summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/lib/ldb/common/ldb_modules.c10
-rw-r--r--source4/lib/ldb/config.mk9
-rw-r--r--source4/lib/ldb/modules/rdn_name.c276
-rw-r--r--source4/lib/ldb/modules/timestamps.c37
-rw-r--r--source4/setup/provision.ldif51
-rw-r--r--source4/setup/provision_init.ldif2
-rw-r--r--source4/setup/provision_templates.ldif10
7 files changed, 312 insertions, 83 deletions
diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c
index dc1a90ebc2..d6213be79a 100644
--- a/source4/lib/ldb/common/ldb_modules.c
+++ b/source4/lib/ldb/common/ldb_modules.c
@@ -199,6 +199,16 @@ int ldb_load_modules(struct ldb_context *ldb, const char *options[])
continue;
}
+ if (strcmp(modules[i], "rdn_name") == 0) {
+ current = rdn_name_module_init(ldb, options);
+ if (!current) {
+ ldb_debug(ldb, LDB_DEBUG_FATAL, "function 'init_module' in %s fails\n", modules[i]);
+ return -1;
+ }
+ DLIST_ADD(ldb->modules, current);
+ continue;
+ }
+
#ifdef _SAMBA_BUILD_
if (strcmp(modules[i], "samldb") == 0) {
current = samldb_module_init(ldb, options);
diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk
index 39bf004e5d..fe339f9e17 100644
--- a/source4/lib/ldb/config.mk
+++ b/source4/lib/ldb/config.mk
@@ -17,6 +17,15 @@ INIT_OBJ_FILES = \
################################################
################################################
+# Start MODULE libldb_rdn_name
+[MODULE::libldb_rdn_name]
+SUBSYSTEM = LIBLDB
+INIT_OBJ_FILES = \
+ lib/ldb/modules/rdn_name.o
+# End MODULE libldb_rdn_name
+################################################
+
+################################################
# Start MODULE libldb_schema
[MODULE::libldb_schema]
SUBSYSTEM = LIBLDB
diff --git a/source4/lib/ldb/modules/rdn_name.c b/source4/lib/ldb/modules/rdn_name.c
new file mode 100644
index 0000000000..6a11ab87fe
--- /dev/null
+++ b/source4/lib/ldb/modules/rdn_name.c
@@ -0,0 +1,276 @@
+/*
+ ldb database library
+
+ Copyright (C) Simo Sorce 2004
+
+ ** NOTE! The following LGPL license applies to the ldb
+ ** library. This does NOT imply that all of Samba is released
+ ** under the LGPL
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+*/
+
+/*
+ * Name: ldb
+ *
+ * Component: ldb objectguid module
+ *
+ * Description: add a unique objectGUID onto every new record
+ *
+ * Author: Simo Sorce
+ */
+
+#include "includes.h"
+#include "ldb/include/ldb.h"
+#include "ldb/include/ldb_private.h"
+#include <time.h>
+
+struct private_data {
+ const char *error_string;
+};
+
+static int rdn_name_search(struct ldb_module *module, const char *base,
+ enum ldb_scope scope, const char *expression,
+ const char * const *attrs, struct ldb_message ***res)
+{
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_search\n");
+ return ldb_next_search(module, base, scope, expression, attrs, res);
+}
+
+static int rdn_name_search_bytree(struct ldb_module *module, const char *base,
+ enum ldb_scope scope, struct ldb_parse_tree *tree,
+ const char * const *attrs, struct ldb_message ***res)
+{
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_search\n");
+ return ldb_next_search_bytree(module, base, scope, tree, attrs, res);
+}
+
+static struct ldb_message_element *rdn_name_find_attribute(const struct ldb_message *msg, const char *name)
+{
+ int i;
+
+ for (i = 0; i < msg->num_elements; i++) {
+ if (ldb_attr_cmp(name, msg->elements[i].name) == 0) {
+ return &msg->elements[i];
+ }
+ }
+
+ return NULL;
+}
+
+static struct ldb_dn_component *get_rdn(void *mem_ctx, const char *dn)
+{
