CSVDE / LDIFDE – Windows CMD Command

by

Import or Export Active Directory data to a file. The syntax of these two commands is identical, the difference being that one works with CSV files and one with LDIF files.

Syntax

   Export to file:
             CSVDE [-f FileName] [options]
            LDIFDE [-f FileName] [options]

   Import from File:
             CSVDE -i [-f FileName] [options]
            LDIFDE -i [-f FileName] [options]
Key
     -f  Filename     Input or Output filename
     -s  servername   The server to bind to
     -c  FromDN ToDN  Replace occurrences of FromDN to ToDN
     -v               Verbose
     -j  Path         Folder to store log files
     -t  Port_Number  (default = 389)
     -?               Help
Export options
     -d RootDN        The root of the LDAP search (Default to Naming Context)
     -r Filter        LDAP search filter (Default to "(objectClass=*)")
     -p SearchScope   Search Scope (Base/OneLevel/Subtree)
     -l list          Attributes to look for in an LDAP search
                      (comma separated List)
     -o list          Attributes  to omit from input
                      (comma separated list)
     -g               Disable Paged Search
     -m               Enable the SAM logic on export
     -n               Do not export binary values
  
 Import options
     -k               Ignore 'Constraint Violation' and 'Object Already Exists' errors.

                      To successfully import a file it must contain as a minimum:
                      The DN(distinguished name), DisplayName and ObjectClass

Username/Password credentials
     -a      Set the command to run using the supplied user distinguished name
             and password. For example: "cn=yourname,dc=yourcompany,dc-com password"

     -b      Set the command to run as username domain/password.

     The default is to run using the credentials of the currently logged on user.

CSV (comma-separated value) format files can be read with MS Excel and are easily modified with a batch script.
LDIF files (LDAP Data Interchange Format) are a cross-platform standard. This provides a method to populate Active Directory with data from other directory services. (e.g. Oracle Directory Server, eDirectory)

Passwords
For security reasons, neither of these tools will export passwords. When you import an account it is given a null password, if the domain has a password length policy, then the account will be disabled (You can re-enable accounts in bulk with a script)

Examples

Export the whole domain
CSVDE -f MyDomain.csv

Export a single OU:
CSVDE -d "OU=NewYork,DC=F4T,DC=com" -f C:\Demo\exportOU.csv

Export all users with a particular surname:
CSVDE -f MyUsers.csv -r (and(objectClass=User)(sn=Surname))

Import the whole domain and create C:\MyLogfiles\csv.log and C:\MyLogfiles\csv.err
CSVDE -i -f MyDomain.csv -j C:\MyLogfiles\

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *