CSVDE / LDIFDE (installable option either via RSAT /AD DS or adminpack.msi)

Import or Export Active Directory data to a file. The syntax of these two commands is identical, the difference being that one works with CSV files and one with LDIF files.


   Export to file:
             CSVDE [-f FileName] [options]
            LDIFDE [-f FileName] [options]
Import from File: CSVDE -i [-f FileName] [options] LDIFDE -i [-f FileName] [options] Key -f Filename Input or Output filename -s servername The server to bind to -c FromDN ToDN Replace occurrences of FromDN to ToDN -v Verbose -j Path Folder to store log files -t Port_Number (default = 389) -? Help
Export options
     -d RootDN        The root of the LDAP search (Default to Naming Context)
     -r Filter        LDAP search filter (Default to "(objectClass=*)")
     -p SearchScope   Search Scope (Base/OneLevel/Subtree)
     -l list          Attributes to look for in an LDAP search
                      (comma separated List)
     -o list          Attributes  to omit from input
                      (comma separated list)
     -g               Disable Paged Search
     -m               Enable the SAM logic on export
     -n               Do not export binary values
 Import options
     -k               Ignore 'Constraint Violation' and 'Object Already Exists' errors.

                      To successfully import a file it must contain as a minimum:
                      The DN(distinguished name), DisplayName and ObjectClass
Username/Password credentials
     -a      Set the command to run using the supplied user distinguished name
             and password. For example: "cn=yourname,dc=yourcompany,dc-com password"

     -b      Set the command to run as username domain/password.

     The default is to run using the credentials of the currently logged on user.

CSV (comma-separated value) format files can be read with MS Excel and are easily modified with a batch script.
LDIF files (Ldap Data Interchange Format) are a cross-platform standard. This provides a method to populate Active Directory with data from other directory services. (e.g. Oracle Directory Server, eDirectory)

For security reasons neither of these tools will export passwords. When you import an account it is given a null password, if the domain has a password length policy, then the account will be disabled (You can re-enable accounts in bulk with a script)

CSVDE and LDIFDE are supplied with Windows 2000/2003 Server but can also be run on Win2000 Professional and XP Professional (i.e run remotely against the Active Directory Server.)


Export the whole domain
CSVDE -f MyDomain.csv

Export all users with a particular surname:
CSVDE -f MyUsers.csv -r (and(objectClass=User)(sn=Surname))

Import the whole domain and create C:\MyLogfiles\csv.log and C:\MyLogfiles\csv.err
CSVDE -i -f MyDomain.csv -j C:\MyLogfiles\

“Give me your tired, your poor, Your huddled masses yearning to breathe free,
The wretched refuse of your teeming shore.
Send these, the homeless, tempest-tossed to me, I lift my lamp beside the golden door!” ~ Emma Lazarus


Q271517 - Ldifde fails if an attribute contains blank spaces.
Q327620 - Import contacts and users with CSVDE
Q263991 - How to set a user's password with Ldifde
Q276440 - Backup and Restore Connection Agreements with CSVDE
PowerShell equivalent: New-AdUser
Equivalent bash command (Linux): ldapadd - Add LDAP information

© Copyright SS64.com 1999-2015
Some rights reserved