diff options
Diffstat (limited to 'source4/setup')
67 files changed, 13457 insertions, 0 deletions
diff --git a/source4/setup/DB_CONFIG b/source4/setup/DB_CONFIG new file mode 100644 index 0000000000..b4d2bfa868 --- /dev/null +++ b/source4/setup/DB_CONFIG @@ -0,0 +1,17 @@ +# +# Set the database in memory cache size. +# +set_cachesize 0 524288 0 + +# +# Set log values. +# +set_lg_regionmax 104857 +set_lg_max 1048576 +set_lg_bsize 209715 +set_lg_dir ${LDAPDBDIR}/bdb-logs + +# +# Set temporary file creation directory. +# +set_tmp_dir ${LDAPDBDIR}/tmp diff --git a/source4/setup/cn=replicator.ldif b/source4/setup/cn=replicator.ldif new file mode 100644 index 0000000000..6001456b4d --- /dev/null +++ b/source4/setup/cn=replicator.ldif @@ -0,0 +1,12 @@ +dn: cn=replicator +objectClass: top +objectClass: person +cn: replicator +userPassword:: ${MMR_PASSWORD_B64} +structuralObjectClass: person +entryUUID: ${UUID} +creatorsName: +createTimestamp: ${LDAPTIME} +entryCSN: 20080714010529.241039Z#000000#000#000000 +modifiersName: +modifyTimestamp: ${LDAPTIME} diff --git a/source4/setup/cn=samba-admin.ldif b/source4/setup/cn=samba-admin.ldif new file mode 100644 index 0000000000..c59ffd9ab6 --- /dev/null +++ b/source4/setup/cn=samba-admin.ldif @@ -0,0 +1,12 @@ +dn: cn=samba-admin +objectClass: top +objectClass: person +cn: samba-admin +userPassword:: ${LDAPADMINPASS_B64} +structuralObjectClass: person +entryUUID: ${UUID} +creatorsName: +createTimestamp: ${LDAPTIME} +entryCSN: 20080714010529.241038Z#000000#000#000000 +modifiersName: +modifyTimestamp: ${LDAPTIME} diff --git a/source4/setup/cn=samba.ldif b/source4/setup/cn=samba.ldif new file mode 100644 index 0000000000..3be6242fe3 --- /dev/null +++ b/source4/setup/cn=samba.ldif @@ -0,0 +1,11 @@ +dn: cn=Samba +objectClass: top +objectClass: container +cn: Samba +structuralObjectClass: container +entryUUID: b1d4823a-e58c-102c-9f74-51b6d59a1b68 +creatorsName: +createTimestamp: 20080714010529Z +entryCSN: 20080714010529.194412Z#000000#000#000000 +modifiersName: +modifyTimestamp: 20080714010529Z diff --git a/source4/setup/display_specifiers.ldif b/source4/setup/display_specifiers.ldif new file mode 100644 index 0000000000..7d6633244d --- /dev/null +++ b/source4/setup/display_specifiers.ldif @@ -0,0 +1,111 @@ +dn: CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: container + +dn: CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: container +cn: 409 + +dn: CN=user-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: displaySpecifier +cn: user-Display +contextMenu: 0,{62AE1F9A-126A-11D0-A14B-0800361B1103} +adminPropertyPages: 9,{FA3E1D55-16DF-446d-872E-BD04D4F39C93} +adminPropertyPages: 8,{0910dd01-df8c-11d1-ae27-00c04fa35813} +adminPropertyPages: 7,{8c5b1b50-d46e-11d1-8091-00a024c48131} +adminPropertyPages: 6,{4E40F770-369C-11d0-8922-00A024AB2DBB} +adminPropertyPages: 5,{6dfe6488-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 4,{FD57D295-4FD9-11D1-854E-00C04FC31FD3} +adminPropertyPages: 3,{B52C1E50-1DD2-11D1-BC43-00C04FC31FD3} +adminPropertyPages: 1,{6dfe6485-a212-11d0-bcd5-00c04fd8d5b6} +shellPropertyPages: 2,{dde2c5e9-c8ae-11d0-bcdb-00c04fd8d5b6} +shellPropertyPages: 1,{f5d121ed-c8ac-11d0-bcdb-00c04fd8d5b6} +adminContextMenu: 1,{08eb4fa6-6ffd-11d1-b0e0-00c04fd8dca6} +adminMultiselectPropertyPages: 1,{50d30564-9911-11d1-b9af-00c04fd8d5b0} + +dn: