AD tool to Export / Import OUs & Objects?

Oct 28, 2008 at 4:51 PM
Is there any freeware tools that 'easily' Export all (or specified) OU & Objects and then can Import them into another AD?

Need something to backup/copy OUs & Objects from production, to the test lab enviro.

Nov 6, 2008 at 2:49 PM

This can be done with a little bit of effort using dsquery and dsadd (included with Windows 2003 and later).  The only problem you run into is that permissions are not maintained, just names and hierarchy.  And the permissions are usually pretty important when it comes to something working in test, but not in production (at least from my experience).

  1. Use dsquery to export to a text file:  dsquery ou>OUs.txt
  2. Do a find/replace for <production domain dn> (i.e. "dc=contoso,dc=com") with <lab domain dn>.
  3. Import OUs.txt using "for" loop.  for /f "tokens=*" %i in (OUs.txt) do dsadd ou %i

Also check out ADMTv3.  It is designed with migrating from one AD to another in mind and can maintain hierarchy (I'm a little rusty on the hierarchy piece).  Again, it doesn't preserve security configurations on the OUs.

If you want to keep your directory structures in sync over the long run, I'm not aware of any freeware tools that are designed to do that.