Skip Navigation LinksLDIFDE

Logo Azul.jpg

 

How to search / find local attribute using LDIFDE

 

From the DC click "Start" > Administrative Tools > Active Directory Module for Windows

PowerShell and then run as Administrator

image001.png 

 

How to use LDIFDE To search if any other account associated with the same UPN, from local AD run the command below:

Where "UserUPN" is the UPN/Alias, sAMAccountName, mail, any other object for the affected user.

 

In the examples the local domain are the root domin in the Domain Controller

LocalDomain.local 

LocalDomain.Edu.us

LocalDomain.Com 

Alias@domain.com is the local object to be investigated.

 

​To collect the LDAP information for affected user in the local Active Directory run the command from the main Domain Controller:

Ldifde -F LdapExport.txt -R "(NAME=*AffectedAliasHere*)" -P SubTree

 

To collect the local LDAP for all local AD objects in the DC (Domain Controller) using NAME run the command without any modifications below:

Ldifde -F LdapExportAll.txt -R "(NAME=*)" -P SubTree

 

To collect the LDAP information for affected user in the local Active Directory run the command from the main Domain Controller with UserPrincipalName:

Ldifde -F LdapExportName.txt -R "(UserPrincipalName=*AffectedAliasHere*)"

 

To collect the local LDAP for all local AD users in the domain controller with UserPrincipalName run the command without any modifications below:

Ldifde -F LdapExportUPNAll.txt -R "(UserPrincipalName=*)"

 



To collect the LDAP with specific attributes ("ObjectGuid, UserPrincipalName,Name):

To collect the LDAP information for affected user in the local Active Directory run the command from the main Domain Controller:

Ldifde -F LdapExport.txt -R "(NAME=*AffectedAliasHere*)" -L "ObjectGuid, UserPrincipalName"

 

To collect the local LDAP for all local AD users in the domain controller run the command without any modifications below:

Ldifde -F LdapExport.txt -R "(NAME=*)" -L "ObjectGuid, UserPrincipalName,NAME"

​ 



Ldifde -F Name.txt -R "Name=*Alias*" -P Subtree

Ldifde -F Mail.txt -R "Mail=​*Alias*" -P Subtree

Ldifde -F UserPrincipalName.txt -R "UserPrincipalName=*Alias*" -P Subtree


Ldifde -F UserPrincipalName.txt -D "DC=LocalDomain,DC=Com" -R "UserPrincipalName=*UserAlias*" -P Subtree

Ldifde -F mail.txt -D "DC=LocalDomain,DC=local" -R "mail=*UserAlias*" -P Subtree

 Ldifde –r (UserPrincipalName=user@example.com) –l ObjectGUID –f Output.txt​

Ldifde -F UserPrincipalName.txt -D "DC=EducationDomain,DC=edu,DC=us" -R "UserPrincipalName=*UserAlias*" -P Subtree

Ldifde -F sAMAccountName.txt -D "DC=LocalDomain,DC=com" -R "sAMAccountName=*UserAlias*" -P Subtree

Ldifde -F mailNickname.txt -D "DC=LocalDomain,DC=us" -R "mailNickname=*UserAlias*" -P Subtree

image003.jpg