CN=group-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: displaySpecifier +cn: group-Display +contextMenu: 0,{62AE1F9A-126A-11D0-A14B-0800361B1103} +adminPropertyPages: 4,{4E40F770-369C-11d0-8922-00A024AB2DBB} +adminPropertyPages: 3,{6dfe6488-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 2,{6dfe648b-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 1,{6dfe6489-a212-11d0-bcd5-00c04fd8d5b6} +shellPropertyPages: 2,{dde2c5e9-c8ae-11d0-bcdb-00c04fd8d5b6} +shellPropertyPages: 1,{f5d121ee-c8ac-11d0-bcdb-00c04fd8d5b6} +adminContextMenu: 1,{08eb4fa6-6ffd-11d1-b0e0-00c04fd8dca6} + +dn: CN=domainDNS-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: displaySpecifier +cn: domainDNS-Display +name: domainDNS-Display +adminPropertyPages: 5,{4E40F770-369C-11d0-8922-00A024AB2DBB} +adminPropertyPages: 4,{6dfe6488-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 3,{6dfe648b-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 1,{6dfe648c-a212-11d0-bcd5-00c04fd8d5b6} +shellPropertyPages: 2,{dde2c5e9-c8ae-11d0-bcdb-00c04fd8d5b6} +shellPropertyPages: 1,{f5d121ef-c8ac-11d0-bcdb-00c04fd8d5b6} +adminContextMenu: 2,{08eb4fa6-6ffd-11d1-b0e0-00c04fd8dca6} +adminContextMenu: 1,{6BA3F852-23C6-11D1-B91F-00A0C9A06D2D} + +dn: CN=computer-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: displaySpecifier +cn: computer-Display +contextMenu: 0,{62AE1F9A-126A-11D0-A14B-0800361B1103} +adminPropertyPages: 10,{0F65B1BF-740F-11d1-BBE6-0060081692B3} +adminPropertyPages: 7,{B52C1E50-1DD2-11D1-BC43-00C04FC31FD3} +adminPropertyPages: 6,{4E40F770-369C-11d0-8922-00A024AB2DBB} +adminPropertyPages: 5,{6dfe6488-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 4,{6dfe648b-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 3,{77597368-7b15-11d0-a0c2-080036af3f03} +adminPropertyPages: 1,{6dfe6492-a212-11d0-bcd5-00c04fd8d5b6} +shellPropertyPages: 2,{dde2c5e9-c8ae-11d0-bcdb-00c04fd8d5b6} +shellPropertyPages: 1,{f5d121f4-c8ac-11d0-bcdb-00c04fd8d5b6} +adminContextMenu: 1,{08eb4fa6-6ffd-11d1-b0e0-00c04fd8dca6} +createWizardExt: 1,{D6D8C25A-4E83-11d2-8424-00C04FA372D4} + +dn: CN=organizationalUnit-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: displaySpecifier +cn: organizationalUnit-Display +contextMenu: 0,{62AE1F9A-126A-11D0-A14B-0800361B1103} +adminPropertyPages: 6,{FA3E1D55-16DF-446d-872E-BD04D4F39C93} +adminPropertyPages: 5,{4E40F770-369C-11d0-8922-00A024AB2DBB} +adminPropertyPages: 4,{6dfe6488-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 3,{6dfe648b-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 1,{9da6fd63-c63b-11d0-b94d-00c04fd8d5b0} +shellPropertyPages: 2,{dde2c5e9-c8ae-11d0-bcdb-00c04fd8d5b6} +shellPropertyPages: 1,{f2c3faae-c8ac-11d0-bcdb-00c04fd8d5b6} +adminContextMenu: 2,{08eb4fa6-6ffd-11d1-b0e0-00c04fd8dca6} +adminContextMenu: 1,{6BA3F852-23C6-11D1-B91F-00A0C9A06D2D} + +dn: CN=container-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: displaySpecifier +cn: container-Display +contextMenu: 0,{62AE1F9A-126A-11D0-A14B-0800361B1103} +adminPropertyPages: 3,{4E40F770-369C-11d0-8922-00A024AB2DBB} +adminPropertyPages: 2,{6dfe6488-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 1,{5a96f2d8-736e-11d1-bd0d-00c04fd8d5b6} +shellPropertyPages: 1,{f2c3faae-c8ac-11d0-bcdb-00c04fd8d5b6} +adminContextMenu: 4,{AB790AA1-CDC1-478a-9351-B2E05CFCAD09} +adminContextMenu: 