Logon Scripts

Google

Web Search Site

3CX Phone System for Windows - VOIP IP PBX

3CX Phone System for Windows -
VOIP IP PBX

Get your 5 free applications now

Application Publishing with 2X ApplicationServer

 

LDIFDE - 2003 Switches

Introduction to LDIFDE 2003 Switches

Microsoft have made subtle changes to Windows Server 2003 in general and LDIFDE in particular.  The latest version of LDIFDE is 5.0.2195.4866, whereas the original Windows 2003 version was 5.0.2156.1.  Incidentally, under the covers Windows 2003 itself is version 5.0 and Server 2003 is 5.5.  Enough of this detail, on to the new switches.

Topics

New Switches for LDIFDE 2003

The new switches are a mixed bag, some are very useful others have specialist, even obscure roles.  I have made my recommendations, but it is a case of selecting the right switch for the right job.

-q thread count

By using this switch you can speed up import.  The -q turns LDIFDE into a multi threaded program.

-w Timeout (seconds)

If your import hangs, you could terminate it with CTRL + C then next time use the -w timeout switch and set it to 20 or however many seconds you think appropriate.

-e Prevents lazy commit

I have to say that using the -e switch when importing could cause confusion, but I suppose Microsoft were running out of letters for switches.  What this does is forces an instant save of the imported users rather than using a memory buffer.  Guy says you probably do not need this switch.

-y Forces lazy commit

This is the default and the opposite of -e above.  I would stick with the default -y because it speeds up importing.

-h Enables SASL encryption

Another switch I would avoid, unless you are paranoid about security.

˚

Useful LDIFDE Switches for both 2003 and 2000

-a Permissions
-b Permissions
-j Logging
-k Skip errors
-p Scope
-s Connect to server
-v Verbose

Logging -j (or J) it's not case sensitive.

I have featured this switch because it is so useful for troubleshooting LDIFDE problems.

The point of logging to a text file is that its permanent compared with the -v verbose mode.  -j creates one or two log files.  It always creates a file called ldif.log, additionally it creates ldif.err if it encounters any errors.

Why not use -l for logging you may ask?  The answer is -l is used for listing LDAP attributes.  Why Microsoft choose -j have no idea!

Example 1:

  1. LDIFDE -f  guylog.ldif -j c:\log
  2. If you use C:\log,  the log folder must exist
  3. To open the file I type notepad ldif.log
  4. If there are any errors type notepad ldif.err

Trap: The -j switch over writes existing .log or .err files.  I wish it would create a new file e.g ldif.log1, ldif.log2 - but it does not!

Trap: As far as I can see without the -j switch, no log file is produced.  I mention this as other documentation suggests that you are merely setting the path, in my opinion you are creating the file as well.

 See also

 

 

 

 


Download your eBook:  How to use LDIFDE commands - only $5.25

LDIFDESave hours of frustration and buy Guy's eBook.  The extra features include: detailed instructions on how to add and modify user accounts.  Worked LDIFDE examples on changetype: and unicodePwd.

You get a printer friendly version with copy enabled, and no expiry date.

 

 

 

 See also

 

 

 *

Google

WebComputerperformance.co.uk

GFi Events Manager

Guy Recommends: GFi EventsManager

Here is a solution to monitor, manage and archive thousands of events that are generated by devices across your entire network.  Get your free evaluation copy of GFI EventsManager.

 

Home Copyright © 1999-2008 Computer Performance LTD All rights reserved

Please report a broken link, or an error.