diff options
-rw-r--r-- | source4/lib/ldb/common/ldb_modules.c | 10 | ||||
-rw-r--r-- | source4/lib/ldb/config.mk | 9 | ||||
-rw-r--r-- | source4/lib/ldb/modules/rdn_name.c | 276 | ||||
-rw-r--r-- | source4/lib/ldb/modules/timestamps.c | 37 | ||||
-rw-r--r-- | source4/setup/provision.ldif | 51 | ||||
-rw-r--r-- | source4/setup/provision_init.ldif | 2 | ||||
-rw-r--r-- | source4/setup/provision_templates.ldif | 10 |
7 files changed, 312 insertions, 83 deletions
diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c index dc1a90ebc2..d6213be79a 100644 --- a/source4/lib/ldb/common/ldb_modules.c +++ b/source4/lib/ldb/common/ldb_modules.c @@ -199,6 +199,16 @@ int ldb_load_modules(struct ldb_context *ldb, const char *options[]) continue; } + if (strcmp(modules[i], "rdn_name") == 0) { + current = rdn_name_module_init(ldb, options); + if (!current) { + ldb_debug(ldb, LDB_DEBUG_FATAL, "function 'init_module' in %s fails\n", modules[i]); + return -1; + } + DLIST_ADD(ldb->modules, current); + continue; + } + #ifdef _SAMBA_BUILD_ if (strcmp(modules[i], "samldb") == 0) { current = samldb_module_init(ldb, options); diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk index 39bf004e5d..fe339f9e17 100644 --- a/source4/lib/ldb/config.mk +++ b/source4/lib/ldb/config.mk @@ -17,6 +17,15 @@ INIT_OBJ_FILES = \ ################################################ ################################################ +# Start MODULE libldb_rdn_name +[MODULE::libldb_rdn_name] +SUBSYSTEM = LIBLDB +INIT_OBJ_FILES = \ + lib/ldb/modules/rdn_name.o +# End MODULE libldb_rdn_name +################################################ + +################################################ # Start MODULE libldb_schema [MODULE::libldb_schema] SUBSYSTEM = LIBLDB diff --git a/source4/lib/ldb/modules/rdn_name.c b/source4/lib/ldb/modules/rdn_name.c new file mode 100644 index 0000000000..6a11ab87fe --- /dev/null +++ b/source4/lib/ldb/modules/rdn_name.c @@ -0,0 +1,276 @@ +/* + ldb database library + + Copyright (C) Simo Sorce 2004 + + ** NOTE! The following LGPL license applies to the ldb + ** library. This does NOT imply that all of Samba is released + ** under the LGPL + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +*/ + +/* + * Name: ldb + * + * Component: ldb objectguid module + * + * Description: add a unique objectGUID onto every new record + * + * Author: Simo Sorce + */ + +#include "includes.h" +#include "ldb/include/ldb.h" +#include "ldb/include/ldb_private.h" +#include <time.h> + +struct private_data { + const char *error_string; +}; + +static int rdn_name_search(struct ldb_module *module, const char *base, + enum ldb_scope scope, const char *expression, + const char * const *attrs, struct ldb_message ***res) +{ + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_search\n"); + return ldb_next_search(module, base, scope, expression, attrs, res); +} + +static int rdn_name_search_bytree(struct ldb_module *module, const char *base, + enum ldb_scope scope, struct ldb_parse_tree *tree, + const char * const *attrs, struct ldb_message ***res) +{ + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_search\n"); + return ldb_next_search_bytree(module, base, scope, tree, attrs, res); +} + +static struct ldb_message_element *rdn_name_find_attribute(const struct ldb_message *msg, const char *name) +{ + int i; + + for (i = 0; i < msg->num_elements; i++) { + if (ldb_attr_cmp(name, msg->elements[i].name) == 0) { + return &msg->elements[i]; + } + } + + return NULL; +} + +static struct ldb_dn_component *get_rdn(void *mem_ctx, const char *dn) +{ + struct ldb_dn *dn_exploded = ldb_dn_explode(mem_ctx, dn); + + if (!dn_exploded) { + return NULL; + } + + if (dn_exploded->comp_num < 1) { + return NULL; + } + + return &dn_exploded->components[0]; +} + +/* add_record: add crateTimestamp/modifyTimestamp attributes */ +static int rdn_name_add_record(struct ldb_module *module, const struct ldb_message *msg) +{ + struct ldb_message *msg2; + struct ldb_message_element *attribute; + struct ldb_dn_component *rdn; + int ret, i; + + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_add_record\n"); + + if (msg->dn[0] == '@') { /* do not manipulate our control entries */ + return ldb_next_add_record(module, msg); + } + + /* Perhaps someone above us knows better */ + if ((attribute = rdn_name_find_attribute(msg, "name")) != NULL ) { + return ldb_next_add_record(module, msg); + } + + msg2 = talloc(module, struct ldb_message); + if (!msg2) { + return -1; + } + + msg2->dn = msg->dn; + msg2->num_elements = msg->num_elements; + msg2->private_data = msg->private_data; + msg2->elements = talloc_array(msg2, struct ldb_message_element, msg2->num_elements); + for (i = 0; i < msg2->num_elements; i++) { + msg2->elements[i] = msg->elements[i]; + } + + rdn = get_rdn(msg2, msg2->dn); + if (!rdn) { + return -1; + } + + if (ldb_msg_add_value(module->ldb, msg2, "name", &rdn->value) != 0) { + return -1; + } + + ret = ldb_next_add_record(module, msg2); + talloc_free(msg2); + + return ret; +} + +/* modify_record: change modifyTimestamp as well */ +static int rdn_name_modify_record(struct ldb_module *module, const struct ldb_message *msg) +{ + struct ldb_message *msg2; + struct ldb_message_element *attribute; + struct ldb_dn_component *rdn; + int ret, i; + + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_modify_record\n"); + + /* Perhaps someone above us knows better */ + if ((attribute = rdn_name_find_attribute(msg, "name")) != NULL ) { + return ldb_next_add_record(module, msg); + } + + msg2 = talloc(module, struct ldb_message); + if (!msg2) { + return -1; + } + + msg2->dn = msg->dn; + msg2->num_elements = msg->num_elements; + msg2->private_data = msg->private_data; + msg2->elements = talloc_array(msg2, struct ldb_message_element, msg2->num_elements); + for (i = 0; i < msg2->num_elements; i++) { + msg2->elements[i] = msg->elements[i]; + } + + rdn = get_rdn(msg2, msg2->dn); + if (!rdn) { + return -1; + } + + if (ldb_msg_add_value(module->ldb, msg2, "name", &rdn->value) != 0) { + return -1; + } + + attribute = rdn_name_find_attribute(msg2, "name"); + if (!attribute) { + return -1; + } + + attribute->flags = LDB_FLAG_MOD_REPLACE; + + ret = ldb_next_modify_record(module, msg2); + talloc_free(msg2); + + return ret; +} + +static int rdn_name_delete_record(struct ldb_module *module, const char *dn) +{ + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_delete_record\n"); + return ldb_next_delete_record(module, dn); +} + +static int rdn_name_rename_record(struct ldb_module *module, const char *olddn, const char *newdn) +{ + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_rename_record\n"); + return ldb_next_rename_record(module, olddn, newdn); +} + +static int rdn_name_lock(struct ldb_module *module, const char *lockname) +{ + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_lock\n"); + return ldb_next_named_lock(module, lockname); +} + +static int rdn_name_unlock(struct ldb_module *module, const char *lockname) +{ + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_unlock\n"); + return ldb_next_named_unlock(module, lockname); +} + +/* return extended error information */ +static const char *rdn_name_errstring(struct ldb_module *module) +{ + struct private_data *data = (struct private_data *)module->private_data; + + ldb_debug(module->ldb, LDB_DEBUG_TRACE, "rdn_name_errstring\n"); + if (data->error_string) { + const char *error; + + error = data->error_string; + data->error_string = NULL; + return error; + } + + return ldb_next_errstring(module); +} + +static int rdn_name_destructor(void *module_ctx) +{ + /* struct ldb_module *ctx = module_ctx; */ + /* put your clean-up functions here */ + return 0; +} + +static const struct ldb_module_ops rdn_name_ops = { + .name = "rdn_name", + .search = rdn_name_search, + .search_bytree = rdn_name_search_bytree, + .add_record = rdn_name_add_record, + .modify_record = rdn_name_modify_record, + .delete_record = rdn_name_delete_record, + .rename_record = rdn_name_rename_record, + .named_lock = rdn_name_lock, + .named_unlock = rdn_name_unlock, + .errstring = rdn_name_errstring +}; + + +/* the init function */ +#ifdef HAVE_DLOPEN_DISABLED + struct ldb_module *init_module(struct ldb_context *ldb, const char *options[]) +#else +struct ldb_module *rdn_name_module_init(struct ldb_context *ldb, const char *options[]) +#endif +{ + struct ldb_module *ctx; + struct private_data *data; + + ctx = talloc(ldb, struct ldb_module); + if (!ctx) + return NULL; + + data = talloc(ctx, struct private_data); + if (!data) { + talloc_free(ctx); + return NULL; + } + + data->error_string = NULL; + ctx->private_data = data; + ctx->ldb = ldb; + ctx->prev = ctx->next = NULL; + ctx->ops = &rdn_name_ops; + + talloc_set_destructor (ctx, rdn_name_destructor); + + return ctx; +} diff --git a/source4/lib/ldb/modules/timestamps.c b/source4/lib/ldb/modules/timestamps.c index c1db85a284..b067d8e8d6 100644 --- a/source4/lib/ldb/modules/timestamps.c +++ b/source4/lib/ldb/modules/timestamps.c @@ -60,8 +60,8 @@ static int timestamps_search_bytree(struct ldb_module *module, const char *base, static int add_time_element(struct ldb_module *module, struct ldb_message *msg, const char *attr_name, const char *time_string, unsigned int flags) { - struct ldb_val *values; - char *name, *timestr; + struct ldb_message_element *attribute = NULL; + int i; for (i = 0; i < msg->num_elements; i++) { @@ -70,23 +70,22 @@ static int add_time_element(struct ldb_module *module, struct ldb_message *msg, } } - msg->elements = talloc_realloc(msg, msg->elements, - struct ldb_message_element, msg->num_elements + 1); - name = talloc_strdup(msg->elements, attr_name); - timestr = talloc_strdup(msg->elements, time_string); - values = talloc(msg->elements, struct ldb_val); - if (!msg->elements || !name || !timestr || !values) { + if (ldb_msg_add_string(module->ldb, msg, attr_name, time_string) != 0) { return -1; } - msg->elements[msg->num_elements].name = name; - msg->elements[msg->num_elements].flags = flags; - msg->elements[msg->num_elements].num_values = 1; - msg->elements[msg->num_elements].values = values; - msg->elements[msg->num_elements].values[0].data = timestr; - msg->elements[msg->num_elements].values[0].length = strlen(timestr); + for (i = 0; i < msg->num_elements; i++) { + if (ldb_attr_cmp(attr_name, msg->elements[i].name) == 0) { + attribute = &msg->elements[i]; + break; + } + } - msg->num_elements += 1; + if (!attribute) { + return -1; + } + + attribute->flags = flags; return 0; } @@ -196,12 +195,8 @@ static int timestamps_modify_record(struct ldb_module *module, const struct ldb_ add_time_element(module, msg2, "modifyTimestamp", timestr, LDB_FLAG_MOD_REPLACE); add_time_element(module, msg2, "whenChanged", timestr, LDB_FLAG_MOD_REPLACE); - if (msg2) { - ret = ldb_next_modify_record(module, msg2); - talloc_free(msg2); - } else { - ret = ldb_next_modify_record(module, msg); - } + ret = ldb_next_modify_record(module, msg2); + talloc_free(msg2); return ret; } diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif index 4fe8cdc38b..c42c73eda4 100644 --- a/source4/setup/provision.ldif +++ b/source4/setup/provision.ldif @@ -5,7 +5,6 @@ dn: ${BASEDN} objectClass: top objectClass: domain objectClass: domainDNS -name: ${DOMAIN} flatname: ${DOMAIN} dnsDomain: ${DNSDOMAIN} dc: ${DOMAIN} @@ -46,7 +45,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: FALSE -name: Users systemFlags: 0x8c000000 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -60,7 +58,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: FALSE -name: Computers systemFlags: 0x8c000000 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -74,7 +71,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: FALSE -name: Domain Controllers systemFlags: 0x8c000000 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -88,7 +84,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: FALSE -name: ForeignSecurityPrincipals systemFlags: 0x8c000000 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -102,7 +97,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: TRUE -name: System systemFlags: 0x8c000000 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -115,7 +109,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: TRUE -name: RID Manager$ systemFlags: 0x8c000000 objectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -130,7 +123,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: TRUE -name: DomainUpdates objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN} @@ -141,7 +133,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: TRUE -name: Windows2003Update objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} revision: 8 @@ -153,7 +144,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: TRUE -name: Infrastructure systemFlags: 0x8c000000 objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -165,7 +155,6 @@ objectClass: builtinDomain cn: Builtin instanceType: 4 showInAdvancedViewOnly: FALSE -name: Builtin forceLogoff: 0x8000000000000000 lockoutDuration: -18000000000 lockOutObservationWindow: -18000000000 @@ -198,7 +187,6 @@ memberOf: CN=Enterprise Admins,CN=Users,${BASEDN} memberOf: CN=Schema Admins,CN=Users,${BASEDN} memberOf: CN=Administrators,CN=Builtin,${BASEDN} uSNChanged: 1 -name: Administrator userAccountControl: 0x10200 objectSid: ${DOMAINSID}-500 adminCount: 1 @@ -218,7 +206,6 @@ description: Built-in account for guest access to the computer/domain uSNCreated: 1 memberOf: CN=Guests,CN=Builtin,${BASEDN} uSNChanged: 1 -name: Guest userAccountControl: 0x10222 primaryGroupID: 514 objectSid: ${DOMAINSID}-501 @@ -235,7 +222,6 @@ member: CN=Enterprise Admins,CN=Users,${BASEDN} member: CN=Administrator,CN=Users,${BASEDN} uSNCreated: 1 uSNChanged: 1 -name: Administrators objectSid: S-1-5-32-544 adminCount: 1 sAMAccountName: Administrators @@ -279,7 +265,6 @@ description: Users are prevented from making accidental or intentional system-wi member: CN=Domain Users,CN=Users,${BASEDN} uSNCreated: 1 uSNChanged: 1 -name: Users objectSid: S-1-5-32-545 sAMAccountName: Users sAMAccountType: 0x20000000 @@ -297,7 +282,6 @@ member: CN=Domain Guests,CN=Users,${BASEDN} member: CN=Guest,CN=Users,${BASEDN} uSNCreated: 1 uSNChanged: 1 -name: Guests objectSid: S-1-5-32-546 sAMAccountName: Guests sAMAccountType: 0x20000000 @@ -314,7 +298,6 @@ cn: Print Operators description: Members can administer domain printers uSNCreated: 1 uSNChanged: 1 -name: Print Operators objectSid: S-1-5-32-550 adminCount: 1 sAMAccountName: Print Operators @@ -334,7 +317,6 @@ cn: Backup Operators description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files uSNCreated: 1 uSNChanged: 1 -name: Backup Operators objectSid: S-1-5-32-551 adminCount: 1 sAMAccountName: Backup Operators @@ -355,7 +337,6 @@ cn: Replicator description: Supports file replication in a domain uSNCreated: 1 uSNChanged: 1 -name: Replicator objectSid: S-1-5-32-552 adminCount: 1 sAMAccountName: Replicator @@ -372,7 +353,6 @@ cn: Remote Desktop Users description: Members in this group are granted the right to logon remotely uSNCreated: 1 uSNChanged: 1 -name: Remote Desktop Users objectSid: S-1-5-32-555 sAMAccountName: Remote Desktop Users sAMAccountType: 0x20000000 @@ -388,7 +368,6 @@ cn: Network Configuration Operators description: Members in this group can have some administrative privileges to manage configuration of networking features uSNCreated: 1 uSNChanged: 1 -name: Network Configuration Operators objectSid: S-1-5-32-556 sAMAccountName: Network Configuration Operators sAMAccountType: 0x20000000 @@ -404,7 +383,6 @@ cn: Performance Monitor Users description: Members of this group have remote access to monitor this computer uSNCreated: 1 uSNChanged: 1 -name: Performance Monitor Users objectSid: S-1-5-32-558 sAMAccountName: Performance Monitor Users sAMAccountType: 0x20000000 @@ -420,7 +398,6 @@ cn: Performance Log Users description: Members of this group have remote access to schedule logging of performance counters on this computer uSNCreated: 1 uSNChanged: 1 -name: Performance Log Users objectSid: S-1-5-32-559 sAMAccountName: Performance Log Users sAMAccountType: 0x20000000 @@ -437,7 +414,6 @@ objectClass: computer cn: ${NETBIOSNAME} uSNCreated: 1 uSNChanged: 1 -name: ${NETBIOSNAME} objectGUID: ${HOSTGUID} userAccountControl: 532480 lastLogon: 127273269057298624 @@ -467,7 +443,6 @@ description: Key Distribution Center Service Account uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: TRUE -name: krbtgt userAccountControl: 514 pwdLastSet: 127258826179466560 objectSid: ${DOMAINSID}-502 @@ -486,7 +461,6 @@ cn: Domain Computers description: All workstations and servers joined to the domain uSNCreated: 1 uSNChanged: 1 -name: Domain Computers objectSid: ${DOMAINSID}-515 sAMAccountName: Domain Computers objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} @@ -499,7 +473,6 @@ cn: Domain Controllers description: All domain controllers in the domain uSNCreated: 1 uSNChanged: 1 -name: Domain Controllers objectSid: ${DOMAINSID}-516 adminCount: 1 sAMAccountName: Domain Controllers @@ -513,7 +486,6 @@ description: Designated administrators of the schema member: CN=Administrator,CN=Users,${BASEDN} uSNCreated: 1 uSNChanged: 1 -name: Schema Admins objectSid: ${DOMAINSID}-518 adminCount: 1 sAMAccountName: Schema Admins @@ -529,7 +501,6 @@ member: CN=Administrator,CN=Users,${BASEDN} uSNCreated: 1 memberOf: CN=Administrators,CN=Builtin,${BASEDN} uSNChanged: 1 -name: Enterprise Admins objectSid: ${DOMAINSID}-519 adminCount: 1 sAMAccountName: Enterprise Admins @@ -543,7 +514,6 @@ cn: Cert Publishers description: Members of this group are permitted to publish certificates to the Active Directory uSNCreated: 1 uSNChanged: 1 -name: Cert Publishers groupType: 0x80000004 sAMAccountType: 0x20000000 objectSid: ${DOMAINSID}-517 @@ -560,7 +530,6 @@ member: CN=Administrator,CN=Users,${BASEDN} uSNCreated: 1 memberOf: CN=Administrators,CN=Builtin,${BASEDN} uSNChanged: 1 -name: Domain Admins objectSid: ${DOMAINSID}-512 adminCount: 1 sAMAccountName: Domain Admins @@ -575,7 +544,6 @@ description: All domain users uSNCreated: 1 memberOf: CN=Users,CN=Builtin,${BASEDN} uSNChanged: 1 -name: Domain Users objectSid: ${DOMAINSID}-513 sAMAccountName: Domain Users isCriticalSystemObject: TRUE @@ -589,7 +557,6 @@ description: All domain guests uSNCreated: 1 memberOf: CN=Guests,CN=Builtin,${BASEDN} uSNChanged: 1 -name: Domain Guests objectSid: ${DOMAINSID}-514 sAMAccountName: Domain Guests isCriticalSystemObject: TRUE @@ -602,7 +569,6 @@ description: Members in this group can modify group policy for the domain member: CN=Administrator,CN=Users,${BASEDN} uSNCreated: 1 uSNChanged: 1 -name: Group Policy Creator Owners objectSid: ${DOMAINSID}-520 sAMAccountName: Group Policy Creator Owners objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} @@ -617,7 +583,6 @@ description: Servers in this group can access remote access properties of users instanceType: 4 uSNCreated: 1 uSNChanged: 1 -name: RAS and IAS Servers objectSid: ${DOMAINSID}-553 sAMAccountName: RAS and IAS Servers sAMAccountType: 0x20000000 @@ -633,7 +598,6 @@ description: Members can administer domain servers instanceType: 4 uSNCreated: 1 uSNChanged: 1 -name: Server Operators objectSid: S-1-5-32-549 adminCount: 1 sAMAccountName: Server Operators @@ -657,7 +621,6 @@ description: Members can administer domain user and group accounts instanceType: 4 uSNCreated: 1 uSNChanged: 1 -name: Account Operators objectSid: S-1-5-32-548 adminCount: 1 sAMAccountName: Account Operators @@ -679,7 +642,6 @@ instanceType: 13 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Configuration objectCategory: CN=Configuration,CN=Schema,CN=Configuration,${BASEDN} subRefs: CN=Schema,CN=Configuration,${BASEDN} masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} @@ -693,7 +655,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Partitions systemFlags: 0x80000000 objectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,${BASEDN} msDS-Behavior-Version: 0 @@ -707,7 +668,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Enterprise Configuration systemFlags: 0x00000001 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN} nCName: CN=Configuration,${BASEDN} @@ -721,7 +681,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Enterprise Schema systemFlags: 0x00000001 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN} nCName: CN=Schema,CN=Configuration,${BASEDN} @@ -735,7 +694,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: ${DOMAIN} systemFlags: 0x00000003 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN} nCName: ${BASEDN} @@ -750,7 +708,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Sites