Import or Export Active Directory data to a file. The syntax of these two commands is identical, the difference being that one works with CSV files and one with LDIF files.
Syntax Export to file: CSVDE [-f FileName] [options] LDIFDE [-f FileName] [options]
Import from File: CSVDE -i [-f FileName] [options] LDIFDE -i [-f FileName] [options] Key -f Filename Input or Output filename -s servername The server to bind to -c FromDN ToDN Replace occurrences of FromDN to ToDN -v Verbose -j Path Folder to store log files -t Port_Number (default = 389) -? Help
Export options -d RootDN The root of the LDAP search (Default to Naming Context) -r Filter LDAP search filter (Default to "(objectClass=*)") -p SearchScope Search Scope (Base/OneLevel/Subtree) -l list Attributes to look for in an LDAP search (comma separated List) -o list Attributes to omit from input (comma separated list) -g Disable Paged Search -m Enable the SAM logic on export -n Do not export binary values Import options -k Ignore 'Constraint Violation' and 'Object Already Exists' errors. To successfully import a file it must contain as a minimum: The DN(distinguished name), DisplayName and ObjectClass Username/Password credentials -a Set the command to run using the supplied user distinguished name and password. For example: "cn=yourname,dc=yourcompany,dc-com password" -b Set the command to run as username domain/password. The default is to run using the credentials of the currently logged on user.
CSV (comma-separated value)
format files can be read with MS Excel and are easily modified with a batch
LDIF files (Ldap Data Interchange Format) are a cross-platform standard. This provides a method to populate Active Directory with data from other directory services. (e.g. Netscape NDS, Novell NDS/eDirectory, Oracle Internet Directory)
For security reasons neither of these tools will export passwords. When you import an account it is given a null password, if the domain has a password length policy, then the account will be disabled (You can re-enable accounts in bulk with a script)
CSVDE and LDIFDE are supplied with Windows 2000/2003 Server but can also be run on Win2000 Professional and XP Professional (i.e run remotely against the Active Directory Server.)
Export the whole domain
CSVDE -f MyDomain.csv
Export all users with a particular surname:
CSVDE -f MyUsers.csv -r (and(objectClass=User)(sn=Surname))
Import the whole domain and create C:\MyLogfiles\csv.log and C:\MyLogfiles\csv.err
CSVDE -i -f MyDomain.csv -j C:\MyLogfiles\
“Give me your tired, your poor,
Your huddled masses yearning to breathe free,
The wretched refuse of your teeming shore.
Send these, the homeless, tempest-tossed to me, I lift my lamp beside the golden door!” ~ Emma Lazarus
Q271517 - Ldifde fails if an attribute contains blank spaces.
Q327620 - Import contacts and users with CSVDE
Q263991 - How to set a user's password with Ldifde
Q276440 - Backup and Restore Connection Agreements with CSVDE
PowerShell equivalent: New-AdUser
Equivalent bash command (Linux): ldapadd - Add LDAP information