+ struct ldb_dn *dn_exploded = ldb_dn_explode(mem_ctx, dn);
+
+ if (!dn_exploded) {
+ return NULL;
+ }
+
+ if (dn_exploded->comp_num < 1) {
+ return NULL;
+ }
+
+ return &dn_exploded->components[0];
+}
+
+/* add_record: add crateTimestamp/modifyTimestamp attributes */
+static int rdn_name_add_record(struct ldb_module *module, const struct ldb_message *msg)
+{
+ struct ldb_message *msg2;
+ struct ldb_message_element *attribute;
+ struct ldb_dn_component *rdn;
+ int ret, i;
+
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_add_record\n");
+
+ if (msg->dn[0] == '@') { /* do not manipulate our control entries */
+ return ldb_next_add_record(module, msg);
+ }
+
+ /* Perhaps someone above us knows better */
+ if ((attribute = rdn_name_find_attribute(msg, "name")) != NULL ) {
+ return ldb_next_add_record(module, msg);
+ }
+
+ msg2 = talloc(module, struct ldb_message);
+ if (!msg2) {
+ return -1;
+ }
+
+ msg2->dn = msg->dn;
+ msg2->num_elements = msg->num_elements;
+ msg2->private_data = msg->private_data;
+ msg2->elements = talloc_array(msg2, struct ldb_message_element, msg2->num_elements);
+ for (i = 0; i < msg2->num_elements; i++) {
+ msg2->elements[i] = msg->elements[i];
+ }
+
+ rdn = get_rdn(msg2, msg2->dn);
+ if (!rdn) {
+ return -1;
+ }
+
+ if (ldb_msg_add_value(module->ldb, msg2, "name", &rdn->value) != 0) {
+ return -1;
+ }
+
+ ret = ldb_next_add_record(module, msg2);
+ talloc_free(msg2);
+
+ return ret;
+}
+
+/* modify_record: change modifyTimestamp as well */
+static int rdn_name_modify_record(struct ldb_module *module, const struct ldb_message *msg)
+{
+ struct ldb_message *msg2;
+ struct ldb_message_element *attribute;
+ struct ldb_dn_component *rdn;
+ int ret, i;
+
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_modify_record\n");
+
+ /* Perhaps someone above us knows better */
+ if ((attribute = rdn_name_find_attribute(msg, "name")) != NULL ) {
+ return ldb_next_add_record(module, msg);
+ }
+
+ msg2 = talloc(module, struct ldb_message);
+ if (!msg2) {
+ return -1;
+ }
+
+ msg2->dn = msg->dn;
+ msg2->num_elements = msg->num_elements;
+ msg2->private_data = msg->private_data;
+ msg2->elements = talloc_array(msg2, struct ldb_message_element, msg2->num_elements);
+ for (i = 0; i < msg2->num_elements; i++) {
+ msg2->elements[i] = msg->elements[i];
+ }
+
+ rdn = get_rdn(msg2, msg2->dn);
+ if (!rdn) {
+ return -1;
+ }
+
+ if (ldb_msg_add_value(module->ldb, msg2, "name", &rdn->value) != 0) {
+ return -1;
+ }
+
+ attribute = rdn_name_find_attribute(msg2, "name");
+ if (!attribute) {
+ return -1;
+ }
+
+ attribute->flags = LDB_FLAG_MOD_REPLACE;
+
+ ret = ldb_next_modify_record(module, msg2);
+ talloc_free(msg2);
+
+ return ret;
+}
+
+static int rdn_name_delete_record(struct ldb_module *module, const char *dn)
+{
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_delete_record\n");
+ return ldb_next_delete_record(module, dn);
+}
+
+static int rdn_name_rename_record(struct ldb_module *module, const char *olddn, const char *newdn)
+{
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_rename_record\n");
+ return ldb_next_rename_record(module, olddn, newdn);
+}
+
+static int rdn_name_lock(struct ldb_module *module, const char *lockname)
+{
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_lock\n");
+ return ldb_next_named_lock(module, lockname);
+}
+
+static int rdn_name_unlock(struct ldb_module *module, const char *lockname)
+{
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_unlock\n");
+ return ldb_next_named_unlock(module, lockname);
+}
+
+/* return extended error information */
+static const char *rdn_name_errstring(struct ldb_module *module)
+{
+ struct private_data *data = (struct private_data *)module->private_data;
+
+ ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_errstring\n");
+ if (data->error_string) {
+ const char *error;
+
+ error = data->error_string;
+ data->error_string = NULL;
+ return error;
+ }
+
+ return ldb_next_errstring(module);
+}
+
+static int rdn_name_destructor(void *module_ctx)
+{
+ /* struct ldb_module *ctx = module_ctx; */
+ /* put your clean-up functions here */
+ return 0;
+}
+
+static const struct ldb_module_ops rdn_name_ops = {
+ .name = "rdn_name",
+ .search = rdn_name_search,
+ .search_bytree = rdn_name_search_bytree,
+ .add_record = rdn_name_add_record,
+ .modify_record = rdn_name_modify_record,
+ .delete_record = rdn_name_delete_record,
+ .rename_record = rdn_name_rename_record,
+ .named_lock = rdn_name_lock,
+ .named_unlock = rdn_name_unlock,
+ .errstring = rdn_name_errstring
+};
+
+
+/* the init function */
+#ifdef HAVE_DLOPEN_DISABLED
+ struct ldb_module *init_module(struct ldb_context *ldb, const char *options[])
+#else
+struct ldb_module *rdn_name_module_init(struct ldb_context *ldb, const char *options[])
+#endif
+{
+ struct ldb_module *ctx;
+ struct private_data *data;
+
+ ctx = talloc(ldb, struct ldb_module);
+ if (!ctx)
+ return NULL;
+
+ data = talloc(ctx, struct private_data);
+ if (!data) {
+ talloc_free(ctx);
+ return NULL;
+ }
+
+ data->error_string = NULL;
+ ctx->private_data = data;
+ ctx->ldb = ldb;
+ ctx->prev = ctx->next = NULL;
+ ctx->ops = &rdn_name_ops;
+
+ talloc_set_destructor (ctx, rdn_name_destructor);
+
+ return ctx;
+}
diff --git a/source4/lib/ldb/modules/timestamps.c b/source4/lib/ldb/modules/timestamps.c
index c1db85a284..b067d8e8d6 100644
--- a/source4/lib/ldb/modules/timestamps.c
+++ b/source4/lib/ldb/modules/timestamps.c
@@ -60,8 +60,8 @@ static int timestamps_search_bytree(struct ldb_module *module, const char *base,
static int add_time_element(struct ldb_module *module, struct ldb_message *msg,
const char *attr_name, const char *time_string, unsigned int flags)
{
- struct ldb_val *values;
- char *name, *timestr;
+ struct ldb_message_element *attribute = NULL;
+
int i;
for (i = 0; i < msg->num_elements; i++) {
@@ -70,23 +70,22 @@ static int add_time_element(struct ldb_module *module, struct ldb_message *msg,
}
}
- msg->elements = talloc_realloc(msg, msg->elements,
- struct ldb_message_element, msg->num_elements + 1);
- name = talloc_strdup(msg->elements, attr_name);
- timestr = talloc_strdup(msg->elements, time_string);
- values = talloc(msg->elements, struct ldb_val);
- if (!msg->elements || !name || !timestr || !values) {
+ if (ldb_msg_add_string(module->ldb, msg, attr_name, time_string) != 0) {
return -1;
}
- msg->elements[msg->num_elements].name = name;
- msg->elements[msg->num_elements].flags = flags;
- msg->elements[msg->num_elements].num_values = 1;
- msg->elements[msg->num_elements].values = values;
- msg->elements[msg->num_elements].values[0].data = timestr;
- msg->elements[msg->num_elements].values[0].length = strlen(timestr);
+ for (i = 0; i < msg->num_elements; i++) {
+ if (ldb_attr_cmp(attr_name, msg->elements[i].name) == 0) {
+ attribute = &msg->elements[i];
+ break;
+ }
+ }
- msg->num_elements += 1;
+ if (!attribute) {
+ return -1;
+ }
+
+ attribute->flags = flags;
return 0;
}
@@ -196,12 +195,8 @@ static int timestamps_modify_record(struct ldb_module *module, const struct ldb_
add_time_element(module, msg2, "modifyTimestamp", timestr, LDB_FLAG_MOD_REPLACE);
