diff options
| -rw-r--r-- | source4/scripting/libjs/provision.js | 28 | ||||
| -rw-r--r-- | source4/setup/provision.ldif | 16 | ||||
| -rw-r--r-- | source4/setup/provision_basedn.ldif | 2 | ||||
| -rw-r--r-- | source4/setup/provision_basedn_modify.ldif | 4 | ||||
| -rw-r--r-- | source4/setup/provision_computers_add.ldif | 2 | ||||
| -rw-r--r-- | source4/setup/provision_computers_modify.ldif | 2 | ||||
| -rw-r--r-- | source4/setup/provision_configuration.ldif | 4 | ||||
| -rw-r--r-- | source4/setup/provision_init.ldif | 2 | ||||
| -rw-r--r-- | source4/setup/provision_partitions.ldif | 4 | ||||
| -rw-r--r-- | source4/setup/provision_users.ldif | 92 | ||||
| -rw-r--r-- | source4/setup/provision_users_add.ldif | 2 | ||||
| -rw-r--r-- | source4/setup/provision_users_modify.ldif | 2 |
12 files changed, 80 insertions, 80 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js index c3204587d0..39810e1f94 100644 --- a/source4/scripting/libjs/provision.js +++ b/source4/scripting/libjs/provision.js @@ -57,7 +57,7 @@ objectClass: top objectClass: foreignSecurityPrincipal description: %s ", - sid, subobj.BASEDN, desc); + sid, subobj.DOMAINDN, desc); /* deliberately ignore errors from this, as the records may already exist */ ldb.add(add); @@ -71,7 +71,7 @@ function setup_name_mapping(info, ldb, sid, unixname) { var attrs = new Array("dn"); var res = ldb.search(sprintf("objectSid=%s", sid), - info.subobj.BASEDN, ldb.SCOPE_SUBTREE, attrs); + info.subobj.DOMAINDN, ldb.SCOPE_SUBTREE, attrs); if (res.length != 1) { info.message("Failed to find record for objectSid %s\n", sid); return false; @@ -211,7 +211,7 @@ function ldb_erase_partitions(info, ldb, ldapbackend) var previous_remaining = 1; var current_remaining = 0; - if (ldapbackend && (basedn == info.subobj.BASEDN)) { + if (ldapbackend && (basedn == info.subobj.DOMAINDN)) { /* Only delete objects that were created by provision */ anything = "(objectcategory=*)"; } @@ -398,7 +398,7 @@ function setup_name_mappings(info, ldb) var attrs = new Array("objectSid"); var subobj = info.subobj; - res = ldb.search("objectSid=*", subobj.BASEDN, ldb.SCOPE_BASE, attrs); + res = ldb.search("objectSid=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs); assert(res.length == 1 && res[0].objectSid != undefined); var sid = res[0].objectSid; @@ -450,7 +450,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda assert(valid_netbios_name(subobj.DOMAIN)); subobj.NETBIOSNAME = strupper(subobj.HOSTNAME); assert(valid_netbios_name(subobj.NETBIOSNAME)); - var rdns = split(",", subobj.BASEDN); + var rdns = split(",", subobj.DOMAINDN); subobj.RDN_DC = substr(rdns[0], strlen("DC=")); if (subobj.DOMAINGUID != undefined) { @@ -502,13 +502,13 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda message("Erasing data from partitions\n"); ldb_erase_partitions(info, samdb, ldapbackend); - message("Adding baseDN: " + subobj.BASEDN + " (permitted to fail)\n"); + message("Adding DomainDN: " + subobj.DOMAINDN + " (permitted to fail)\n"); var add_ok = setup_add_ldif("provision_basedn.ldif", info, samdb, true); - message("Modifying baseDN: " + subobj.BASEDN + "\n"); + message("Modifying DomainDN: " + subobj.DOMAINDN + "\n"); var modify_ok = setup_ldb_modify("provision_basedn_modify.ldif", info, samdb); if (!modify_ok) { if (!add_ok) { - message("Failed to both add and modify " + subobj.BASEDN + " in target " + subobj.LDAPBACKEND + "\n"); + message("Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.LDAPBACKEND + "\n"); message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n"); }; assert(modify_ok); @@ -622,12 +622,12 @@ function provision_dns(subobj, message, paths, session_info, credentials) or may not have been specified, so fetch them from the database */ var attrs = new Array("objectGUID"); - res = ldb.search("objectGUID=*", subobj.BASEDN, ldb.SCOPE_BASE, attrs); + res = ldb.search("objectGUID=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs); assert(res.length == 1); assert(res[0].objectGUID != undefined); subobj.DOMAINGUID = res[0].objectGUID; - subobj.HOSTGUID = searchone(ldb, subobj.BASEDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID"); + subobj.HOSTGUID = searchone(ldb, subobj.DOMAINDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID"); assert(subobj.HOSTGUID != undefined); setup_file("provision.zone", @@ -640,8 +640,8 @@ function provision_dns(subobj, message, paths, session_info, credentials) /* Write out a DNS zone file, from the info in the current database */ function provision_ldapbase(subobj, message, paths) { - message("Setting up LDAP base entry: " + subobj.BASEDN + " \n"); - var rdns = split(",", subobj.BASEDN); + message("Setting up LDAP base entry: " + subobj.DOMAINDN + " \n"); + var rdns = split(",", subobj.DOMAINDN); subobj.EXTENSIBLEOBJECT = "objectClass: extensibleObject"; subobj.RDN_DC = substr(rdns[0], strlen("DC=")); @@ -696,8 +696,8 @@ function provision_guess() strlower(subobj.HOSTNAME), subobj.DNSDOMAIN); rdn_list = split(".", subobj.DNSDOMAIN); - subobj.BASEDN = "DC=" + join(",DC=", rdn_list); - subobj.ROOTDN = subobj.BASEDN; + subobj.DOMAINDN = "DC=" + join(",DC=", rdn_list); + subobj.ROOTDN = subobj.DOMAINDN; subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN; subobj.SCHEMADN = "CN=Schema," + subobj.CONFIGDN; subobj.LDAPBACKEND = "users.ldb"; diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif index 652770c813..71a4f44ba7 100644 --- a/source4/setup/provision.ldif +++ b/source4/setup/provision.ldif @@ -1,4 +1,4 @@ -dn: CN=Domain Controllers,${BASEDN} +dn: CN=Domain Controllers,${DOMAINDN} objectClass: top objectClass: container cn: Domain Controllers @@ -9,7 +9,7 @@ systemFlags: 2348810240 objectCategory: CN=Container,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=ForeignSecurityPrincipals,${BASEDN} +dn: CN=ForeignSecurityPrincipals,${DOMAINDN} objectClass: top objectClass: container cn: ForeignSecurityPrincipals @@ -20,7 +20,7 @@ systemFlags: 2348810240 objectCategory: CN=Container,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=System,${BASEDN} +dn: CN=System,${DOMAINDN} objectClass: top objectClass: container cn: System @@ -31,7 +31,7 @@ systemFlags: 2348810240 objectCategory: CN=Container,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=RID Manager$,CN=System,${BASEDN} +dn: CN=RID Manager$,CN=System,${DOMAINDN} objectclass: top objectclass: rIDManager cn: RID Manager$ @@ -43,7 +43,7 @@ isCriticalSystemObject: TRUE fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN} rIDAvailablePool: 4611686014132423217 -dn: CN=DomainUpdates,CN=System,${BASEDN} +dn: CN=DomainUpdates,CN=System,${DOMAINDN} objectClass: top objectClass: container cn: DomainUpdates @@ -51,7 +51,7 @@ instanceType: 4 showInAdvancedViewOnly: TRUE objectCategory: CN=Container,${SCHEMADN} -dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN} +dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${DOMAINDN} objectClass: top objectClass: container cn: Windows2003Update @@ -60,7 +60,7 @@ showInAdvancedViewOnly: TRUE objectCategory: CN=Container,${SCHEMADN} revision: 8 -dn: CN=Infrastructure,${BASEDN} +dn: CN=Infrastructure,${DOMAINDN} objectclass: top objectclass: infrastructureUpdate cn: Infrastructure @@ -71,7 +71,7 @@ objectCategory: CN=Infrastructure-Update,${SCHEMADN} isCriticalSystemObject: TRUE fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN} -dn: CN=Builtin,${BASEDN} +dn: CN=Builtin,${DOMAINDN} objectClass: top objectClass: builtinDomain cn: Builtin diff --git a/source4/setup/provision_basedn.ldif b/source4/setup/provision_basedn.ldif index e8cf8005f3..234c1f9e8f 100644 --- a/source4/setup/provision_basedn.ldif +++ b/source4/setup/provision_basedn.ldif @@ -1,7 +1,7 @@ ################################ ## Domain Naming Context ################################ -dn: ${BASEDN} +dn: ${DOMAINDN} objectClass: top objectClass: domain objectClass: domainDNS diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif index 189c3161d9..c0595a9be5 100644 --- a/source4/setup/provision_basedn_modify.ldif +++ b/source4/setup/provision_basedn_modify.ldif @@ -1,7 +1,7 @@ ############################### # Domain Naming Context ############################### -dn: ${BASEDN} +dn: ${DOMAINDN} changetype: modify replace: dnsDomain dnsDomain: ${DNSDOMAIN} @@ -58,7 +58,7 @@ replace: msDS-Behavior-Version msDS-Behavior-Version: 0 - replace: ridManagerReference -ridManagerReference: CN=RID Manager$,CN=System,${BASEDN} +ridManagerReference: CN=RID Manager$,CN=System,${DOMAINDN} - replace: uASCompat uASCompat: 1 diff --git a/source4/setup/provision_computers_add.ldif b/source4/setup/provision_computers_add.ldif index c89742fe3f..6db3f41524 100644 --- a/source4/setup/provision_computers_add.ldif +++ b/source4/setup/provision_computers_add.ldif @@ -1,3 +1,3 @@ -dn: CN=Computers,${BASEDN} +dn: CN=Computers,${DOMAINDN} objectClass: top objectClass: container diff --git a/source4/setup/provision_computers_modify.ldif b/source4/setup/provision_computers_modify.ldif index aab32e8665..9f0c1884ea 100644 --- a/source4/setup/provision_computers_modify.ldif +++ b/source4/setup/provision_computers_modify.ldif @@ -1,4 +1,4 @@ -dn: CN=Computers,${BASEDN} +dn: CN=Computers,${DOMAINDN} changetype: modify replace: description description: Default container for upgraded computer accounts diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif index b6eaa30529..902d717fb6 100644 --- a/source4/setup/provision_configuration.ldif +++ b/source4/setup/provision_configuration.ldif @@ -53,7 +53,7 @@ instanceType: 4 showInAdvancedViewOnly: TRUE systemFlags: 3 objectCategory: CN=Cross-Ref,${SCHEMADN} -nCName: ${BASEDN} +nCName: ${DOMAINDN} nETBIOSName: ${DOMAIN} dnsRoot: ${DNSDOMAIN} @@ -93,7 +93,7 @@ showInAdvancedViewOnly: TRUE systemFlags: 1375731712 objectCategory: CN=Server,${SCHEMADN} dNSHostName: ${DNSNAME} -serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN} +serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN} dn: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN} objectClass: top diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif index 5f57651f16..bea45ce4ee 100644 --- a/source4/setup/provision_init.ldif +++ b/source4/setup/provision_init.ldif @@ -46,7 +46,7 @@ passwordAttribute: krb5key dn: cn=ROOTDSE subschemaSubentry: CN=Aggregate,${SCHEMADN} dsServiceName: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN} -defaultNamingContext: ${BASEDN} +defaultNamingContext: ${DOMAINDN} rootDomainNamingContext: ${ROOTDN} configurationNamingContext: ${CONFIGDN} schemaNamingContext: ${SCHEMADN} diff --git a/source4/setup/provision_partitions.ldif b/source4/setup/provision_partitions.ldif index 9acc140683..b713e4e31d 100644 --- a/source4/setup/provision_partitions.ldif +++ b/source4/setup/provision_partitions.ldif @@ -1,13 +1,13 @@ dn: @PARTITION partition: ${SCHEMADN}:schema.ldb partition: ${CONFIGDN}:configuration.ldb -partition: ${BASEDN}:${LDAPBACKEND} +partition: ${DOMAINDN}:${LDAPBACKEND} replicateEntries: @SUBCLASSES replicateEntries: @ATTRIBUTES replicateEntries: @INDEXLIST modules:${SCHEMADN}:objectguid modules:${CONFIGDN}:objectguid -modules:${BASEDN}:${LDAPMODULES} +modules:${DOMAINDN}:${LDAPMODULES} #Add modules to the list to activate them by default #beware often order is important diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index f5a445b4b5..d00570b121 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -1,12 +1,12 @@ -dn: CN=Administrator,CN=Users,${BASEDN} +dn: CN=Administrator,CN=Users,${DOMAINDN} objectClass: user cn: Administrator description: Built-in account for administering the computer/domain -memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN} -memberOf: CN=Domain Admins,CN=Users,${BASEDN} -memberOf: CN=Enterprise Admins,CN=Users,${BASEDN} -memberOf: CN=Schema Admins,CN=Users,${BASEDN} -memberOf: CN=Administrators,CN=Builtin,${BASEDN} +memberOf: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN} +memberOf: CN=Domain Admins,CN=Users,${DOMAINDN} +memberOf: CN=Enterprise Admins,CN=Users,${DOMAINDN} +memberOf: CN=Schema Admins,CN=Users,${DOMAINDN} +memberOf: CN=Administrators,CN=Builtin,${DOMAINDN} userAccountControl: 66048 objectSid: ${DOMAINSID}-500 adminCount: 1 @@ -15,25 +15,25 @@ sAMAccountName: Administrator isCriticalSystemObject: TRUE sambaPassword: ${ADMINPASS} -dn: CN=Guest,CN=Users,${BASEDN} +dn: CN=Guest,CN=Users,${DOMAINDN} objectClass: user cn: Guest description: Built-in account for guest access to the computer/domain -memberOf: CN=Guests,CN=Builtin,${BASEDN} +memberOf: CN=Guests,CN=Builtin,${DOMAINDN} userAccountControl: 66082 primaryGroupID: 514 objectSid: ${DOMAINSID}-501 sAMAccountName: Guest isCriticalSystemObject: TRUE -dn: CN=Administrators,CN=Builtin,${BASEDN} +dn: CN=Administrators,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Administrators description: Administrators have complete and unrestricted access to the computer/domain -member: CN=Domain Admins,CN=Users,${BASEDN} -member: CN=Enterprise Admins,CN=Users,${BASEDN} -member: CN=Administrator,CN=Users,${BASEDN} +member: CN=Domain Admins,CN=Users,${DOMAINDN} +member: CN=Enterprise Admins,CN=Users,${DOMAINDN} +member: CN=Administrator,CN=Users,${DOMAINDN} objectSid: S-1-5-32-544 adminCount: 1 sAMAccountName: Administrators @@ -68,7 +68,7 @@ privilege: SeNetworkLogonRight privilege: SeRemoteInteractiveLogonRight -dn: CN=${NETBIOSNAME},CN=Domain Controllers,${BASEDN} +dn: CN=${NETBIOSNAME},CN=Domain Controllers,${DOMAINDN} objectClass: computer cn: ${NETBIOSNAME} userAccountControl: 532480 @@ -90,12 +90,12 @@ servicePrincipalName: HOST/${DNSNAME}/${DOMAIN} servicePrincipalName: HOST/${NETBIOSNAME}/${DOMAIN} ${HOSTGUID_ADD} -dn: CN=Users,CN=Builtin,${BASEDN} +dn: CN=Users,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Users description: Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications -member: CN=Domain Users,CN=Users,${BASEDN} +member: CN=Domain Users,CN=Users,${DOMAINDN} objectSid: S-1-5-32-545 sAMAccountName: Users sAMAccountType: 536870912 @@ -104,13 +104,13 @@ groupType: 2147483653 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Guests,CN=Builtin,${BASEDN} +dn: CN=Guests,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Guests description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted -member: CN=Domain Guests,CN=Users,${BASEDN} -member: CN=Guest,CN=Users,${BASEDN} +member: CN=Domain Guests,CN=Users,${DOMAINDN} +member: CN=Guest,CN=Users,${DOMAINDN} objectSid: S-1-5-32-546 sAMAccountName: Guests sAMAccountType: 536870912 @@ -119,7 +119,7 @@ groupType: 2147483653 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Print Operators,CN=Builtin,${BASEDN} +dn: CN=Print Operators,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Print Operators @@ -136,7 +136,7 @@ privilege: SeLoadDriverPrivilege privilege: SeShutdownPrivilege privilege: SeInteractiveLogonRight -dn: CN=Backup Operators,CN=Builtin,${BASEDN} +dn: CN=Backup Operators,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Backup Operators @@ -154,7 +154,7 @@ privilege: SeRestorePrivilege privilege: SeShutdownPrivilege privilege: SeInteractiveLogonRight -dn: CN=Replicator,CN=Builtin,${BASEDN} +dn: CN=Replicator,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Replicator @@ -168,7 +168,7 @@ groupType: 2147483653 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN} +dn: CN=Remote Desktop Users,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Remote Desktop Users @@ -181,7 +181,7 @@ groupType: 2147483653 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN} +dn: CN=Network Configuration Operators,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Network Configuration Operators @@ -194,7 +194,7 @@ groupType: 2147483653 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN} +dn: CN=Performance Monitor Users,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Performance Monitor Users @@ -207,7 +207,7 @@ groupType: 2147483653 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Performance Log Users,CN=Builtin,${BASEDN} +dn: CN=Performance Log Users,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Performance Log Users @@ -220,7 +220,7 @@ groupType: 2147483653 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=krbtgt,CN=Users,${BASEDN} +dn: CN=krbtgt,CN=Users,${DOMAINDN} objectClass: top objectClass: person objectClass: organizationalPerson @@ -238,7 +238,7 @@ servicePrincipalName: kadmin/changepw isCriticalSystemObject: TRUE sambaPassword: ${KRBTGTPASS} -dn: CN=Domain Computers,CN=Users,${BASEDN} +dn: CN=Domain Computers,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Domain Computers @@ -248,7 +248,7 @@ sAMAccountName: Domain Computers objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Domain Controllers,CN=Users,${BASEDN} +dn: CN=Domain Controllers,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Domain Controllers @@ -258,30 +258,30 @@ adminCount: 1 sAMAccountName: Domain Controllers isCriticalSystemObject: TRUE -dn: CN=Schema Admins,CN=Users,${BASEDN} +dn: CN=Schema Admins,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Schema Admins description: Designated administrators of the schema -member: CN=Administrator,CN=Users,${BASEDN} +member: CN=Administrator,CN=Users,${DOMAINDN} objectSid: ${DOMAINSID}-518 adminCount: 1 sAMAccountName: Schema Admins isCriticalSystemObject: TRUE -dn: CN=Enterprise Admins,CN=Users,${BASEDN} +dn: CN=Enterprise Admins,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Enterprise Admins description: Designated administrators of the enterprise -member: CN=Administrator,CN=Users,${BASEDN} -memberOf: CN=Administrators,CN=Builtin,${BASEDN} +member: CN=Administrator,CN=Users,${DOMAINDN} +memberOf: CN=Administrators,CN=Builtin,${DOMAINDN} objectSid: ${DOMAINSID}-519 adminCount: 1 sAMAccountName: Enterprise Admins isCriticalSystemObject: TRUE -dn: CN=Cert Publishers,CN=Users,${BASEDN} +dn: CN=Cert Publishers,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Cert Publishers @@ -293,50 +293,50 @@ sAMAccountName: Cert Publishers objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Domain Admins,CN=Users,${BASEDN} +dn: CN=Domain Admins,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Domain Admins description: Designated administrators of the domain -member: CN=Administrator,CN=Users,${BASEDN} -memberOf: CN=Administrators,CN=Builtin,${BASEDN} +member: CN=Administrator,CN=Users,${DOMAINDN} +memberOf: CN=Administrators,CN=Builtin,${DOMAINDN} objectSid: ${DOMAINSID}-512 adminCount: 1 sAMAccountName: Domain Admins isCriticalSystemObject: TRUE -dn: CN=Domain Users,CN=Users,${BASEDN} +dn: CN=Domain Users,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Domain Users description: All domain users -memberOf: CN=Users,CN=Builtin,${BASEDN} +memberOf: CN=Users,CN=Builtin,${DOMAINDN} objectSid: ${DOMAINSID}-513 sAMAccountName: Domain Users isCriticalSystemObject: TRUE -dn: CN=Domain Guests,CN=Users,${BASEDN} +dn: CN=Domain Guests,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Domain Guests description: All domain guests -memberOf: CN=Guests,CN=Builtin,${BASEDN} +memberOf: CN=Guests,CN=Builtin,${DOMAINDN} objectSid: ${DOMAINSID}-514 sAMAccountName: Domain Guests isCriticalSystemObject: TRUE -dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN} +dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: Group Policy Creator Owners description: Members in this group can modify group policy for the domain -member: CN=Administrator,CN=Users,${BASEDN} +member: CN=Administrator,CN=Users,${DOMAINDN} objectSid: ${DOMAINSID}-520 sAMAccountName: Group Policy Creator Owners objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=RAS and IAS Servers,CN=Users,${BASEDN} +dn: CN=RAS and IAS Servers,CN=Users,${DOMAINDN} objectClass: top objectClass: group cn: RAS and IAS Servers @@ -349,7 +349,7 @@ groupType: 2147483652 objectCategory: CN=Group,${SCHEMADN} isCriticalSystemObject: TRUE -dn: CN=Server Operators,CN=Builtin,${BASEDN} +dn: CN=Server Operators,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Server Operators @@ -370,7 +370,7 @@ privilege: SeRestorePrivilege privilege: SeShutdownPrivilege privilege: SeInteractiveLogonRight -dn: CN=Account Operators,CN=Builtin,${BASEDN} +dn: CN=Account Operators,CN=Builtin,${DOMAINDN} objectClass: top objectClass: group cn: Account Operators diff --git a/source4/setup/provision_users_add.ldif b/source4/setup/provision_users_add.ldif index 56a2623cfc..db075d9c80 100644 --- a/source4/setup/provision_users_add.ldif +++ b/source4/setup/provision_users_add.ldif @@ -1,3 +1,3 @@ -dn: CN=Users,${BASEDN} +dn: CN=Users,${DOMAINDN} objectClass: top objectClass: container diff --git a/source4/setup/provision_users_modify.ldif b/source4/setup/provision_users_modify.ldif index 5766d672f7..04ff57368e 100644 --- a/source4/setup/provision_users_modify.ldif +++ b/source4/setup/provision_users_modify.ldif @@ -1,4 +1,4 @@ -dn: CN=Users,${BASEDN} +dn: CN=Users,${DOMAINDN} changetype: modify replace: description description: Default container for upgraded user accounts |