How to search / find local attribute using LDIFDE


From the DC click "Start" > Administrative Tools > Active Directory Module for Windows

PowerShell and then run as Administrator



How to use LDIFDE To search if any other account associated with the same UPN, from local AD run the command below:

Where "UserUPN" is the UPN/Alias, sAMAccountName, mail, any other object for the affected user.


In the examples the local domain are the root domin in the Domain Controller


LocalDomain.Com is the local object to be investigated.


To search local attributes for duplicate scenarios with DirSync / ADFS or Hybrid scenarios UPN, in local AD

Ldifde -F Name.txt -R "Name=*Alias*" -P Subtree

Ldifde -F Mail.txt -R "Mail=​*Alias*" -P Subtree

Ldifde -F UserPrincipalName.txt -R "UserPrincipalName=*Alias*" -P Subtree

Ldifde -F UserPrincipalName.txt -D "DC=LocalDomain,DC=Com" -R "UserPrincipalName=*UserAlias*" -P Subtree

Ldifde -F mail.txt -D "DC=LocalDomain,DC=local" -R "mail=*UserAlias*" -P Subtree

 Ldifde –r ( –l ObjectGUID –f Output.txt​

Ldifde -F UserPrincipalName.txt -D "DC=EducationDomain,DC=edu,DC=us" -R "UserPrincipalName=*UserAlias*" -P Subtree

Ldifde -F sAMAccountName.txt -D "DC=LocalDomain,DC=com" -R "sAMAccountName=*UserAlias*" -P Subtree

Ldifde -F mailNickname.txt -D "DC=LocalDomain,DC=us" -R "mailNickname=*UserAlias*" -P Subtree