add_time_element(module, msg2, "whenChanged", timestr, LDB_FLAG_MOD_REPLACE);
- if (msg2) {
- ret = ldb_next_modify_record(module, msg2);
- talloc_free(msg2);
- } else {
- ret = ldb_next_modify_record(module, msg);
- }
+ ret = ldb_next_modify_record(module, msg2);
+ talloc_free(msg2);
return ret;
}
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif
index 4fe8cdc38b..c42c73eda4 100644
--- a/source4/setup/provision.ldif
+++ b/source4/setup/provision.ldif
@@ -5,7 +5,6 @@ dn: ${BASEDN}
objectClass: top
objectClass: domain
objectClass: domainDNS
-name: ${DOMAIN}
flatname: ${DOMAIN}
dnsDomain: ${DNSDOMAIN}
dc: ${DOMAIN}
@@ -46,7 +45,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: FALSE
-name: Users
systemFlags: 0x8c000000
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -60,7 +58,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: FALSE
-name: Computers
systemFlags: 0x8c000000
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -74,7 +71,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: FALSE
-name: Domain Controllers
systemFlags: 0x8c000000
objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -88,7 +84,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: FALSE
-name: ForeignSecurityPrincipals
systemFlags: 0x8c000000
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -102,7 +97,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: TRUE
-name: System
systemFlags: 0x8c000000
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -115,7 +109,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: TRUE
-name: RID Manager$
systemFlags: 0x8c000000
objectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -130,7 +123,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: TRUE
-name: DomainUpdates
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN}
@@ -141,7 +133,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: TRUE
-name: Windows2003Update
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
revision: 8
@@ -153,7 +144,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: TRUE
-name: Infrastructure
systemFlags: 0x8c000000
objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -165,7 +155,6 @@ objectClass: builtinDomain
cn: Builtin
instanceType: 4
showInAdvancedViewOnly: FALSE
-name: Builtin
forceLogoff: 0x8000000000000000
lockoutDuration: -18000000000
lockOutObservationWindow: -18000000000
@@ -198,7 +187,6 @@ memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
memberOf: CN=Schema Admins,CN=Users,${BASEDN}
memberOf: CN=Administrators,CN=Builtin,${BASEDN}
uSNChanged: 1
-name: Administrator
userAccountControl: 0x10200
objectSid: ${DOMAINSID}-500
adminCount: 1
@@ -218,7 +206,6 @@ description: Built-in account for guest access to the computer/domain
uSNCreated: 1
memberOf: CN=Guests,CN=Builtin,${BASEDN}
uSNChanged: 1
-name: Guest
userAccountControl: 0x10222
primaryGroupID: 514
objectSid: ${DOMAINSID}-501
@@ -235,7 +222,6 @@ member: CN=Enterprise Admins,CN=Users,${BASEDN}
member: CN=Administrator,CN=Users,${BASEDN}
uSNCreated: 1
uSNChanged: 1
-name: Administrators
objectSid: S-1-5-32-544
adminCount: 1
sAMAccountName: Administrators
@@ -279,7 +265,6 @@ description: Users are prevented from making accidental or intentional system-wi
member: CN=Domain Users,CN=Users,${BASEDN}
uSNCreated: 1
uSNChanged: 1
-name: Users
objectSid: S-1-5-32-545
sAMAccountName: Users
sAMAccountType: 0x20000000
@@ -297,7 +282,6 @@ member: CN=Domain Guests,CN=Users,${BASEDN}
member: CN=Guest,CN=Users,${BASEDN}
uSNCreated: 1
uSNChanged: 1
