summaryrefslogtreecommitdiff
path: root/source4/setup/provision_basedn_modify.ldif
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-17 16:00:55 +0200
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2009-09-17 18:27:31 +0200
commit4fa327a19f3da86df0fa7e63a66b5ee352de2c5d (patch)
tree266354064f52802150d89ec791e965dbecc3ddd5 /source4/setup/provision_basedn_modify.ldif
parentd237022f91997e11c73ba49438499e5431b00443 (diff)
downloadsamba-4fa327a19f3da86df0fa7e63a66b5ee352de2c5d.tar.gz
samba-4fa327a19f3da86df0fa7e63a66b5ee352de2c5d.tar.bz2
samba-4fa327a19f3da86df0fa7e63a66b5ee352de2c5d.zip
s4:provision - Some rework
- Add/change "wellKnownObjects" attributes - Order entries in "provision_basedn_modify.ldif" - Add/change "delete entries" object under BASEDN and CONFIGDN - Fix default version number of "Default domain policy" group policy - Add "domain updates" objects for interoperability with MS AD maintaining tools - Show version number in the "oEMInformation" attribute (suggested by ekacnet) - Smaller fixups
Diffstat (limited to 'source4/setup/provision_basedn_modify.ldif')
-rw-r--r--source4/setup/provision_basedn_modify.ldif82
1 files changed, 55 insertions, 27 deletions
diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif
index 4dd75bb1e2..a9d1716151 100644
--- a/source4/setup/provision_basedn_modify.ldif
+++ b/source4/setup/provision_basedn_modify.ldif
@@ -4,9 +4,22 @@
dn: ${DOMAINDN}
changetype: modify
-
+replace: auditingPolicy
+auditingPolicy: 
+-
+replace: creationTime
+creationTime: ${CREATTIME}
+-
replace: forceLogoff
forceLogoff: -9223372036854775808
-
+# "fSMORoleOwner" filled in later
+replace: gPLink
+gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0]
+-
+replace: isCriticalSystemObject
+isCriticalSystemObject: TRUE
+-
replace: lockoutDuration
lockoutDuration: -18000000000
-
@@ -16,69 +29,84 @@ lockOutObservationWindow: -18000000000
replace: lockoutThreshold
lockoutThreshold: 0
-
+# "masteredBy" filled in later
replace: maxPwdAge
maxPwdAge: -37108517437440
-
+# FIXME: This should be "-864000000000" when we fully comply with passwords pol.
replace: minPwdAge
minPwdAge: 0
-
replace: minPwdLength
minPwdLength: 7
-
+replace: modifiedCount
+modifiedCount: 1
+-
replace: modifiedCountAtLastProm
modifiedCountAtLastProm: 0
-
-replace: nextRid
-nextRid: 1000
+replace: msDS-AllUsersTrustQuota
+msDS-AllUsersTrustQuota: 1000
-
-replace: pwdProperties
-pwdProperties: 1
+replace: msDS-Behavior-Version
+msDS-Behavior-Version: ${DOMAIN_FUNCTIONALITY}
-
-replace: pwdHistoryLength
-pwdHistoryLength: 24
+replace: ms-DS-MachineAccountQuota
+ms-DS-MachineAccountQuota: 10
-
-replace: objectSid
-objectSid: ${DOMAINSID}
+# "msDs-masteredBy" filled in later
+replace: msDS-PerUserTrustQuota
+msDS-PerUserTrustQuota: 1
-
-replace: oEMInformation
-oEMInformation: Provisioned by Samba4: ${LDAPTIME}
+replace: msDS-PerUserTrustTombstonesQuota
+msDS-PerUserTrustTombstonesQuota: 10
-
-replace: serverState
-serverState: 1
+replace: nextRid
+nextRid: 1000
-
replace: nTMixedDomain
nTMixedDomain: 0
-
-replace: msDS-Behavior-Version
-msDS-Behavior-Version: ${DOMAIN_FUNCTIONALITY}
+replace: objectSid
+objectSid: ${DOMAINSID}
-
-replace: ridManagerReference
-ridManagerReference: CN=RID Manager$,CN=System,${DOMAINDN}
+# This exists only in SAMBA
+replace: oEMInformation
+oEMInformation: Provisioned by SAMBA ${SAMBA_VERSION_STRING}
-
-replace: uASCompat
-uASCompat: 1
+replace: pwdProperties
+pwdProperties: 1
-
-replace: modifiedCount
-modifiedCount: 1
+replace: pwdHistoryLength
+pwdHistoryLength: 24
-
-replace: systemFlags
-systemFlags: -1946157056
+replace: rIDManagerReference
+rIDManagerReference: CN=RID Manager$,CN=System,${DOMAINDN}
+-
+replace: serverState
+serverState: 1
-
replace: subRefs
subRefs: ${CONFIGDN}
-
-replace: gPLink
-gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0]
+replace: systemFlags
+systemFlags: -1946157056
+-
+replace: uASCompat
+uASCompat: 1
-
replace: wellKnownObjects
+wellKnownObjects: B:32:6227f0af1fc2410d8e3bb10615bb5b0f:CN=NTDS Quotas,${DOMAINDN}
+wellKnownObjects: B:32:f4be92a4c777485e878e9421d53087db:CN=Microsoft,CN=Program Data,${DOMAINDN}
+wellKnownObjects: B:32:09460c08ae1e4a4ea0f64aee7daa1e5a:CN=Program Data,${DOMAINDN}
wellKnownObjects: B:32:22b70c67d56e4efb91e9300fca3dc1aa:CN=ForeignSecurityPrincipals,${DOMAINDN}
+wellKnownObjects: B:32:18e2ea80684f11d2b9aa00c04f79f805:CN=Deleted Objects,${DOMAINDN}
wellKnownObjects: B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,${DOMAINDN}
+wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,${DOMAINDN}
wellKnownObjects: B:32:ab1d30f3768811d1aded00c04fd8d5cd:CN=System,${DOMAINDN}
wellKnownObjects: B:32:a361b2ffffd211d1aa4b00c04fd7d83a:OU=Domain Controllers,${DOMAINDN}
wellKnownObjects: B:32:aa312825768811d1aded00c04fd8d5cd:CN=Computers,${DOMAINDN}
wellKnownObjects: B:32:a9d1ca15768811d1aded00c04fd8d5cd:CN=Users,${DOMAINDN}
-
-replace: isCriticalSystemObject
-isCriticalSystemObject: TRUE
--
${DOMAINGUID_MOD}
generated by cgit (git 2.34.1) at 2024-05-20 16:57:42 +0000