| Author | Messages | |
DhirajHaritwal
Posts:183
 | | 04/06/2010 11:43 AM |
| Hi,
I am trying to import user ID's in AD with CSVDE but due to our Password Policy it's giving password complexity error. Can I define default password in CSV file to import with CSVDE or LDIFDE. Or how can I import users from a csv file with DSADD USER command which is having password switch.
Dhiraj
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
| | | |
| rwilper
Posts:39
| | 04/06/2010 4:02 PM |
| With LDIFDE, you can specify a password in unicodePwd when importing, I would guess that it is the same with CSVDE (Base64 encoded string)
You MUST specify the SSL ldap port when importing to set password. (-t 636)
-Ross
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 3:42 AM
To: activedir@mail.activedir.org
Subject: [ActiveDir] Import AD Users from CSV File
Hi,
I am trying to import user ID's in AD with CSVDE but due to our Password Policy it's giving password complexity error. Can I define default password in CSV file to import with CSVDE or LDIFDE. Or how can I import users from a csv file with DSADD USER command which is having password switch.
Dhiraj
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
| | | |
| skradel
Posts:216
| | 04/06/2010 5:17 PM |
| A side note on stuffing values into unicodePwd... you need to base64-encode
the UTF-16-LittleEndian bytes of "password" *including the quotes*.
In pseudocode, base64string(utf16le("\"password\"")). This is a real
bafflement if you're accustomed to UTF-8 and no superfluous quotes for most
every other attribute.
You can also use TLS / Kerberos with the -h switch instead of LDAPS/636.
--Steve
On Tue, Apr 6, 2010 at 10:59 AM, Wilper, Ross A <rwilper@stanford.edu>wrote:
> With LDIFDE, you can specify a password in unicodePwd when importing, I
> would guess that it is the same with CSVDE (Base64 encoded string)
>
>
>
> You MUST specify the SSL ldap port when importing to set password. (-t 636)
>
>
>
> -Ross
>
>
>
> *From:* activedir-owner@mail.activedir.org [mailto:
> activedir-owner@mail.activedir.org] *On Behalf Of *Haritwal, Dhiraj
> *Sent:* Tuesday, April 06, 2010 3:42 AM
> *To:* activedir@mail.activedir.org
> *Subject:* [ActiveDir] Import AD Users from CSV File
>
>
>
> Hi,
>
>
>
> I am trying to import user ID’s in AD with CSVDE but due to our Password
> Policy it’s giving password complexity error. Can I define default password
> in CSV file to import with CSVDE or LDIFDE. Or how can I import users from a
> csv file with DSADD USER command which is having password switch.
>
>
>
>
>
> Dhiraj
>
>
>
>
> ------------------------------
>
> This email is confidential and intended only for the use of the individual
> or entity named above and may contain information that is privileged. If you
> are not the intended recipient, you are notified that any dissemination,
> distribution or copying of this email is strictly prohibited. If you have
> received this email in error, please notify us immediately by return email
> or telephone and destroy the original message. - This mail is sent via Sony
> Asia Pacific Mail Gateway..
>
| | | |
| DhirajHaritwal
Posts:183
| | 04/07/2010 7:47 AM |
| Thanks Steve/Ross,
Can you send me a sample code. Do you mean I have to use password from csv file or on the command itself, have to set password. I can't use csvde due to our Password Policy.
Dhiraj
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Steve Kradel
Sent: Tuesday, April 06, 2010 9:46 PM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Import AD Users from CSV File
A side note on stuffing values into unicodePwd... you need to base64-encode the UTF-16-LittleEndian bytes of "password" *including the quotes*.
In pseudocode, base64string(utf16le("\"password\"")). This is a real bafflement if you're accustomed to UTF-8 and no superfluous quotes for most every other attribute.
You can also use TLS / Kerberos with the -h switch instead of LDAPS/636.
--Steve
On Tue, Apr 6, 2010 at 10:59 AM, Wilper, Ross A <rwilper@stanford.edu<mailto:rwilper@stanford.edu>> wrote:
With LDIFDE, you can specify a password in unicodePwd when importing, I would guess that it is the same with CSVDE (Base64 encoded string)
You MUST specify the SSL ldap port when importing to set password. (-t 636)
-Ross
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 3:42 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: [ActiveDir] Import AD Users from CSV File
Hi,
I am trying to import user ID's in AD with CSVDE but due to our Password Policy it's giving password complexity error. Can I define default password in CSV file to import with CSVDE or LDIFDE. Or how can I import users from a csv file with DSADD USER command which is having password switch.
