RootDN        The root of the LDAP search (Default to Naming Context)
     -r Filter        LDAP search filter (Default to "(objectClass=*)")
     -p SearchScope   Search Scope (Base/OneLevel/Subtree)
     -l list          Attributes to look for in an LDAP search
                      (comma separated List)
     -o list          Attributes  to omit from input
                      (comma separated list)
     -g               Disable Paged Search
     -m               Enable the SAM logic on export
     -n               Do not export binary values
  
 Import options
     -k               Ignore 'Constraint Violation' and 'Object Already Exists' errors.

                      To successfully import a file it must contain as a minimum:
                      The DN(distinguished name), DisplayName and ObjectClass
		
Username/Password credentials
     -a      Set the command to run using the supplied user distinguished name
             and password. For example: "cn=yourname,dc=yourcompany,dc-com password"

     -b      Set the command to run as username domain/password.

     The default is to run using the credentials of the currently logged on user.

CSV (comma-separated value) format files can be read with MS Excel and are easily modified with a batch script.
LDIF files (Ldap Data Interchange Format) are a cross-platform standard. This provides a method to populate Active Directory with data from other directory services. (e.g. Netscape NDS, Novell NDS/eDirectory, Oracle Internet Directory)

Passwords
For security reasons neither of these tools will export passwords. When you import an account it is given a null password, if the domain has a password length policy, then the account will be disabled (You can re-enable accounts in bulk with a script)

Compatibility
CSVDE and LDIFDE are supplied with Windows 2000/2003 Server but can also be run on Win2000 Professional and XP Professional (i.e run remotely against the Active Directory Server.)

Examples

Export the whole domain
CSVDE -f MyDomain.csv

Export all users with a particular surname:
CSVDE -f MyUsers.csv -r (and(objectClass=User)(sn=Surname))

Import the whole domain and create C:\MyLogfiles\csv.log and C:\MyLogfiles\csv.err
CSVDE -i -f MyDomain.csv -j C:\MyLogfiles\

“Give me your tired, your poor, Your huddled masses yearning to breathe free,
The wretched refuse of your teeming shore.
Send these, the homeless, tempest-tossed to me, I lift my lamp beside the golden door!” ~ Emma Lazarus


Related:

Q271517 - Ldifde fails if an attribute contains blank spaces.
Q327620 - Import contacts and users with CSVDE
Q263991 - How to set a user's password with Ldifde
Q276440 - Backup and Restore Connection Agreements with CSVDE
PowerShell equivalent: New-AdUser
Equivalent bash command (Linux): ldapadd - Add LDAP information


© Copyright SS64.com 1999-2014
Some rights reserved