Deleting from the schema isn't difficult, it is completely unsupported. You just don't even want to think about it. I don't like having to say that because I think it should be allowed if all of the up front work was done but that is where we currently are.
You can generate an LDIF file and tell it the specific attributes you want exported that you know you can reimport which are things like SIDs, etc. Things like passwords you will want but you won't get. Any linked attribute usage will be fun to deal with, you will need to run multiple passes for that kind of stuff. For instance with groups you will want to make sure all of the users and the groups themselves exist prior to populating group membership. If you are using linked attributes on users (say like managedby/manager type stuff) then you will have to do a double pass on users as well. Alternatively you could look at IIFP/MIIS/LDSU or other LDAP sync type app and just specify the attribs you want moved. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Monday, February 06, 2006 2:10 PM To: [email protected] Subject: Re: [ActiveDir] Transferring records from one ADAM server to a new ADAM server We are using the server move as an opportunity to clean up the schema and remove some attributes which are no longer needed. From everything I have read, deleting them from an existing schema is difficult, so we wanted to rebuild the schema from scratch on the new server, then copy the objects over. Does this make sense? > Wouldn't it make more sense to replicate it over vs. transferring it > like that? Al On 2/3/06, Greg Nims <[EMAIL PROTECTED]> wrote: > > > We are looking to transfer all of our records from one server to a new > server. We took this time to clean up the schema to remove some dead > attributes. What is a good way to transfer all the records? > We used ldifde to create an LDIF file, but it includes a lot of > attributes like PwdLastSet that we aren't sure will come over correctly. > > Any pointers would be great. > > Thanks, > > Greg List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
