When you want to Export\Import Objects (Computers, Groups, Users) from your Active Directory you need to use the CSVDE that represents built in commands in your Active Directory infrastructure.
CSVDE represents as “Comma Separated Variable Data Exchange”
Exporting Objects from Active Directory
Here I will show you few examples for using CSVDE command with are top switches:
In the following Example you learn how to export the entire Active Directory Objects into a CSVDE file
Csvde –f ADfull.csv
-f – this switch represents the way you call your file, in our case we call it ADfull.csv
In the following Example you learn how to Export AD objects with only specific Attributes (Columns)
Csvde –f adinfo.CSV –L “DN, objectclass.objectCategory, cn”
DN – Object Distinguished Name.
Class of object –User, Group, Container.
Category – Definition of the Schema (refer to this object).
Common Name – Friendly name that being used to refer to the object.
At the end you will see only the 4 Columns you specify!
The –r switch is used to filter rows – in other words it’s allow you to select the type of records you want
In our example: objectcalss=user, will return all user and computer objects
Csvde –f adinfo.CSV –L “DN,objectclass.objectCategory,cn” –r “(object class=user)”
-L equals to “list”
With this command you will receive a specific attribute using a WILDCARDS, in our case we will receive all user that there name started with “J”
Csvde –f adinfo.CSV –L “DN,objectclass.objectCategory,cn” –r “(&(objectclass=user(cn=j*))”
Here I want to show you all switches you know till now:
What is the final Result..?
Specify the filename
Specify object to a list
LDAP search filter
(Default to "(objectClass=*)")
Importing Objects from Active Directory
By Default, when you use CSVDE, it is set in Export mode. If you want to import object you must add the –I switch
Not like exporting attribute that easy and fun, when Importing object it’s much more complicated because you need to prepare your Database, the following points need to be taken:
Default Domain Policy – you must allow blank passwords Default Domain Policy – you must allow blank passwords once new objects importing to your Database.
Backup AD - when importing improper objects you can Damage your directory database.
Know what you doing- LDAP is the Lang you use, so pay attention to the letters you use in the attributes names.
You must know the use of ADSI Editor you can find this tool from the Support Folder on your Server KIT .with ADSI editor you can understand the AD attributes.