3,{EEBD2F15-87EE-4F93-856F-6AD7E31787B3} +adminContextMenu: 2,{08eb4fa6-6ffd-11d1-b0e0-00c04fd8dca6} +adminContextMenu: 1,{6BA3F852-23C6-11D1-B91F-00A0C9A06D2D} + +dn: CN=default-Display,CN=409,CN=DisplaySpecifiers,${CONFIGDN} +objectClass: top +objectClass: displaySpecifier +cn: default-Display +adminPropertyPages: 3,{4E40F770-369C-11d0-8922-00A024AB2DBB} +adminPropertyPages: 2,{6dfe6488-a212-11d0-bcd5-00c04fd8d5b6} +adminPropertyPages: 1,{6384e23e-736d-11d1-bd0d-00c04fd8d5b6} +shellPropertyPages: 1,{f2c3faae-c8ac-11d0-bcdb-00c04fd8d5b6} +adminContextMenu: 0,{08eb4fa6-6ffd-11d1-b0e0-00c04fd8dca6} +adminMultiselectPropertyPages: 1,{50d30563-9911-11d1-b9af-00c04fd8d5b0} + diff --git a/source4/setup/enableaccount b/source4/setup/enableaccount new file mode 100755 index 0000000000..061997b804 --- /dev/null +++ b/source4/setup/enableaccount @@ -0,0 +1,77 @@ +#!/usr/bin/python +# +# add a new user to a Samba4 server +# Copyright Andrew Tridgell 2005 +# Copyright Jelmer Vernooij 2008 +# Released under the GNU GPL version 3 or later +# +import os, sys + +sys.path.insert(0, os.path.join(os.path.dirname(sys.argv[0]), "../bin/python")) + +import samba.getopt as options +import optparse +import pwd +import ldb + +from samba.auth import system_session +from samba.samdb import SamDB + +parser = optparse.OptionParser("enableaccount [username] [options]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("-H", help="LDB URL for database or target server", type=str) +parser.add_option("--base", help="Base DN to search for user under", type=str) + +opts, args = parser.parse_args() + +# +# print a message if quiet is not set +# +def message(text): + if not opts.quiet: + print text + +if len(args) == 0: + parser.print_usage() + sys.exit(1) + +username = args[0] + +if username is None: + print "username must be specified" + +lp = sambaopts.get_loadparm() + +creds = credopts.get_credentials(lp) + +if opts.H is not None: + url = opts.H +else: + url = lp.get("sam database") + +samdb = SamDB(url=url, session_info=system_session(), + credentials=creds, lp=lp) + +domain_dn = opts.base +if opts.base is None: + res = samdb.search("", scope=ldb.SCOPE_BASE, + expression="(defaultNamingContext=*)", + attrs=["defaultNamingContext"]) + assert(len(res) == 1 and res[0]["defaultNamingContext"] is not None) + domain_dn = res[0]["defaultNamingContext"][0] +else: + domain_dn = opts.base + +filter = "(&(objectClass=user)(samAccountName=%s))" % username + +res = samdb.search(domain_dn, scope=ldb.SCOPE_SUBTREE, + expression=filter, + attrs=[]) +assert(len(res) == 1) +user_dn = res[0].dn + +samdb.enable_account(user_dn) diff --git a/source4/setup/fedora-ds-init.ldif b/source4/setup/fedora-ds-init.ldif new file mode 100644 index 0000000000..83cdb6b392 --- /dev/null +++ b/source4/setup/fedora-ds-init.ldif @@ -0,0 +1,27 @@ +# These entries need to be added to get the container for the +# provision to be aimed at. + +dn: cn="dc=tammy,dc=abartlet,dc=net",cn=mapping tree,cn=config +objectclass: top +objectclass: extensibleObject +objectclass: nsMappingTree +nsslapd-state: backend +nsslapd-backend: UserData +cn: dc=tammy,dc=abartlet,dc=net + +dn: cn=UserData,cn=ldbm database,cn=plugins,cn=config +objectclass: extensibleObject +objectclass: nsBackendInstance +nsslapd-suffix: dc=tammy,dc=abartlet,dc=net + +# Generate 99_ad.ldif with + +# bin/ad2oLschema -I setup/fedora-ds-init.ldif --option=convert:target=fedora-ds -O /opt/fedora-ds/slapd-piglett/config/schema/99_ad.ldif -H /data/samba/samba4/prefix/private/sam.ldb +# Then install 00_staish_core.ldif 30ns-common.ldif and 99_ad.ldif +# into /opt/fedora-ds/slapd-piglett/config/schema/ +# + + +# provision with --ldap-backend=ldap://localhost:4389 --ldap-module=nsuniqueid --aci='aci: (targetattr = "*") (version 3.0;acl "full access to all by all";allow (all)(userdn = "ldap:///anyone");)' + + diff --git a/source4/setup/fedorads-partitions.ldif b/source4/setup/fedorads-partitions.ldif new file mode 100644 index 0000000000..571fb599b9 --- /dev/null +++ b/source4/setup/fedorads-partitions.ldif @@ -0,0 +1,30 @@ +dn: cn="${CONFIGDN}",cn=mapping tree,cn=config +objectclass: top +objectclass: extensibleObject +objectclass: nsMappingTree +nsslapd-state: backend +nsslapd-backend: configData +cn: ${CONFIGDN} + +dn: cn=configData,cn=ldbm database,cn=plugins,cn=config +objectclass: top +objectclass: extensibleObject +objectclass: nsBackendInstance +nsslapd-suffix: ${CONFIGDN} +cn: configData + +dn: cn="${SCHEMADN}",cn=mapping tree,cn=config +objectclass: top +objectclass: extensibleObject +objectclass: nsMappingTree +nsslapd-state: backend +nsslapd-backend: schemaData +cn: ${SCHEMADN} + +dn: cn=schemaData,cn=ldbm database,cn=plugins,cn=config +objectclass: top +objectclass: extensibleObject +objectclass: nsBackendInstance +nsslapd-suffix: ${SCHEMADN} +cn: schemaData + diff --git a/source4/setup/fedorads.inf b/source4/setup/fedorads.inf new file mode 100644 index 0000000000..fe51d01db1 --- /dev/null +++ b/source4/setup/fedorads.inf @@ -0,0 +1,29 @@ +[General] +SuiteSpotUserID = ${ROOT} +FullMachineName= ${HOSTNAME}.${DNSDOMAIN} +ServerRoot= ${LDAPDIR} + +[slapd] +ldapifilepath=${LDAPDIR}/ldapi +Suffix= ${DOMAINDN} +RootDN= ${LDAPMANAGERDN} +RootDNPwd= ${LDAPMANAGERPASS} +ServerIdentifier= samba4 +${SERVERPORT} + +inst_dir= ${LDAPDIR}/slapd-samba4 +config_dir= ${LDAPDIR}/slapd-samba4 +schema_dir= ${LDAPDIR}/slapd-samba4/schema +lock_dir= ${LDAPDIR}/slapd-samba4/lock +log_dir= ${LDAPDIR}/slapd-samba4/logs +run_dir= ${LDAPDIR}/slapd-samba4/logs +db_dir= ${LDAPDIR}/slapd-samba4/db +bak_dir= ${LDAPDIR}/slapd-samba4/bak +tmp_dir= ${LDAPDIR}/slapd-samba4/tmp +ldif_dir= ${LDAPDIR}/slapd-samba4/ldif +cert_dir= ${LDAPDIR}/slapd-samba4 + +start_server= 0 +install_full_schema= 0 +SchemaFile=${LDAPDIR}/99_ad.ldif +ConfigFile = ${LDAPDIR}/fedorads-partitions.ldif diff --git a/source4/setup/idmap_init.ldif b/source4/setup/idmap_init.ldif new file mode 100644 index 0000000000..43e5b65562 --- /dev/null +++ b/source4/setup/idmap_init.ldif @@ -0,0 +1,4 @@ +dn: CN=CONFIG +cn: CONFIG +lowerBound: 3000000 +upperBound: 4000000 diff --git a/source4/setup/krb5.conf b/source4/setup/krb5.conf new file mode 100644 index 0000000000..7dad63de73 --- /dev/null +++ b/source4/setup/krb5.conf @@ -0,0 +1,17 @@ +[libdefaults] + default_realm = ${REALM} + dns_lookup_realm = false + dns_lookup_kdc = false + ticket_lifetime = 24h + forwardable = yes + +[realms] + ${REALM} = { + kdc = ${HOSTNAME}.${DNSDOMAIN}:88 + admin_server = ${HOSTNAME}.${DNSDOMAIN}:749 + default_domain = ${DNSDOMAIN} + } + +[domain_realm] + .