Dhiraj
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
| | | |
| rwilper
Posts:39
| | 04/07/2010 3:47 PM |
| Some Windows PERL code - The text file needs to be in UNICODE format and contain a password in quotes, of course. If you are working on UNIX, then the "endian"-ness comes into play
use MIME::Base64 qw(encode_base64);
open(FILE, "newpassword.txt") or die "$!";
read(FILE,$buf,2);
while (read(FILE, $buf, 60*57)) {
#print encode_base64($buf);
$encoded = $encoded.encode_base64($buf);
}
$encoded =~ s/\n//g;
#This adds the unicodePWD attribute to .ldif file
print BAR "unicodePWD::$encoded\n";
Thanks Steve for the TLS note. I had assumed that that worked, but had not tried it, so I did not know for sure.
-Ross
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 11:46 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Import AD Users from CSV File
Thanks Steve/Ross,
Can you send me a sample code. Do you mean I have to use password from csv file or on the command itself, have to set password. I can't use csvde due to our Password Policy.
Dhiraj
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Steve Kradel
Sent: Tuesday, April 06, 2010 9:46 PM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Import AD Users from CSV File
A side note on stuffing values into unicodePwd... you need to base64-encode the UTF-16-LittleEndian bytes of "password" *including the quotes*.
In pseudocode, base64string(utf16le("\"password\"")). This is a real bafflement if you're accustomed to UTF-8 and no superfluous quotes for most every other attribute.
You can also use TLS / Kerberos with the -h switch instead of LDAPS/636.
--Steve
On Tue, Apr 6, 2010 at 10:59 AM, Wilper, Ross A <rwilper@stanford.edu<mailto:rwilper@stanford.edu>> wrote:
With LDIFDE, you can specify a password in unicodePwd when importing, I would guess that it is the same with CSVDE (Base64 encoded string)
You MUST specify the SSL ldap port when importing to set password. (-t 636)
-Ross
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 3:42 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: [ActiveDir] Import AD Users from CSV File
Hi,
I am trying to import user ID's in AD with CSVDE but due to our Password Policy it's giving password complexity error. Can I define default password in CSV file to import with CSVDE or LDIFDE. Or how can I import users from a csv file with DSADD USER command which is having password switch.
Dhiraj
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
| | | |
| DhirajHaritwal
Posts:183
| | 04/07/2010 5:02 PM |
| Thanks! Ross, but I am working with windows so will the same script work there.
Dhiraj
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Wilper, Ross A
Sent: Wednesday, April 07, 2010 8:16 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Import AD Users from CSV File
Some Windows PERL code - The text file needs to be in UNICODE format and contain a password in quotes, of course. If you are working on UNIX, then the "endian"-ness comes into play
use MIME::Base64 qw(encode_base64);
open(FILE, "newpassword.txt") or die "$!";
read(FILE,$buf,2);
while (read(FILE, $buf, 60*57)) {
#print encode_base64($buf);
$encoded = $encoded.encode_base64($buf);
}
$encoded =~ s/\n//g;
#This adds the unicodePWD attribute to .ldif file
print BAR "unicodePWD::$encoded\n";
Thanks Steve for the TLS note. I had assumed that that worked, but had not tried it, so I did not know for sure.
-Ross
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 11:46 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Import AD Users from CSV File
Thanks Steve/Ross,
Can you send me a sample code. Do you mean I have to use password from csv file or on the command itself, have to set password. I can't use csvde due to our Password Policy.
Dhiraj
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Steve Kradel
Sent: Tuesday, April 06, 2010 9:46 PM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Import AD Users from CSV File
A side note on stuffing values into unicodePwd... you need to base64-encode the UTF-16-LittleEndian bytes of "password" *including the quotes*.
In pseudocode, base64string(utf16le("\"password\"")). This is a real bafflement if you're accustomed to UTF-8 and no superfluous quotes for most every other attribute.
