PowerShell Ezine, Logon Scripts
Custom Search

Guy recommends :
Free - WMI Monitor

Get Solarwinds' free WMI Monitor to measure the memory, disk and CPU performance of your servers.

Free WMI Monitor Download

Free WMI Monitor Download

Guy's Review of
Computer Utilities

 1) FreePing
 2) Wake-on-LAN
 3) Xobni
 4) PuTTY
 5) WMI Monitor
 6) BgInfo
 7) Net-SNMP
 8) IP Address Tracker
 9) DNS Stuff
10) WinDiff Compare

Short computer jokes

Guy's Scripting Ezine 92 - LDIFDE

Contents for Ezine 92 - LDIFDE

 ♣

This Week's Secret

Let me say at the outset that I am not a great fan of LDIFDE (Lightweight Data Interchange Format, Data Exchange); I prefer VBScript or CSVDE.  However, I feel that it is time to give LDIFDE its moment in the limelight.  Despite my dismissive comments, LDIFDE cannot be all bad. For example, Exchange 2003 uses LDIF files to extend the schema.

In common with CSVDE, LDIFDE is a built-in executable found in Windows Server 2003 (and 2000).  If you need to experiment on an XP machine, simply copy the LDIFDE locally from the system32 folder on the server.  Tip, from the XP machine run \\server\admin$ then browse to the system32 folder.

Another similarity between LDIFDE and CSVDE is that they both feed on text files.  The actual LDIFDE executable is simply an engine that processes the Active Directory information you create in the .ldf file.  Both LDIFDE and CSVDE can bulk import users, however LDIFDE has a killer advantage in that you can modify or even delete objects in your Active Directory.

Specifically, what I have against LDIFDE is that I cannot manipulate the data in a spreadsheet.  I admit it's possible that I have missed a trick; perhaps someone knows of a clever spreadsheet macro, but for me the LDIFDE files are unwieldy compared with VBScript, which easily feeds ofs my spreadsheet data.  The key skill is LDAP.  Whether you use CSVDE, VBScript or LDIFDE you simply must be an expert on LDAP properties, for example sAMAccountName, sn and givenName.  My secret of becoming a minor expert on LDAP was research with ADSI Edit.

If you are looking for handy network utilities, try some of the free downloads at Tools4Ever

LDIFDE Strategy

LDIFDE looks for an import or export command, followed by a text file.  The text file extension is not important, but the syntax is picky.  Here is an example, ldifde -i -f ron.ldf.  The -i switch means import, while -f introduces the file name.

Let us assume that we need to modify the properties of a user called Ron.  Previously Ron's office was situated in Cambridge, now we want this Active Directory value to be changed to Oxford.  When I researched ADSI Edit, I discovered that the LDAP for office was - PhysicalDeliveryOfficeName.

Example 1 - Modify LDAP with LDIFDE

Instructions

1)  Change OU,Students to the name of your experimental OU.  Alternatively, create an OU called Students.

2)  Either create a user called Ron, or else change cn=ron to cn =youruser.

3)  Amend DC=CP,DC=mosel to the name of your domain. 
     Investigate whether you have an extension called DC=Local, or DC=com.

Preparation.

With LDAP, the key task is to prepare the text file.  Our first line contains Ron's dn: (distinguished name).  Writing the DN is not an easy task, but to be fair, once you have worked out one user's dn, it is relatively easy to adjust the CN or the OU for other users.  (Even so, I still don't like this technique, I prefer a spreadsheet.)

On the second line, we need to tell LDIFDE whether to add, delete, or as in this instance, modify Ron's PhysicalDeliveryOfficeName.

On the third line, I choose the word replace, followed by a colon: then the LDAP property.  Again, ADSI Edit is my tool of choice to research the precise LDAP name.

Immerse yourself in the LDIFDE syntax.  In particular remember the dash (not underscore) which separates the records.

Copy the script below, save to a know location on a Windows Server, for example C:\scripts\ron.ldf.  Next open a CMD prompt type:

1)  CD C:\scripts

2)  LDIFDE -i -f ron.ldf

 

 

dn: CN=Ron,OU=Students,DC=cp,DC=mosel
changetype: modify
replace: PhysicalDeliveryOfficeName
PhysicalDeliveryOfficeName: Oxford
-
 

Guy's Learning Points

Note 1:  changetype: modify.   This is a precise instruction to alter the record

Note 2:  replace: PhysicalDeliveryOfficeName.  You could amend PhysicalDeliveryOfficeName to other LDAP properties, for example displayName.

Note 3:  PhysicalDeliveryOfficeName: Oxford.  Feel free to change Oxford to any location that you like.

Note 4:  Investigate Active Directory Users and Computers.  In particular right click the OU and select refresh.  Check Ron's General tab, Office.

Note 5:  Important.  Remember that the text file needs a dash (-) to indicate the end of record.

Guy Recommends: The Free IP Address Tracker (IPAT) IP Tracker

Calculating IP Address ranges is a black art, which many network managers solve by creating custom Excel spreadsheets.  IPAT cracks this problem of allocating IP addresses in networks in two ways:

For Mr Organized there is a nifty subnet calculator, you enter the network address and the subnet mask, then IPAT works out the usable addresses and their ranges. 

For Mr Lazy IPAT discovers and then displays the IP addresses of existing computers.  Download the Free IP Address Tracker

Example 2.  Modify Two Users with LDF File

This script modifies not one but two user accounts.

 

dn: CN=Ron,OU=Students,DC=cp,DC=mosel
changetype: modify
replace: PhysicalDeliveryOfficeName
PhysicalDeliveryOfficeName: Birmingham
-

dn: CN=Psycho,OU=Students,DC=cp,DC=mosel
changetype: modify
replace: PhysicalDeliveryOfficeName
PhysicalDeliveryOfficeName: Oxford
-

 

Guy's Learning Points

Note 1:  Each record ends with a dash -.

Note 2:  The blank line between the two users.

Note 3:  I have not found a way of putting comments in LDIFDE text.

Summary of LDIFDE

LDIFDE is similar to CSVDE.  Both are built-in commands on Windows servers.  However LDIFDE has the advantage of allowing you to modify existing users.  Even so, my advice is to ignore LDIFDE.  Instead master CSVDE and excel spreadsheets.

See more about VBScript

VBScripts  • Ezines  • WMI  • Logon Scripts   • PowerShell Foreach  • Tool Kit

• Ezine 1 Loops   • Ezine 14 Loops  • Ezine 47 .put  • PowerShell Loops  • Free Web Watcher

• Ezine 90 VBS Looping  • Ezine 91 VBS Looping   • Ezine 92 LDIFDE   • Ezine 100 If

Custom Search

Guy Recommends: WMI Monitor and It's Free!Solarwinds WMI Monitor

Windows Management Instrumentation (WMI) is one of the hidden treasures of Microsoft operating systems.

Fortunately, Solarwinds have created the Free WMI Monitor so that you can actually see and understand these gems of operating system information.  Take the guess work out of which WMI counters to use for scripts.

Download your free copy of WMI Monitor

 

Home Copyright © 1999-2012 Computer Performance LTD All rights reserved

Please report a broken link, or an error.