{"id":1839,"date":"2013-10-02T09:13:42","date_gmt":"2013-10-02T08:13:42","guid":{"rendered":"http:\/\/www.edwardsd.co.uk\/work\/?p=1839"},"modified":"2017-09-20T21:03:07","modified_gmt":"2017-09-20T20:03:07","slug":"ad-objects-via-cl-csvde-dsadd-ldifde","status":"publish","type":"post","link":"https:\/\/www.edwardsd.co.uk\/work\/2013\/10\/ad-objects-via-cl-csvde-dsadd-ldifde\/","title":{"rendered":"AD Objects via CL | CSVDE | DSADD | LDIFDE"},"content":{"rendered":"<p><strong><span style=\"line-height: 1.714285714; font-size: 1rem;\">There are a couple of tools for creating objects in AD:<\/span><\/strong><\/p>\n<ul>\n<li><a style=\"color: #0f3647;\" title=\"CSVDE\" href=\"http:\/\/technet.microsoft.com\/en-us\/library\/cc732101.aspx\" target=\"_blank\" rel=\"noopener\">CSVDE<\/a><\/li>\n<li><a title=\"DSADD\" href=\"http:\/\/technet.microsoft.com\/en-us\/library\/cc753708.aspx\" target=\"_blank\" rel=\"noopener\">DSADD<\/a>&nbsp;(Preferred due to ease but less options to CSVDE &amp; LDIFDE)<\/li>\n<li><a style=\"line-height: 1.714285714; font-size: 1rem;\" title=\"LDIFDE\" href=\"http:\/\/support.microsoft.com\/kb\/237677\/en-gb\" target=\"_blank\" rel=\"noopener\">LDIFDE<\/a><\/li>\n<li><a title=\"NET USER\" href=\"http:\/\/technet.microsoft.com\/en-us\/library\/cc771865.aspx\" target=\"_blank\" rel=\"noopener\">NET USER<\/a><\/li>\n<\/ul>\n<hr \/>\n<p><strong style=\"line-height: 1.714285714; font-size: 1rem;\"><!--more--><span style=\"text-decoration: underline; color: #ff0000;\">CSVDE:<\/span><\/strong><\/p>\n<p><strong>Export all users from specific OU:<\/strong><\/p>\n<pre lang=\"basic\">csvde -m -f DomainUsers.csv -d \"OU=Users,OU=UK,DC=domain,DC=local\" -r \"(&amp;(objectClass=*)(mail=*))\" -l displayName,userPrincipalName<\/pre>\n<p><strong>Replace:<\/strong>&nbsp;&#8220;OU=Users,OU=UK,DC=domain,DC=local&#8221; with an LDAP string for your domain.<br \/>\nDownload this tool to generate the LDAP string:&nbsp;<a title=\"Active Directory Explorer \" href=\"http:\/\/technet.microsoft.com\/en-gb\/sysinternals\/bb963907.aspx\" target=\"_blank\" rel=\"noopener\">AD-Explorer<\/a><\/p>\n<hr \/>\n<p><span style=\"text-decoration: underline;\"><span style=\"color: #ff0000;\"><strong>LDIFDE:<\/strong><\/span><\/span><\/p>\n<p><strong>Export all users into .LDF file:<\/strong><\/p>\n<pre lang=\"Basic\">ldifde -f c:\\Exportuser.ldf -s DCServerName -d \"OU=Users,OU=UK,DC=domain,DC=local\" -p subtree -r \"(&amp;(objectCategory=person)(objectClass=User)(givenname=*))\" -l \"cn,givenName,objectclass,samAccountName\"<\/pre>\n<p><strong>Import all Users from .LDF file<\/strong><\/p>\n<pre lang=\"Basic\">ldifde -i -f c:\\Exportuser.ldf -s DCServerName<\/pre>\n<hr \/>\n<p><span style=\"text-decoration: underline;\"><span style=\"color: #ff0000;\"><strong>DSADD:<\/strong><\/span><\/span><\/p>\n<p><strong>Create computer in AD:<\/strong><\/p>\n<pre lang=\"basic\">DSADD computer cn=client01,OU=Computers,OU=UK,DC=domain,DC=local<\/pre>\n<p><strong style=\"line-height: 1.714285714; font-size: 1rem;\">Create user in AD:<\/strong><\/p>\n<pre lang=\"basic\">DSADD user cn=UserName,OU=Users,OU=UK,DC=domain,DC=local -display MyDisplayName -pwd Passw0rd -office \"Marketing\" -title \"Marketing Manager\" -dept Marketing -loscr LOGIN.BAT -mustchpwd yes -canchpwd yes -disabled yes<\/pre>\n<p><strong>Change user password in AD and prompt for change at login:<\/strong><\/p>\n<pre lang=\"basic\">DSQUERY user -samid TTate | DSMOD user -pwd Passw0rd -mustchpwd yes\nDSMOD user TTate -mustchpwd no<\/pre>\n<p><strong>Set users password not to expire:<\/strong><\/p>\n<pre lang=\"basic\">DSQUERY user -samid TTATE | DSMOD user -pwdneverexpires yes<\/pre>\n<p>This is a great easy function, but what if you need to change 100+ user passwords? You wouldn&#8217;t want to type this out manually, to help with this I made use of this the DSQuery and an Excel &#8220;<a href=\"https:\/\/goo.gl\/Zf3C1Z\" target=\"_blank\" rel=\"noopener\">CONCATENATE<\/a><span style=\"line-height: 1.714285714; color: #444444; font-family: 'Open Sans', Helvetica, Arial, sans-serif; font-size: 1rem;\">&#8221; function.