Ad Account Batch Import Export

First, Bulk import accounts

Procedure and principle:

1 , first make a simple template with an Excel table and save it as a. csv format!

2 , and then use the for command combined with dsadd to complete the batch creation of users!

Command used: (Note: The following command parameters for the author to do the test, do not forget to modify!) ）

for/f "tokens=1,2,3,4,5 delims=,"%a in (D:\USER1.csv) do dsadd user "cn=%c,ou=it,dc=test,dc=com"-samid%d-upn%d -ln%a-fn%b-pwd%e-disabled Yes -mustchpwd Yes

Introduction to the above commands:

tokens=1,2,3,4,5: Indicates that there are five variables (the parameter is 5 parameters in the table, the order is a/b/c/d/e the 5 parameters will be used below)
delims=,: Indicates that the delimiter is ","
%a in (c:\baidu.csv): Indicates that the variable takes data from the path "C:\baidu.csv"
dsadd: Add command
cn=%c,ou=it,dc=baidu,dc=com: Indicates the user name created and the location created
-samid%d-upn%d: Indicates that the login name is variable D
-ln%a: Set user name as variable a
-FN%b: Set user name to variable b
-pwd%e: Set Password to variable E
-disabled Yes: Indicates a disabled state after import

-mustchpwd Yes : indicates the next logon to modify the password, the default value: No .

To start creating a user:

First, create a table that looks like the following:

650) this.width=650; "border=" 0 "src=" http://img1.51cto.com/attachment/201009/222004746.jpg "/>

Second, then save it as. CSV format

Create an OU (IT) on ad, then run CMD, type the following command and execute:

for/f "tokens=1,2,3,4,5 delims=,"%a in (d:\USER1.csv) do dsadd user "cn=%c,ou=it,dc=test,dc=com"-samid%d-upn%[email Protected]-FN%b-ln%a-pwd%e-disabled no-mustchpwd Yes

Second, use csvde Export Account

Grammar

csvde[- I.] [- FFileName] [- SServerName] [- CString1 String2] [- v] [-jPath] [- TPortNumber] [- DBaseDN] [- RLdapfilter] [- PScope] [- Lldapattributelist] [- oldapattributelist] [- G] [- M] [- N] [- k] [ -Auserdistinguishedname Password] [- bUserName Domain Password]

Parameters

-I.

Specifies the import mode. If not specified, the default mode is export.

-F FileName

Identifies the import or export file name.

-S ServerName

Specifies that the domain controller performs an import or export operation.

-C String1 String2

will all String1 item is replaced by String2 . Importing data from one domain to another domain and the distinguished name (STRING1) of the exported domain needs to be replaced with the distinguished name of the imported domain (String2) The operation is generally used.

-V

Sets the verbose mode.

-j Path

Sets the log file location. The default path is the current path.

-tportnumber

Specifies the Lightweight Directory Access Protocol (LDAP) port number. The default LDAP port is 389. The global catalog port is 3268.

-dbasedn

Sets the distinguished name of the search library for data export.

-rldapfilter

Create an LDAP search filter for data export.

-pscope

Set the search scope. The search scope option is Base, OneLevel, or subtree.

-lldapattributelist

Sets the list of properties to return to the exported query results. Attributes can be returned in any order by LDAP, and Csvde does not attempt to sort any columns. If this argument is omitted, all properties are returned.

-oldapattributelist

Sets the list of attributes to omit from the exported query results. You typically use this method when you export an object from Active directory and then import the object into another LDAP-compliant directory. If another directory does not support attributes, you can use this option to omit properties from the result set.

-G

Ignores paged searches.

-M

Ignores properties that apply only to Active Directory objects, such as the ObjectGUID, ObjectSID, PwdLastSet, and Samaccounttype properties.

-N

Binary value export is ignored.

-K

Ignores errors during the import operation and continues processing. The following is a complete list of ignorable errors: "Object already exists", "constraint violation", and "property or value already exists."

-auserdistinguishedname Password

set the command to use the provided UserDistinguishedName and the Password to run. By default, the command is run with the credentials of the user who is currently logged on to the network. This operation makes a simple LDAP binding to the user name and password.

-busername Domain Password

set how the command is run to Usernamedomainpassword . By default, the command is run with the credentials of the user who is currently logged on to the network. This operation securely binds LDAP to the NEGOTIATE authentication method.

-?

Displays the Command menu.

Note

csvde csvde csvde Span style= "font-size:13px;font-family: ' The song Body '; > The credentials of the user for the command are related. is not related to the user's setup password.

Example

using CSVDE to export the list of existing objects is fairly straightforward.
The simplest usage is:
Csvde–f ad.csv to export the Active Directory object to a file named Ad.csv. The –f switch indicates the name of the output file that follows.
However, it is important to note that the above usage is simple, but the resulting results may have too many records and information that you do not want.
If you want to achieve more accurate export records, you can use the-D and-R and-l parameters.
Where:-D is used to specify a specific search location and range
-R to specify a specific type of search object
-L is used to specify the specific properties of the exported object
Such as:
Csvde-f users.csv-d "ou=it,dc=test,dc=com"-R "(& (Objectcategory=person) (Objectclass=user))"-L DN,objectClass, Description

Note: If Chinese is present in the account information exported using CSVDE, there is a possibility of garbled characters, which can be resolved by adding the-u parameter.

This article is from the It DreamWorks blog, so be sure to keep this source http://fly520.blog.51cto.com/2181586/1694313

Ad Account Batch Import Export