You can also use TLS / Kerberos with the -h switch instead of LDAPS/636.
--Steve
On Tue, Apr 6, 2010 at 10:59 AM, Wilper, Ross A <rwilper@stanford.edu<mailto:rwilper@stanford.edu>> wrote:
With LDIFDE, you can specify a password in unicodePwd when importing, I would guess that it is the same with CSVDE (Base64 encoded string)
You MUST specify the SSL ldap port when importing to set password. (-t 636)
-Ross
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 3:42 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: [ActiveDir] Import AD Users from CSV File
Hi,
I am trying to import user ID's in AD with CSVDE but due to our Password Policy it's giving password complexity error. Can I define default password in CSV file to import with CSVDE or LDIFDE. Or how can I import users from a csv file with DSADD USER command which is having password switch.
Dhiraj
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
| | | |
| barkills
Posts:214
| | 04/07/2010 6:43 PM |
| Yep, that's why he said Windows PERL code. You, of course, need to install PERL, but it works just fine on Windows.
Or as someone else has already said, you can find another similar solution in another language you are more comfortable with.
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Haritwal, Dhiraj
Sent: Wednesday, April 07, 2010 9:02 AM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Import AD Users from CSV File
Thanks! Ross, but I am working with windows so will the same script work there.
Dhiraj
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Wilper, Ross A
Sent: Wednesday, April 07, 2010 8:16 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Import AD Users from CSV File
Some Windows PERL code - The text file needs to be in UNICODE format and contain a password in quotes, of course. If you are working on UNIX, then the "endian"-ness comes into play
use MIME::Base64 qw(encode_base64);
open(FILE, "newpassword.txt") or die "$!";
read(FILE,$buf,2);
while (read(FILE, $buf, 60*57)) {
#print encode_base64($buf);
$encoded = $encoded.encode_base64($buf);
}
$encoded =~ s/\n//g;
#This adds the unicodePWD attribute to .ldif file
print BAR "unicodePWD::$encoded\n";
Thanks Steve for the TLS note. I had assumed that that worked, but had not tried it, so I did not know for sure.
-Ross
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 11:46 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Import AD Users from CSV File
Thanks Steve/Ross,
Can you send me a sample code. Do you mean I have to use password from csv file or on the command itself, have to set password. I can't use csvde due to our Password Policy.
Dhiraj
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Steve Kradel
Sent: Tuesday, April 06, 2010 9:46 PM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Import AD Users from CSV File
A side note on stuffing values into unicodePwd... you need to base64-encode the UTF-16-LittleEndian bytes of "password" *including the quotes*.
In pseudocode, base64string(utf16le("\"password\"")). This is a real bafflement if you're accustomed to UTF-8 and no superfluous quotes for most every other attribute.
You can also use TLS / Kerberos with the -h switch instead of LDAPS/636.
--Steve
On Tue, Apr 6, 2010 at 10:59 AM, Wilper, Ross A <rwilper@stanford.edu<mailto:rwilper@stanford.edu>> wrote:
With LDIFDE, you can specify a password in unicodePwd when importing, I would guess that it is the same with CSVDE (Base64 encoded string)
You MUST specify the SSL ldap port when importing to set password. (-t 636)
-Ross
From: activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org> [mailto:activedir-owner@mail.activedir.org<mailto:activedir-owner@mail.activedir.org>] On Behalf Of Haritwal, Dhiraj
Sent: Tuesday, April 06, 2010 3:42 AM
To: activedir@mail.activedir.org<mailto:activedir@mail.activedir.org>
Subject: [ActiveDir] Import AD Users from CSV File
Hi,
I am trying to import user ID's in AD with CSVDE but due to our Password Policy it's giving password complexity error. Can I define default password in CSV file to import with CSVDE or LDIFDE. Or how can I import users from a csv file with DSADD USER command which is having password switch.
Dhiraj
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
________________________________
This email is confidential and intended only for the use of the individual or entity named above and may contain information that is privileged. If you are not the intended recipient, you are notified that any dissemination, distribution or copying of this email is strictly prohibited. If you have received this email in error, please notify us immediately by return email or telephone and destroy the original message. - This mail is sent via Sony Asia Pacific Mail Gateway..
| | | |
|
|