-name: Guests
objectSid: S-1-5-32-546
sAMAccountName: Guests
sAMAccountType: 0x20000000
@@ -314,7 +298,6 @@ cn: Print Operators
description: Members can administer domain printers
uSNCreated: 1
uSNChanged: 1
-name: Print Operators
objectSid: S-1-5-32-550
adminCount: 1
sAMAccountName: Print Operators
@@ -334,7 +317,6 @@ cn: Backup Operators
description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
uSNCreated: 1
uSNChanged: 1
-name: Backup Operators
objectSid: S-1-5-32-551
adminCount: 1
sAMAccountName: Backup Operators
@@ -355,7 +337,6 @@ cn: Replicator
description: Supports file replication in a domain
uSNCreated: 1
uSNChanged: 1
-name: Replicator
objectSid: S-1-5-32-552
adminCount: 1
sAMAccountName: Replicator
@@ -372,7 +353,6 @@ cn: Remote Desktop Users
description: Members in this group are granted the right to logon remotely
uSNCreated: 1
uSNChanged: 1
-name: Remote Desktop Users
objectSid: S-1-5-32-555
sAMAccountName: Remote Desktop Users
sAMAccountType: 0x20000000
@@ -388,7 +368,6 @@ cn: Network Configuration Operators
description: Members in this group can have some administrative privileges to manage configuration of networking features
uSNCreated: 1
uSNChanged: 1
-name: Network Configuration Operators
objectSid: S-1-5-32-556
sAMAccountName: Network Configuration Operators
sAMAccountType: 0x20000000
@@ -404,7 +383,6 @@ cn: Performance Monitor Users
description: Members of this group have remote access to monitor this computer
uSNCreated: 1
uSNChanged: 1
-name: Performance Monitor Users
objectSid: S-1-5-32-558
sAMAccountName: Performance Monitor Users
sAMAccountType: 0x20000000
@@ -420,7 +398,6 @@ cn: Performance Log Users
description: Members of this group have remote access to schedule logging of performance counters on this computer
uSNCreated: 1
uSNChanged: 1
-name: Performance Log Users
objectSid: S-1-5-32-559
sAMAccountName: Performance Log Users
sAMAccountType: 0x20000000
@@ -437,7 +414,6 @@ objectClass: computer
cn: ${NETBIOSNAME}
uSNCreated: 1
uSNChanged: 1
-name: ${NETBIOSNAME}
objectGUID: ${HOSTGUID}
userAccountControl: 532480
lastLogon: 127273269057298624
@@ -467,7 +443,6 @@ description: Key Distribution Center Service Account
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: TRUE
-name: krbtgt
userAccountControl: 514
pwdLastSet: 127258826179466560
objectSid: ${DOMAINSID}-502
@@ -486,7 +461,6 @@ cn: Domain Computers
description: All workstations and servers joined to the domain
uSNCreated: 1
uSNChanged: 1
-name: Domain Computers
objectSid: ${DOMAINSID}-515
sAMAccountName: Domain Computers
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
@@ -499,7 +473,6 @@ cn: Domain Controllers
description: All domain controllers in the domain
uSNCreated: 1
uSNChanged: 1
-name: Domain Controllers
objectSid: ${DOMAINSID}-516
adminCount: 1
sAMAccountName: Domain Controllers
@@ -513,7 +486,6 @@ description: Designated administrators of the schema
member: CN=Administrator,CN=Users,${BASEDN}
uSNCreated: 1
uSNChanged: 1
-name: Schema Admins
objectSid: ${DOMAINSID}-518
adminCount: 1
sAMAccountName: Schema Admins
@@ -529,7 +501,6 @@ member: CN=Administrator,CN=Users,${BASEDN}
uSNCreated: 1
memberOf: CN=Administrators,CN=Builtin,${BASEDN}
uSNChanged: 1
-name: Enterprise Admins
objectSid: ${DOMAINSID}-519
adminCount: 1
sAMAccountName: Enterprise Admins
@@ -543,7 +514,6 @@ cn: Cert Publishers
description: Members of this group are permitted to publish certificates to the Active Directory
uSNCreated: 1
uSNChanged: 1
-name: Cert Publishers
groupType: 0x80000004
