diff options
author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-08-26 03:51:45 +0200 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2009-09-07 08:37:23 +0200 |
commit | 931aa4e8bd83e515b992d3df726c5804d941de64 (patch) | |
tree | b18d55121c1d6999a3ff4b8de88eb2d2f2355386 | |
parent | 43c766a14a5eeed80e57bae9fde21eb2b542c209 (diff) | |
download | samba-931aa4e8bd83e515b992d3df726c5804d941de64.tar.gz samba-931aa4e8bd83e515b992d3df726c5804d941de64.tar.bz2 samba-931aa4e8bd83e515b992d3df726c5804d941de64.zip |
s4:provision - Change the "provision_users.ldif" file to support the "samldb" changes
The "provision_users.ldif" file needs some rework to pass against the changed
and improved "samldb" module (see next commit).
-rw-r--r-- | source4/setup/provision_users.ldif | 61 |
1 files changed, 35 insertions, 26 deletions
diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index 041262de14..8669d8a4e6 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -1,3 +1,24 @@ +# Add default primary groups (domain users, domain guests) - needed for +# the users to find valid primary groups (samldb module) + +dn: CN=Domain Users,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +description: All domain users +objectSid: ${DOMAINSID}-513 +sAMAccountName: Domain Users +isCriticalSystemObject: TRUE + +dn: CN=Domain Guests,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +description: All domain guests +objectSid: ${DOMAINSID}-514 +sAMAccountName: Domain Guests +isCriticalSystemObject: TRUE + +# Add users + dn: CN=Administrator,CN=Users,${DOMAINDN} objectClass: user description: Built-in account for administering the computer/domain @@ -18,16 +39,6 @@ objectSid: ${DOMAINSID}-501 sAMAccountName: Guest isCriticalSystemObject: TRUE -dn: CN=Enterprise Admins,CN=Users,${DOMAINDN} -objectClass: top -objectClass: group -description: Designated administrators of the enterprise -member: CN=Administrator,CN=Users,${DOMAINDN} -objectSid: ${DOMAINSID}-519 -adminCount: 1 -sAMAccountName: Enterprise Admins -isCriticalSystemObject: TRUE - dn: CN=krbtgt,CN=Users,${DOMAINDN} objectClass: top objectClass: person @@ -44,6 +55,18 @@ servicePrincipalName: kadmin/changepw userPassword:: ${KRBTGTPASS_B64} isCriticalSystemObject: TRUE +# Add other groups + +dn: CN=Enterprise Admins,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +description: Designated administrators of the enterprise +member: CN=Administrator,CN=Users,${DOMAINDN} +objectSid: ${DOMAINSID}-519 +adminCount: 1 +sAMAccountName: Enterprise Admins +isCriticalSystemObject: TRUE + dn: CN=Domain Computers,CN=Users,${DOMAINDN} objectClass: top objectClass: group @@ -90,22 +113,6 @@ adminCount: 1 sAMAccountName: Domain Admins isCriticalSystemObject: TRUE -dn: CN=Domain Users,CN=Users,${DOMAINDN} -objectClass: top -objectClass: group -description: All domain users -objectSid: ${DOMAINSID}-513 -sAMAccountName: Domain Users -isCriticalSystemObject: TRUE - -dn: CN=Domain Guests,CN=Users,${DOMAINDN} -objectClass: top -objectClass: group -description: All domain guests -objectSid: ${DOMAINSID}-514 -sAMAccountName: Domain Guests -isCriticalSystemObject: TRUE - dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN} objectClass: top objectClass: group @@ -391,6 +398,8 @@ systemFlags: -1946157056 groupType: -2147483643 isCriticalSystemObject: TRUE +# Add well known security principals + dn: CN=WellKnown Security Principals,${CONFIGDN} objectClass: top objectClass: container |