diff options
-rw-r--r-- | source4/provision.ldif | 35 | ||||
-rw-r--r-- | source4/rpc_server/samr/dcesrv_samr.c | 5 |
2 files changed, 40 insertions, 0 deletions
diff --git a/source4/provision.ldif b/source4/provision.ldif index c583aa0f97..7bc28be02c 100644 --- a/source4/provision.ldif +++ b/source4/provision.ldif @@ -40,6 +40,7 @@ dn: @MODULES @MODULE: timestamps dn: ${BASEDN} +distinguishedName: ${BASEDN} objectClass: top objectClass: domain objectClass: domainDNS @@ -67,12 +68,14 @@ pwdHistoryLength: 24 objectSid: ${DOMAINSID} serverState: 1 nTMixedDomain: 1 +msDS-Behavior-Version: 0 uASCompat: 1 modifiedCount: 1 objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Users,${BASEDN} +distinguishedName: CN=Users,${BASEDN} objectClass: top objectClass: container cn: Users @@ -90,6 +93,7 @@ objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Computers,${BASEDN} +distinguishedName: CN=Computers,${BASEDN} objectClass: top objectClass: container cn: Computers @@ -107,6 +111,7 @@ objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: OU=Domain Controllers,${BASEDN} +distinguishedName: OU=Domain Controllers,${BASEDN} objectClass: top objectClass: organizationalUnit ou: Domain Controllers @@ -124,6 +129,7 @@ objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=ForeignSecurityPrincipals,${BASEDN} +distinguishedName: CN=ForeignSecurityPrincipals,${BASEDN} objectClass: top objectClass: container cn: ForeignSecurityPrincipals @@ -141,6 +147,7 @@ objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=System,${BASEDN} +distinguishedName: CN=System,${BASEDN} objectClass: top objectClass: container cn: System @@ -158,6 +165,7 @@ objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Builtin,${BASEDN} +distinguishedName: CN=Builtin,${BASEDN} objectClass: top objectClass: builtinDomain cn: Builtin @@ -183,6 +191,7 @@ objectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Administrator,CN=Users,${BASEDN} +distinguishedName: CN=Administrator,CN=Users,${BASEDN} objectClass: top objectClass: person objectClass: organizationalPerson @@ -222,6 +231,7 @@ unicodePwd: ${ADMINPASS} unixName: root dn: CN=Guest,CN=Users,${BASEDN} +distinguishedName: CN=Guest,CN=Users,${BASEDN} objectClass: top objectClass: person objectClass: organizationalPerson @@ -254,6 +264,7 @@ objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Administrators,CN=Builtin,${BASEDN} +distinguishedName: CN=Administrators,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Administrators @@ -304,6 +315,7 @@ privilege: SeRemoteInteractiveLogonRight dn: CN=Users,CN=Builtin,${BASEDN} +distinguishedName: CN=Users,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Users @@ -325,6 +337,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Guests,CN=Builtin,${BASEDN} +distinguishedName: CN=Guests,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Guests @@ -348,6 +361,7 @@ isCriticalSystemObject: TRUE unixName: ${NOGROUP} dn: CN=Print Operators,CN=Builtin,${BASEDN} +distinguishedName: CN=Print Operators,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Print Operators @@ -372,6 +386,7 @@ privilege: SeShutdownPrivilege privilege: SeInteractiveLogonRight dn: CN=Backup Operators,CN=Builtin,${BASEDN} +distinguishedName: CN=Backup Operators,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Backup Operators @@ -397,6 +412,7 @@ privilege: SeShutdownPrivilege privilege: SeInteractiveLogonRight dn: CN=Replicator,CN=Builtin,${BASEDN} +distinguishedName: CN=Replicator,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Replicator @@ -418,6 +434,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN} +distinguishedName: CN=Remote Desktop Users,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Remote Desktop Users @@ -438,6 +455,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN} +distinguishedName: CN=Network Configuration Operators,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Network Configuration Operators @@ -458,6 +476,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN} +distinguishedName: CN=Performance Monitor Users,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Performance Monitor Users @@ -478,6 +497,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Performance Log Users,CN=Builtin,${BASEDN} +distinguishedName: CN=Performance Log Users,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Performance Log Users @@ -498,6 +518,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN} +distinguishedName: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN} objectClass: top objectClass: person objectClass: organizationalPerson @@ -540,6 +561,7 @@ servicePrincipalName: LDAP/${DNSNAME} servicePrincipalName: LDAP/${NETBIOSNAME} dn: CN=krbtgt,CN=Users,${BASEDN} +distinguishedName: CN=krbtgt,CN=Users,${BASEDN} objectClass: top objectClass: person objectClass: organizationalPerson @@ -575,6 +597,7 @@ isCriticalSystemObject: TRUE unicodePwd: ${RANDPASS} dn: CN=Domain Computers,CN=Users,${BASEDN} +distinguishedName: CN=Domain Computers,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Domain Computers @@ -594,6 +617,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Domain Controllers,CN=Users,${BASEDN} +distinguishedName: CN=Domain Controllers,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Domain Controllers @@ -614,6 +638,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Schema Admins,CN=Users,${BASEDN} +distinguishedName: CN=Schema Admins,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Schema Admins @@ -636,6 +661,7 @@ isCriticalSystemObject: TRUE unixName: ${WHEEL} dn: CN=Enterprise Admins,CN=Users,${BASEDN} +distinguishedName: CN=Enterprise Admins,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Enterprise Admins @@ -659,6 +685,7 @@ isCriticalSystemObject: TRUE unixName: ${WHEEL} dn: CN=Cert Publishers,CN=Users,${BASEDN} +distinguishedName: CN=Cert Publishers,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Cert Publishers @@ -678,6 +705,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Domain Admins,CN=Users,${BASEDN} +distinguishedName: CN=Domain Admins,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Domain Admins @@ -701,6 +729,7 @@ isCriticalSystemObject: TRUE unixName: ${WHEEL} dn: CN=Domain Users,CN=Users,${BASEDN} +distinguishedName: CN=Domain Users,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Domain Users @@ -722,6 +751,7 @@ isCriticalSystemObject: TRUE unixName: ${USERS} dn: CN=Domain Guests,CN=Users,${BASEDN} +distinguishedName: CN=Domain Guests,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Domain Guests @@ -742,6 +772,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN} +distinguishedName: CN=Group Policy Creator Owners,CN=Users,${BASEDN} objectClass: top objectClass: group cn: Group Policy Creator Owners @@ -763,6 +794,7 @@ isCriticalSystemObject: TRUE unixName: ${WHEEL} dn: CN=RAS and IAS Servers,CN=Users,${BASEDN} +distinguishedName: CN=RAS and IAS Servers,CN=Users,${BASEDN} objectClass: top objectClass: group cn: RAS and IAS Servers @@ -782,6 +814,7 @@ objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE dn: CN=Server Operators,CN=Builtin,${BASEDN} +distinguishedName: CN=Server Operators,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Server Operators @@ -809,6 +842,7 @@ privilege: SeShutdownPrivilege privilege: SeInteractiveLogonRight dn: CN=Account Operators,CN=Builtin,${BASEDN} +distinguishedName: CN=Account Operators,CN=Builtin,${BASEDN} objectClass: top objectClass: group cn: Account Operators @@ -831,6 +865,7 @@ isCriticalSystemObject: TRUE privilege: SeInteractiveLogonRight dn: CN=Templates,${BASEDN} +distinguishedName: CN=Templates,${BASEDN} objectClass: top objectClass: container cn: Templates diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c index c3ec8bf80f..fce4dd43be 100644 --- a/source4/rpc_server/samr/dcesrv_samr.c +++ b/source4/rpc_server/samr/dcesrv_samr.c @@ -528,6 +528,7 @@ static NTSTATUS samr_CreateDomainGroup(struct dcesrv_call_state *dce_call, TALLO if (!msg->dn) { return NT_STATUS_NO_MEMORY; } + samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "distinguishedName", msg->dn); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "name", groupname); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "cn", groupname); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "sAMAccountName", groupname); @@ -795,6 +796,7 @@ static NTSTATUS samr_CreateUser2(struct dcesrv_call_state *dce_call, TALLOC_CTX if (!msg->dn) { return NT_STATUS_NO_MEMORY; } + samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "distinguishedName", msg->dn); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "name", account_name); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "cn", account_name); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "sAMAccountName", account_name); @@ -1014,6 +1016,7 @@ static NTSTATUS samr_CreateDomAlias(struct dcesrv_call_state *dce_call, TALLOC_C return NT_STATUS_NO_MEMORY; } + samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "distinguishedName", msg->dn); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "name", aliasname); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "cn", aliasname); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "sAMAccountName", aliasname); @@ -2159,6 +2162,8 @@ static NTSTATUS samr_AddAliasMember(struct dcesrv_call_state *dce_call, TALLOC_C memberdn = msg->dn; samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, + "distinguishedName", msg->dn); + samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "name", sidstr); samdb_msg_add_string(d_state->sam_ctx, mem_ctx, msg, "objectClass", |