LDIFDE and LDP does not work correctly

L

Leif Braeuer

We are developing automation script and reports to manage
a AD structure. One of our unsolved issues are Group
memberships:

We want to export group memberships from AD in LDIF format
if possible, because all features to manage these export
files are already done. VB script is not the customers
choice.

Simple example: We want to export all members of the group
Domain Admins

So we create a LDFIDE command to do this:

LDIFDE -u -m -r "(objectClass=group)" -d "CN=Domain
Admins,CN=Users,DC=mydomain,DC=com" -s SERVERNAME -f
members.ldif -
o "dSCorePropagationData,objectGUID,objectSid,uSNChanged,uS
NCreated"

We use -m to have an importable format (SAM logic)

All works, but we can only export 7 members, the same
happens with Domain-Users or other groups, we increased
the LDAP policy limit MaxPageSize but that changed
nothing. Also we tried to use -g to use non paged queries,
same result.

After that, we used LDP (from support tools) and browsing
through the AD tree lead to the same result, LDP only
shows 7 members of group Domain-Admins

Using MMC, NET GROUP Domain-Admins, or ADSIEDIT shows the
complete list.

we use W2k Server 2000 SP4, german version


TIA
Leif Braeuer
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Trying to get same results from LDIFDE vs. LDP 1
LDIFDE export group membership with sAMAccountName 4
LDIFDE: member attribute returns a list of characters, instead of user name. 1
CSVDE and LDIFDE 1
Using LDIFDE to Import and Export Groups 4
LDIFDE/CSVDE imports for username (cn) containing a backslash? 1
Delegation not working 1
Cleanup after manually removing a DC 5

Top