Microsoft ADAM provides a nice LDIF export tool, roughly equivalent to ldapsearch, called ldifde. However, the ADAM directory itself tracks a number of internal attributes that will cause a subsequent import of a generated LDIF to fail. In order to get a “clean” export, you need to selectively omit, via the -o command line flag, those operational attributes that you’re not interested in exporting (line breaks inserted for readability):
ldifde -f c:\people.ldif
-d "ou=people,dc=xyz,dc=com"
-s localhost
-t 389
-r "(objectclass=*)"
-o "whenCreated,whenChanged,uSNCreated,
uSNChanged,name,objectGUID,badPwdCount,
badPasswordTime,pwdLastSet,objectSid,objectCategory,
dSCorePropagationData,lastLogonTimestamp,
distinguishedName,instanceType,lockoutTime"
The output generated by the command can now be cleanly imported into another ldap directory, or into a separate ADAM instance using a simple import:
ldifde -i -f c:\people.ldif -s localhost -t 389