There is an open source project called OpenDS that contains a nice tool called make-ldif.

make-ldif takes a template file and generates an LDIF file that contains the amount of entries you specify in the template.

To get started with make-ldif do the following:

First go to and install OpenDS, I recommend you have the latest Java 1.6.0 version installed.

The installation is pretty straightforward since it uses Java Web Start and I won’t cover it here.

I installed OpenDS into E:\OpenDS on my Windows machine.

Under OpenDS\bat you can find the make-ldif.bat tool.
Under OpenDS\config\MakeLDIF you can find the template files.

Remember those two locations.

Go into the OpenDS\config\MakeLDIF directory and make a copy of example.template that you will edit.
Open the copy in a text editor.

The template looks something like this:

define suffix=o=ACME,C=US
define numusers=10001

branch: [suffix]

branch: ou=People,[suffix]
subordinateTemplate: person:[numusers]

template: person
rdnAttr: uid
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
givenName: <first>
sn: <last>
cn: {givenName} {sn}
initials: {givenName:1}<random:chars:ABCDEFGHIJKLMNOPQRSTUVWXYZ:1>{sn:1}
employeeNumber: <sequential:0>
uid: user.{employeeNumber}
mail: {uid}@[maildomain]
userPassword: password
telephoneNumber: <random:telephone>
homePhone: <random:telephone>
pager: <random:telephone>
mobile: <random:telephone>
street: <random:numeric:5> <file:streets> Street
l: <file:cities>
st: <file:states>
postalCode: <random:numeric:5>
postalAddress: {cn}${street}${l}, {st}  {postalCode}
description: This is the description for {cn}.

To make sure it works with eDirectory I had to edit it.

I’ve added another objectClass value just to be sure: ndsLoginProperties

Then I changed all instances of employeeNumber into workforceID (there are two of them in the file):

employeeNumber: <sequential:0>
uid: user.{employeeNumber}


workforceID: <sequential:0>
uid: user.{workforceID}

When you are satisfied with the look of the template change the following row:
define numusers=10001
to a value that creates the number of entries you need, maybe 5 million???

The next step is to run the make-ldif command, open a command prompt and CD into the OpenDS\bat directory.

Run the following command:

make-ldif -o C:\Test.ldif -t E:\OpenDS\config\MakeLDIF\MyNewTemplate.template

It will create an LDIF containing all of your new entries that you can then import into eDirectory with ICE or what I would use, the ldif2dib tool.

More info about make-ldif can be found here:

Info about the template files:

Info about ldif2dib:

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Categories: Uncategorized

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
May 4, 2010
2:51 pm
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow