How to perform AD Users bulk update

Performing AD users bulk update may be a fairly simple task in a small organization however if you are working in an Enterprise level and want to update / edit certain fields in the Active Directory Users in bulk then you can leverage the steps mentioned in this article. There may be several different approaches that you can take in order to accomplish this task, naming a few, PowerShell, VBScript, third party tools etc. We would be discussing on one of the inbuilt tools within Windows that can be used to get this job done.

LDIFDE if a famous utility when it comes to importing / exporting the content from the Active Directory and its usage is also fairly simple. The LDAP Data Interchange Format (LDIF) is a draft Internet standard for a file format that may be used for performing batch operations against directories that conform to the LDAP standards. You can read more about this utility here:

In our scenario, we would be focusing on how to export the data out of the AD, modifying it and then importing it back so you get the desired results. Before we begin, we should make sure that we have healthy backup of the server that you are working on, I would suggest a good System State Backup since we would be touching the AD directly using LDIFDE.

Let’s talk about the general parameters that we would be using in our scenario. You can get the complete list of parameters by running ldifde ? on the command prompt.

We would be using the following parameters for the Export process:-

-f filename          Input or Output filename

-d RootDN          The root of the LDAP search (Default to Naming Context)

-m                      Enable the SAM logic on export

The command would look something like this:

Ldifde –m –f “C:Export.ldf” –d “dc=export,dc=com”

This would create an ldf file on the root of C drive with the name Export.ldf. You can give it a different name and txt extension as well while running the command.

Once you have the data that you need to edit, open the output (Export.ldf here) in a text editor like notepad and edit the fields that you would want to update and save that file.

In order to import this file you would need to use the following parameters:-

-i                       Turn on Import Mode (The default is Export)

-f filename          Input or Output filename

-s servername    The server to bind to

The command would look something like this:

ldifde -i -f Export.ldf –s Servername


This should update the changes in the AD that you made in the .ldf file as per your need for all the users that you changed it for. As we mentioned earlier in this article, this is not the only way of updating the AD Users in bulk. You can use the PowerShell and other scripting ways as well to get the job done. This is one of the straight-forward ways of doing it. The article mentioned above talks about various other parameters that can be utilized to go much deeper with the utility.