Using ldifde (for Active Directory/AD LDS)

Below are instructions for performing a simple ldifde to verify successful LDAP authentication and/or read a sample of source data.

ldifde is a utility included with Windows Server 20xx, and may be available for free download elsewhere. If your directory is IBM/Domino/Lotus Notes, refer to our article on using ldapsearch instead.

From a command prompt, cd to the install location and execute the following, replacing parameters -f -s -d -r -a -l with same values as in use by the problematic connection:

To pull ALL attributes of all objects (authenticating as logged in user):
ldifde -f export.ldf -s hostname

To pull ALL attributes of all objects (specify user/pw for authentication):
ldifde -f export.ldf -s server -d “OU=MyContacts,DC=Acme,dc=com” -a “cn=yourname,cn=Users,dc=acme,dc=com” YourPasswordHere

To pull a ALL attributes of specific object(s) using a -r query:
ldifde -f export.ldf -s server -d “OU=MyContacts,DC=Acme,dc=com” -r “(objectClass=User)” -a “cn=yourname,cn=Users,dc=acme,dc=com” YourPasswordHere

To pull ALL attributes of a single object using a -r query:
ldifde -f export.ldf -s server -d “OU=MyContacts,OU=EDS,DC=Acme,dc=com” -r “(mail=joe@domain.com)”

To pull specified attributes add the -l parameter to any of the above:
ldifde -f export.ldf -s server -d “OU=MyContacts,OU=EDS,DC=Acme,dc=com” -r “(objectClass=User)” -l “cn,objectclass,ou,mail,sn”

To pull the rootdse of the target server

ldifde -f rootdse.txt -d “” -r “(objectclass=*)” -p base -s 127.0.0.1

NOTE: If the result is an error you have confirmed a basic inability to query the Source directory using the specified port and login.