Insert users into Active Directory

Question

I am trying to determine how to best insert users into active directory from a SQL server table.

I figured I could use the LDAP sever to do a insert, but the research iv done would suggest otherwise and that I could only pull data from active directory to SQL server.

Then I thought I could use a python program to query the table and spit out a CSV file to then do a bulk insert but I am not sure if this would modify existing users if data changes.

Any insight would be appreciated

Answer 1

Here's a general idea of the algorithm:

1. Load user data from SQL Server
2. Convert it into an LDIF (LDAP Data Interchange Format) file
3. Import the LDIF file into Active Directory using the LDIFDE command-line tool

Python, or any other programming language, can help you with step 2. Notice that the details of the conversion are very specific to how your data is represented. You'll have to carefully map each data base field into an LDAP attribute, and determine the classes to be used in the LDAP objects.

Will the above modify existing users? yes, of course. You could write the LDIF in such a way that it updates the existing data, or if that's a problem you could verify first if an user exists in the Active Directory and don't add those changes to the LDIF file.

Alternatively

You could use CSVDE for importing data in CSV format, but anyway you'll have to design a mapping strategy for each one of the fields that you want to import into Active Directory.