systemFlags: 0x82000000 objectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,${BASEDN} @@ -762,7 +719,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Sites systemFlags: 0x82000000 objectCategory: CN=Site,CN=Schema,CN=Configuration,${BASEDN} @@ -774,7 +730,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Servers systemFlags: 0x82000000 objectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,${BASEDN} @@ -786,7 +741,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: ${NETBIOSNAME} systemFlags: 0x52000000 objectCategory: CN=Server,CN=Schema,CN=Configuration,${BASEDN} dNSHostName: ${DNSNAME} @@ -801,7 +755,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: NTDS Settings systemFlags: 0x02000000 objectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,${BASEDN} dMDLocation: CN=Schema,CN=Configuration,${BASEDN} @@ -817,7 +770,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Services systemFlags: 0x80000000 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} @@ -829,7 +781,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Windows NT objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} dn: CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,${BASEDN} @@ -840,7 +791,6 @@ instanceType: 4 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Directory Service objectCategory: CN=NTDS-Service,CN=Schema,CN=Configuration,${BASEDN} sPNMappings: host=ldap,dns,cifs @@ -856,7 +806,6 @@ instanceType: 13 uSNCreated: ${USN} uSNChanged: ${USN} showInAdvancedViewOnly: TRUE -name: Schema objectCategory: CN=DMD,CN=Schema,CN=Configuration,${BASEDN} masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif index cbe561eee9..334f7c3cca 100644 --- a/source4/setup/provision_init.ldif +++ b/source4/setup/provision_init.ldif @@ -47,5 +47,5 @@ template: groupTemplate #Add modules to the list to activate them by default #beware often order is important dn: @MODULES -@LIST: samldb,timestamps,objectguid +@LIST: samldb,timestamps,objectguid,rdn_name diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif index 43901a41e8..9a045d2afc 100644 --- a/source4/setup/provision_templates.ldif +++ b/source4/setup/provision_templates.ldif @@ -7,7 +7,6 @@ instanceType: 4 uSNCreated: 1 uSNChanged: 1 showInAdvancedViewOnly: TRUE -name: Templates systemFlags: 0x8c000000 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -24,7 +23,6 @@ objectClass: organizationalPerson objectClass: Template objectClass: userTemplate cn: TemplateUser -name: TemplateUser instanceType: 4 userAccountControl: 0x202 badPwdCount: 0 @@ -45,7 +43,6 @@ objectClass: top objectClass: Template objectClass: userTemplate cn: TemplateMemberServer -name: TemplateMemberServer instanceType: 4 userAccountControl: 0x1002 badPwdCount: 0 @@ -66,7 +63,6 @@ objectClass: top objectClass: Template objectClass: userTemplate cn: TemplateDomainController -name: TemplateDomainController instanceType: 4 userAccountControl: 0x2002 badPwdCount: 0 @@ -87,7 +83,6 @@ objectClass: top objectClass: Template objectClass: userTemplate cn: TemplateTrustingDomain -name: TemplateTrustingDomain instanceType: 4 userAccountControl: 0x820 badPwdCount: 0 @@ -107,7 +102,6 @@ objectClass: top objectClass: Template objectClass: groupTemplate cn: TemplateGroup -name: TemplateGroup instanceType: 4 groupType: 0x80000002 sAMAccountType: 0x10000000 @@ -118,7 +112,6 @@ objectClass: top objectClass: Template objectClass: aliasTemplate cn: TemplateAlias -name: TemplateAlias instanceType: 4 groupType: 0x80000004 sAMAccountType: 0x10000000 @@ -128,7 +121,6 @@ objectClass: top objectClass: Template objectClass: foreignSecurityPrincipalTemplate cn: TemplateForeignSecurityPrincipal -name: TemplateForeignSecurityPrincipal dn: CN=TemplateSecret,CN=Templates,${BASEDN} objectClass: top @@ -136,7 +128,6 @@ objectClass: leaf objectClass: Template objectClass: secretTemplate cn: TemplateSecret -name: TemplateSecret instanceType: 4 dn: CN=TemplateTrustedDomain,CN=Templates,${BASEDN} @@ -145,6 +136,5 @@ objectClass: leaf objectClass: Template objectClass: trustedDomainTemplate cn: TemplateTrustedDomain -name: TemplateTrustedDomain instanceType: 4 |