sAMAccountType: 0x20000000
objectSid: ${DOMAINSID}-517
@@ -560,7 +530,6 @@ member: CN=Administrator,CN=Users,${BASEDN}
uSNCreated: 1
memberOf: CN=Administrators,CN=Builtin,${BASEDN}
uSNChanged: 1
-name: Domain Admins
objectSid: ${DOMAINSID}-512
adminCount: 1
sAMAccountName: Domain Admins
@@ -575,7 +544,6 @@ description: All domain users
uSNCreated: 1
memberOf: CN=Users,CN=Builtin,${BASEDN}
uSNChanged: 1
-name: Domain Users
objectSid: ${DOMAINSID}-513
sAMAccountName: Domain Users
isCriticalSystemObject: TRUE
@@ -589,7 +557,6 @@ description: All domain guests
uSNCreated: 1
memberOf: CN=Guests,CN=Builtin,${BASEDN}
uSNChanged: 1
-name: Domain Guests
objectSid: ${DOMAINSID}-514
sAMAccountName: Domain Guests
isCriticalSystemObject: TRUE
@@ -602,7 +569,6 @@ description: Members in this group can modify group policy for the domain
member: CN=Administrator,CN=Users,${BASEDN}
uSNCreated: 1
uSNChanged: 1
-name: Group Policy Creator Owners
objectSid: ${DOMAINSID}-520
sAMAccountName: Group Policy Creator Owners
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
@@ -617,7 +583,6 @@ description: Servers in this group can access remote access properties of users
instanceType: 4
uSNCreated: 1
uSNChanged: 1
-name: RAS and IAS Servers
objectSid: ${DOMAINSID}-553
sAMAccountName: RAS and IAS Servers
sAMAccountType: 0x20000000
@@ -633,7 +598,6 @@ description: Members can administer domain servers
instanceType: 4
uSNCreated: 1
uSNChanged: 1
-name: Server Operators
objectSid: S-1-5-32-549
adminCount: 1
sAMAccountName: Server Operators
@@ -657,7 +621,6 @@ description: Members can administer domain user and group accounts
instanceType: 4
uSNCreated: 1
uSNChanged: 1
-name: Account Operators
objectSid: S-1-5-32-548
adminCount: 1
sAMAccountName: Account Operators
@@ -679,7 +642,6 @@ instanceType: 13
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Configuration
objectCategory: CN=Configuration,CN=Schema,CN=Configuration,${BASEDN}
subRefs: CN=Schema,CN=Configuration,${BASEDN}
masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
@@ -693,7 +655,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Partitions
systemFlags: 0x80000000
objectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,${BASEDN}
msDS-Behavior-Version: 0
@@ -707,7 +668,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Enterprise Configuration
systemFlags: 0x00000001
objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
nCName: CN=Configuration,${BASEDN}
@@ -721,7 +681,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Enterprise Schema
systemFlags: 0x00000001
objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
nCName: CN=Schema,CN=Configuration,${BASEDN}
@@ -735,7 +694,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: ${DOMAIN}
systemFlags: 0x00000003
objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
nCName: ${BASEDN}
@@ -750,7 +708,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Sites
systemFlags: 0x82000000
objectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,${BASEDN}
@@ -762,7 +719,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Sites
systemFlags: 0x82000000
objectCategory: CN=Site,CN=Schema,CN=Configuration,${BASEDN}
@@ -774,7 +730,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Servers
systemFlags: 0x82000000
objectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,${BASEDN}
@@ -786,7 +741,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: ${NETBIOSNAME}
systemFlags: 0x52000000
objectCategory: CN=Server,CN=Schema,CN=Configuration,${BASEDN}
