Editing Active Directory users offline

100 pts.
Tags:
Active Directory
Active Directory migration
Exchange 2007
Global address book
Our company has finally gotten in to an Active Directory domain and will be migrating to Exchange 2007 hopefully soon. I have been instructed to edit the users information for the Global address book. I have the tast of inputting 600+ address, phone numbers, and other such information. Most of this I will do as overtime hours because I'm booked as it is. My question is... Is there a way to take the User Data into a offline format and edit it when not connected to the Server (through our crappy VPN connection) and when changes have been made have a comparison type process upload the information into the Active Directory user database? Thanks in advance for the knowledge and help!
ASKED: January 16, 2009  4:53 PM
UPDATED: September 9, 2013  4:22 PM

Answer Wiki

Thanks. We'll let you know when a new response is added.

I can only assume that you have a listing of all the information that you need to edit in some sort of a file. If that is the case I would attempt to convert that file to a csv file and then you can edit all the information in that file. Once it is correct I would use a MS Powershell script to add all of the information from that input file into AD. This will save you a ton of time as opposed to doing each entry manually in the users and computers snap in. If you have any questions about how you can do this just email me.

colin@sysadminsmith.com

==========================
Use DSQUERY to get the AD information and then use DSADD. See these threads.

Create an Excel spreadsheet with 2 tabs. One tab (UserInformation) is populated with the following column names in ROW1 (the values by each are the formulas in row 2 – if not a data string value):
A- SAM Name
B- FirstName
C- LastName
D- Description
E- Password
F- UPN = =A2&”@xx.company.com”
G- Display = =B2&” “&C2
H- Office
I- Email = =B2&”.”&C2&”@xx.company.com”
J- MustChangePwd = yes/no
K- Disabled = yes/no
L- LoginScript = login.bat
M- cn= =A2
N- ou= =users
O- ou= =newOU
P- dc= =xx
Q- dc= =company
R- dc= =com
S- -samid =A2
T- -upn =CONCATENATE(AE2&F2&AE2)
U- -fn =CONCATENATE(AE2&B2&AE2)
V- -ln =CONCATENATE(AE2&C2&AE2)
W- -desc =CONCATENATE(AE2&D2&AE2)
X- -display =CONCATENATE(AE2&B2&” “&C2&AE2)
Y- -pwd =E2
Z- -office =H2
AA- -email =CONCATENATE(AE2&I2&AE2)
AB- -loscr =L2
AC- -mustchpwd =J2
AD- -disabled =K2
AE- ”

Create as many rows as necessary in this for each of the users. A second tab would be named DSadduserTemplate and the contents of row 2 and below would be:

="dsadd user cn="&UserInformation!M2&",ou="&UserInformation!N2&",ou="&UserInformation!O2&",dc="&UserInformation!P2&",dc="&UserInformation!Q2&",dc="&UserInformation!R2&" -samid "&UserInformation!S2&" -upn "&UserInformation!T2&" -fn "&UserInformation!U2&" -ln "&UserInformation!V2&" -desc "&UserInformation!W2&" -display "&UserInformation!X2&" -pwd "&UserInformation!Y2&" -office "&UserInformation!Z2&" -email "&UserInformation!AA2&" -loscr "&UserInformation!AB2&" -mustchpwd "&UserInformation!AC2&" -disabled "&UserInformation!AD2

Copy this down as many rows as needed. Once this information is populated with values from the UserInformation tab, you can copy this to a BAT or CMD file and execute. Modify as needed to change values for groups.

The command actually looks something like:

dsadd user cn=0,ou=users,ou=YOUROU,dc=xx,dc=company,dc=com -samid 0 -upn @xx.company.com -fn 0 -ln 0 -desc "" -display " " -pwd changeme -office Location -tel 0 -email .@xx.company.com.com -loscr login.bat -mustchpwd No -disabled Yes

We created the new users as disabled so we could add them to groups as needed and then train them on how to use their new logins.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Chetta
    Thank you for the help I will look into this method and see if I can get it to work!
    100 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following