<\/span><\/p>\n<p><span style=\"line-height: 1.714285714; color: #444444; font-family: 'Open Sans', Helvetica, Arial, sans-serif; font-size: 1rem;\"><strong>1) List all users in AD and output to txt file:<\/strong><\/span><\/p>\n<pre lang=\"basic\">dsquery user \"OU=Users,OU=UK,DC=domain,DC=local\" -limit 0 | dsget user -dn -upn &gt; c:\\DSQueryUsers.csv\nOR\ncsvde -m -f c:\\DSQueryUsers.csv&nbsp;-d \"OU=Users,OU=UK,DC=domain,DC=localm\" -r \"(&amp;(objectClass=*)(mail=*))\" -l displayName,userPrincipalName<\/pre>\n<p><strong>2) The generated &#8220;c:\\DSQueryUsers.csv&#8221; file can be manipulated in Excel and the usernames can be extracted, this example will place the &#8220;userPrincipalName&#8221; in&nbsp;&#8220;C3&#8221; into the value:&nbsp;<\/strong><\/p>\n<pre lang=\"basic\">=\"dsquery user -samid \"&amp;C3&amp;\" | dsmod user -pwd Passw0rd&nbsp;-mustchpwd yes -disabled no\"<\/pre>\n<p><strong>Output should look like this:<\/strong><\/p>\n<p><em>dsquery user -samid Jsmith | dsmod user -pwd Passw0rd&nbsp;-disabled yes<\/em><\/p>\n<p><em style=\"line-height: 1.714285714; font-size: 1rem;\">dsquery user -samid Wcarling | dsmod user -pwd Passw0rd&nbsp;-disabled yes<\/em><\/p>\n<p><strong>3) All the excel fields can then be selected and pasted directed into the CMD window.<\/strong><\/p>\n<hr \/>\n<p><span style=\"text-decoration: underline;\"><span style=\"color: #ff0000;\"><strong>NET USER<\/strong><\/span><\/span><br \/>\n<strong>Change user password in AD: (if logged into DC using&nbsp;&#8220;net user&#8221;):<\/strong><\/p>\n<pre lang=\"basic\">net user JSmith Passw0rd<\/pre>\n<p><strong style=\"line-height: 1.714285714; font-size: 1rem;\">References:<\/strong><br \/>\n<a style=\"line-height: 1.714285714; font-size: 1rem;\" href=\"http:\/\/technet.microsoft.com\/en-us\/library\/cc754539.aspx\">http:\/\/technet.microsoft.com\/en-us\/library\/cc754539.aspx<\/a><br \/>\n<a title=\"DSAdd with Users allowed to added workstations specified.\" href=\"http:\/\/social.technet.microsoft.com\/Forums\/en-US\/992e8d90-c9e2-4b22-a14f-0d0c4f7a3c86\/dsadd-with-users-allowed-to-added-workstations-specified\" target=\"_blank\" rel=\"noopener\">Problems with DSAdd command<\/a><br \/>\n<a title=\"Migrate File Server to new domain and export NTFS permission\" href=\"http:\/\/social.technet.microsoft.com\/Forums\/windowsserver\/en-US\/f36ada21-63e9-4902-8951-36eafe62b497\/migrate-file-server-to-new-domain-and-export-ntfs-permission\" target=\"_blank\" rel=\"noopener\">Migrate File Server to new domain and export NTFS permission<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There are a couple of tools for creating objects in AD: CSVDE DSADD&nbsp;(Preferred due to ease but less options to CSVDE &amp; LDIFDE) LDIFDE NET USER<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[21,10],"tags":[],"class_list":["post-1839","post","type-post","status-publish","format-standard","hentry","category-code","category-tools"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pOPt8-tF","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts\/1839","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/comments?post=1839"}],"version-history":[{"count":2,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts\/1839\/revisions"}],"predecessor-version":[{"id":3336,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/posts\/1839\/revisions\/3336"}],"wp:attachment":[{"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/media?parent=1839"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/categories?post=1839"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.edwardsd.co.uk\/work\/wp-json\/wp\/v2\/tags?post=1839"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}