dNSHostName: ${DNSNAME}
@@ -801,7 +755,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: NTDS Settings
systemFlags: 0x02000000
objectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,${BASEDN}
dMDLocation: CN=Schema,CN=Configuration,${BASEDN}
@@ -817,7 +770,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Services
systemFlags: 0x80000000
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
@@ -829,7 +781,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Windows NT
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
dn: CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,${BASEDN}
@@ -840,7 +791,6 @@ instanceType: 4
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Directory Service
objectCategory: CN=NTDS-Service,CN=Schema,CN=Configuration,${BASEDN}
sPNMappings: host=ldap,dns,cifs
@@ -856,7 +806,6 @@ instanceType: 13
uSNCreated: ${USN}
uSNChanged: ${USN}
showInAdvancedViewOnly: TRUE
-name: Schema
objectCategory: CN=DMD,CN=Schema,CN=Configuration,${BASEDN}
masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif
index cbe561eee9..334f7c3cca 100644
--- a/source4/setup/provision_init.ldif
+++ b/source4/setup/provision_init.ldif
@@ -47,5 +47,5 @@ template: groupTemplate
#Add modules to the list to activate them by default
#beware often order is important
dn: @MODULES
-@LIST: samldb,timestamps,objectguid
+@LIST: samldb,timestamps,objectguid,rdn_name
diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif
index 43901a41e8..9a045d2afc 100644
--- a/source4/setup/provision_templates.ldif
+++ b/source4/setup/provision_templates.ldif
@@ -7,7 +7,6 @@ instanceType: 4
uSNCreated: 1
uSNChanged: 1
showInAdvancedViewOnly: TRUE
-name: Templates
systemFlags: 0x8c000000
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
@@ -24,7 +23,6 @@ objectClass: organizationalPerson
objectClass: Template
objectClass: userTemplate
cn: TemplateUser
-name: TemplateUser
instanceType: 4
userAccountControl: 0x202
badPwdCount: 0
@@ -45,7 +43,6 @@ objectClass: top
objectClass: Template
objectClass: userTemplate
cn: TemplateMemberServer
-name: TemplateMemberServer
instanceType: 4
userAccountControl: 0x1002
badPwdCount: 0
@@ -66,7 +63,6 @@ objectClass: top
objectClass: Template
objectClass: userTemplate
cn: TemplateDomainController
-name: TemplateDomainController
instanceType: 4
userAccountControl: 0x2002
badPwdCount: 0
@@ -87,7 +83,6 @@ objectClass: top
objectClass: Template
objectClass: userTemplate
cn: TemplateTrustingDomain
-name: TemplateTrustingDomain
instanceType: 4
userAccountControl: 0x820
badPwdCount: 0
@@ -107,7 +102,6 @@ objectClass: top
objectClass: Template
objectClass: groupTemplate
cn: TemplateGroup
-name: TemplateGroup
instanceType: 4
groupType: 0x80000002
sAMAccountType: 0x10000000
@@ -118,7 +112,6 @@ objectClass: top
objectClass: Template
objectClass: aliasTemplate
cn: TemplateAlias
-name: TemplateAlias
instanceType: 4
groupType: 0x80000004
sAMAccountType: 0x10000000
@@ -128,7 +121,6 @@ objectClass: top
objectClass: Template
objectClass: foreignSecurityPrincipalTemplate
cn: TemplateForeignSecurityPrincipal
-name: TemplateForeignSecurityPrincipal
dn: CN=TemplateSecret,CN=Templates,${BASEDN}
objectClass: top
@@ -136,7 +128,6 @@ objectClass: leaf
objectClass: Template
objectClass: secretTemplate
cn: TemplateSecret
-name: TemplateSecret
instanceType: 4
dn: CN=TemplateTrustedDomain,CN=Templates,${BASEDN}
@@ -145,6 +136,5 @@ objectClass: leaf
objectClass: Template
objectClass: trustedDomainTemplate
cn: TemplateTrustedDomain
-name: TemplateTrustedDomain
instanceType: 4