Import or Export Active Directory data to a file. The syntax of these two commands is identical, the difference being that one works with CSV files and one with LDIF files.
Syntax
Export to file:
CSVDE [-f FileName] [options]
LDIFDE [-f FileName] [options]
Import from File:
CSVDE -i [-f FileName] [options]
LDIFDE -i [-f FileName] [options]
Key
-f Filename Input or Output filename
-s servername The server to bind to
-c FromDN ToDN Replace occurrences of FromDN to ToDN
-v Verbose
-j Path Folder to store log files
-t Port_Number (default = 389)
-? Help
Export options
-d RootDN The root of the LDAP search (Default to Naming Context)
-r Filter LDAP search filter (Default to "(objectClass=*)")
-p SearchScope Search Scope (Base/OneLevel/Subtree)
-l list Attributes to look for in an LDAP search
(comma separated List)
-o list Attributes to omit from input
(comma separated list)
-g Disable Paged Search
-m Enable the SAM logic on export
-n Do not export binary values
Import options
-k Ignore 'Constraint Violation' and 'Object Already Exists' errors.
To successfully import a file it must contain as a minimum:
The DN(distinguished name), DisplayName and ObjectClass
Username/Password credentials
-a Set the command to run using the supplied user distinguished name
and password. For example: "cn=yourname,dc=yourcompany,dc-com password"
-b Set the command to run as username domain/password.
The default is to run using the credentials of the currently logged on user.
CSV (comma-separated value)
format files can be read with MS Excel and are easily modified with a batch
script.
LDIF files (Ldap Data Interchange Format) are a cross-platform standard. This
provides a method to populate Active Directory with data from other directory
services. (e.g. Oracle Directory Server, eDirectory)
Passwords
For security reasons neither of these tools will export
passwords. When you import an account
it is given a null password, if the domain has a password length
policy, then the account will be disabled (You can re-enable
accounts in bulk with a script)
Examples
Export the whole domain
CSVDE -f MyDomain.csv
Export a single OU:
CSVDE -d "OU=NewYork,DC=SS64,DC=com" -f C:\Demo\exportOU.csv
Export all users with a particular surname:
CSVDE -f MyUsers.csv -r (and(objectClass=User)(sn=Surname))
Import the whole domain and create C:\MyLogfiles\csv.log and C:\MyLogfiles\csv.err
CSVDE -i -f MyDomain.csv -j C:\MyLogfiles\
“Give me your tired, your poor,
Your huddled masses yearning to breathe free,
The wretched refuse of your teeming shore.
Send these, the homeless, tempest-tossed to me,
I lift my lamp beside the golden door!” ~ Emma Lazarus
Related:
Q327620 - Import contacts and users with CSVDE.
Q263991 - How to set a user's password with Ldifde.
PowerShell equivalent: New-AdUser
Equivalent bash command (Linux): ldapadd - Add LDAP information.