export group using ldifde

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

can someone is my syntex correct or wrong ? i'm getting error connection
cannot be estanlished and error code 8224.. how should i resolve this ?

C:\>ldifde -f c:\group.ldf -s hbodc1 -d
"CN=Finance,OU=NewYork,OU=People,DC=hbo,
DC=homebox,DC=com" -r "(objectClass=*)" -l "cn"
Connecting to "hbodc1"
The connection cannot be established
The error code is 8224
No log files were written. In order to generate a log file, please
specify the log file path via the -j option.

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Dr. Pepper,

It all depends on what you are trying to do. Let's just say that you have
the following OU structure:

DC=Domain,DC=Com

OU=Offices

OU=San Diego
OU=Los Angeles
OU=San Francisco
OU=Oakland


Let's say that there is a security group that resides in OU=Offices ( called
"Company" ) and that there is a security group in each of the sub-OUs ( in
the OU=San Diego the security group is called 'San Diego", in the OU=Los
Angeles the security group is called "Los Angeles", etc. ).

So, if you want to get the membership of each of the five groups you would
enter something like this:

c:\>ldifde -f c:\groups.ldf -s dc01.domain.com -t 389 -d
"OU=Offices,DC=Domain,DC=Com" -p subtree -r "(objectClass=group)" -l
"cn,groupType,member"

This will bind to the DC named dc01.domain.com using the default port of
389. It will start its search at 'OU=Offices,DC=Domain,DC=Com' and look
only for objects that meet the requirements of the seach filter (
objectClass=group ). For each object that it finds it will return the value
of the three attributes that you have specified ( -l ).

So, it would find the group Company, San Diego, Los Angeles, San Francisco
and Oakland. For each of these five groups it would return the values for
the CN, groupType and member attributes

Is this clear?

Now, let's say that you want to do this for a specific group. Let's just
pick the Oakland group. You would enter something like this:

c:\>ldifde -f c:\oakland.ldf -s dc01.domain.com -t 389 -d
"CN=Oakland,OU=Oakland,OU=Offices,DC=Domain,DC=Com" -l
"cn,groupType,member"

This is a little bit different. Since we are binding to the group directly
we do not really need to use any search filter ( the -r switch ). All we
really need to do is to specify the attributes for which you would like the
values!

Does this make sense?

--
Cary W. Shultz
Roanoke, VA 24012
Microsoft Active Directory MVP

http://www.activedirectory-win2000.com
http://www.grouppolicy-win2000.com



"drpepper" <drpepper@discussions.microsoft.com> wrote in message
news:EFB775A6-8CB3-44D2-B3EE-D3A0B0EFF3C5@microsoft.com...
> can someone is my syntex correct or wrong ? i'm getting error connection
> cannot be estanlished and error code 8224.. how should i resolve this ?
>
> C:\>ldifde -f c:\group.ldf -s hbodc1 -d
> "CN=Finance,OU=NewYork,OU=People,DC=hbo,
> DC=homebox,DC=com" -r "(objectClass=*)" -l "cn"
> Connecting to "hbodc1"
> The connection cannot be established
> The error code is 8224
> No log files were written. In order to generate a log file, please
> specify the log file path via the -j option.
>

 

[Guest]

Archived from groups: microsoft.public.win2000.active_directory (More info?)

Are you able to do a telnet to hbodc1 at port 389

Regards
Balaji


drpepper wrote:
> can someone is my syntex correct or wrong ? i'm getting error connection
> cannot be estanlished and error code 8224.. how should i resolve this ?
>
> C:\>ldifde -f c:\group.ldf -s hbodc1 -d
> "CN=Finance,OU=NewYork,OU=People,DC=hbo,
> DC=homebox,DC=com" -r "(objectClass=*)" -l "cn"
> Connecting to "hbodc1"
> The connection cannot be established
> The error code is 8224
> No log files were written. In order to generate a log file, please
> specify the log file path via the -j option.