summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-08-26 03:51:45 +0200
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-07 08:37:23 +0200
commit931aa4e8bd83e515b992d3df726c5804d941de64 (patch)
treeb18d55121c1d6999a3ff4b8de88eb2d2f2355386
parent43c766a14a5eeed80e57bae9fde21eb2b542c209 (diff)
downloadsamba-931aa4e8bd83e515b992d3df726c5804d941de64.tar.gz
samba-931aa4e8bd83e515b992d3df726c5804d941de64.tar.bz2
samba-931aa4e8bd83e515b992d3df726c5804d941de64.zip
s4:provision - Change the "provision_users.ldif" file to support the "samldb" changes
The "provision_users.ldif" file needs some rework to pass against the changed and improved "samldb" module (see next commit).
-rw-r--r--source4/setup/provision_users.ldif61
1 files changed, 35 insertions, 26 deletions
diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif
index 041262de14..8669d8a4e6 100644
--- a/source4/setup/provision_users.ldif
+++ b/source4/setup/provision_users.ldif
@@ -1,3 +1,24 @@
+# Add default primary groups (domain users, domain guests) - needed for
+# the users to find valid primary groups (samldb module)
+
+dn: CN=Domain Users,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+description: All domain users
+objectSid: ${DOMAINSID}-513
+sAMAccountName: Domain Users
+isCriticalSystemObject: TRUE
+
+dn: CN=Domain Guests,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+description: All domain guests
+objectSid: ${DOMAINSID}-514
+sAMAccountName: Domain Guests
+isCriticalSystemObject: TRUE
+
+# Add users
+
dn: CN=Administrator,CN=Users,${DOMAINDN}
objectClass: user
description: Built-in account for administering the computer/domain
@@ -18,16 +39,6 @@ objectSid: ${DOMAINSID}-501
sAMAccountName: Guest
isCriticalSystemObject: TRUE
-dn: CN=Enterprise Admins,CN=Users,${DOMAINDN}
-objectClass: top
-objectClass: group
-description: Designated administrators of the enterprise
-member: CN=Administrator,CN=Users,${DOMAINDN}
-objectSid: ${DOMAINSID}-519
-adminCount: 1
-sAMAccountName: Enterprise Admins
-isCriticalSystemObject: TRUE
-
dn: CN=krbtgt,CN=Users,${DOMAINDN}
objectClass: top
objectClass: person
@@ -44,6 +55,18 @@ servicePrincipalName: kadmin/changepw
userPassword:: ${KRBTGTPASS_B64}
isCriticalSystemObject: TRUE
+# Add other groups
+
+dn: CN=Enterprise Admins,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+description: Designated administrators of the enterprise
+member: CN=Administrator,CN=Users,${DOMAINDN}
+objectSid: ${DOMAINSID}-519
+adminCount: 1
+sAMAccountName: Enterprise Admins
+isCriticalSystemObject: TRUE
+
dn: CN=Domain Computers,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
@@ -90,22 +113,6 @@ adminCount: 1
sAMAccountName: Domain Admins
isCriticalSystemObject: TRUE
-dn: CN=Domain Users,CN=Users,${DOMAINDN}
-objectClass: top
-objectClass: group
-description: All domain users
-objectSid: ${DOMAINSID}-513
-sAMAccountName: Domain Users
-isCriticalSystemObject: TRUE
-
-dn: CN=Domain Guests,CN=Users,${DOMAINDN}
-objectClass: top
-objectClass: group
-description: All domain guests
-objectSid: ${DOMAINSID}-514
-sAMAccountName: Domain Guests
-isCriticalSystemObject: TRUE
-
dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
@@ -391,6 +398,8 @@ systemFlags: -1946157056
groupType: -2147483643
isCriticalSystemObject: TRUE
+# Add well known security principals
+
dn: CN=WellKnown Security Principals,${CONFIGDN}
objectClass: top
objectClass: container