${DNSDOMAIN} = ${REALM} + ${DNSDOMAIN} = ${REALM} diff --git a/source4/setup/memberof.conf b/source4/setup/memberof.conf new file mode 100644 index 0000000000..77e57c86d4 --- /dev/null +++ b/source4/setup/memberof.conf @@ -0,0 +1,9 @@ +overlay memberof +memberof-dn cn=samba-admin,cn=samba +memberof-dangling error +memberof-refint TRUE +memberof-group-oc top +memberof-member-ad ${MEMBER_ATTR} +memberof-memberof-ad ${MEMBEROF_ATTR} +memberof-dangling-error 32 + diff --git a/source4/setup/mmr_serverids.conf b/source4/setup/mmr_serverids.conf new file mode 100644 index 0000000000..c6d14010b4 --- /dev/null +++ b/source4/setup/mmr_serverids.conf @@ -0,0 +1,2 @@ +# Generated from template mmr_serverids.conf +ServerID ${SERVERID} "${LDAPSERVER}" diff --git a/source4/setup/mmr_syncrepl.conf b/source4/setup/mmr_syncrepl.conf new file mode 100644 index 0000000000..1373858c4e --- /dev/null +++ b/source4/setup/mmr_syncrepl.conf @@ -0,0 +1,12 @@ +# Generated from template mmr_syncrepl.conf + +syncrepl rid=${RID} + provider="${LDAPSERVER}" + searchbase="${MMRDN}" + type=refreshAndPersist + retry="10 +" + bindmethod=sasl + saslmech=DIGEST-MD5 + authcid="replicator" + credentials="${MMR_PASSWORD}" + diff --git a/source4/setup/modules.conf b/source4/setup/modules.conf new file mode 100644 index 0000000000..c90dab767f --- /dev/null +++ b/source4/setup/modules.conf @@ -0,0 +1 @@ +#OpenLDAP modules configuration file for ${REALM} diff --git a/source4/setup/named.conf b/source4/setup/named.conf new file mode 100644 index 0000000000..0b087069c7 --- /dev/null +++ b/source4/setup/named.conf @@ -0,0 +1,67 @@ +# This file should be included in your main BIND configuration file +# +# For example with +# include "${PRIVATE_DIR}/named.conf"; + +zone "${DNSDOMAIN}." IN { + type master; + file "${PRIVATE_DIR}/${DNSDOMAIN}.zone"; + /* + * Attention: Not all BIND versions support "ms-self". The instead use + * of allow-update { any; }; is another, but less secure possibility. + */ + update-policy { + /* + * A rather long description here, as the "ms-self" option does + * not appear in any docs yet (it can only be found in the + * source code). + * + * The short of it is that each host is allowed to update its + * own A and AAAA records, when the update request is properly + * signed by the host itself. + * + * The long description is (look at the + * dst_gssapi_identitymatchesrealmms() call in lib/dns/ssu.c and + * its definition in lib/dns/gssapictx.c for details): + * + * A GSS-TSIG update request will be signed by a given signer + * (e.g. machine-name$@${REALM}). The signer name is split into + * the machine component (e.g. "machine-name") and the realm + * component (e.g. "${REALM}"). The update is allowed if the + * following conditions are met: + * + * 1) The machine component of the signer name matches the first + * (host) component of the FQDN that is being updated. + * + * 2) The realm component of the signer name matches the realm + * in the grant statement below (${REALM}). + * + * 3) The domain component of the FQDN that is being updated + * matches the realm in the grant statement below. + * + * If the 3 conditions above are satisfied, the update succeeds. + */ + grant ${REALM} ms-self * A AAAA; + }; +}; + +# The reverse zone configuration is optional. The following example assumes a +# subnet of 192.168.123.0/24: + +/* +zone "123.168.192.in-addr.arpa" in { + type master; + file "123.168.192.in-addr.arpa.zone"; + update-policy { + grant ${REALM_WC} wildcard *.123.168.192.in-addr.arpa. PTR; + }; +}; +*/ + +# Note that the reverse zone file is not created during the provision process. + +# The most recent BIND versions (9.5.0a5 or later) support secure GSS-TSIG +# updates. If you are running an earlier version of BIND, or if you do not wish +# to use secure GSS-TSIG updates, you may remove the update-policy sections in +# both examples above. + diff --git a/source4/setup/named.txt b/source4/setup/named.txt new file mode 100644 index 0000000000..c1e6b3a9ee --- /dev/null +++ b/source4/setup/named.txt @@ -0,0 +1,46 @@ +# Additional informations for DNS setup using BIND + +# If you are running a capable version of BIND and you wish to support secure +# GSS-TSIG updates, you must make the following configuration changes: + +# - Insert the following lines into the options {} section of your named.conf +# file: +tkey-gssapi-credential "DNS/${DNSDOMAIN}"; +tkey-domain "${REALM}"; + +# - Modify BIND init scripts to pass the location of the generated keytab file. +# Fedora 8 & later provide a variable named KEYTAB_FILE in /etc/sysconfig/named +# for this purpose: +KEYTAB_FILE="${DNS_KEYTAB_ABS}" +# Note that the Fedora scripts translate KEYTAB_FILE behind the scenes into a +# variable named KRB5_KTNAME, which is ultimately passed to the BIND daemon. If +# your distribution does not provide a variable like KEYTAB_FILE to pass a +# keytab file to the BIND daemon, a workaround is to place the following line in +# BIND's sysconfig file or in the init script for BIND: +export KRB5_KTNAME="${DNS_KEYTAB_ABS}" + +# - Set appropriate ownership and permissions on the ${DNS_KEYTAB} file. Note +# that most distributions have BIND configured to run under a non-root user +# account. For example, Fedora 9 runs BIND as the user "named" once the daemon +# relinquishes its rights. Therefore, the file ${DNS_KEYTAB} must be readable +# by the user that BIND run as. If BIND is running as a non-root user, the +# "${DNS_KEYTAB}" file must have its permissions altered to allow the daemon to +# read it. Under Fedora 9, execute the following commands: +chgrp named ${DNS_KEYTAB_ABS} +chmod g+r ${DNS_KEYTAB_ABS} + +# - Ensure the BIND zone file(s) that will be dynamically updated are in a +# directory where the BIND daemon can write. When BIND performs dynamic +# updates, it not only needs to update the zone file itself but it must also +# create a journal (.jnl) file to track the dynamic updates as they occur. +# Under Fedora 9, the /var/named directory can not be written to by the "named" +# user. However, the directory /var/named/dynamic directory does provide write +# access. Therefore the zone files were placed under the /var/named/dynamic +# directory. The file directives in both example zone statements at the +# beginning of this file were changed by prepending the directory "dynamic/". + +# - If SELinux is enabled, ensure that all files have the appropriate SELinux +# file contexts. The ${DNS_KEYTAB} file must be accessible by the BIND daemon +# and should have a SELinux type of named_conf_t. This can be set with the +# following command: +chcon -t named_conf_t ${DNS_KEYTAB_ABS} diff --git a/source4/setup/newuser b/source4/setup/newuser new file mode 100755 index 0000000000..5b677af142 --- /dev/null +++ b/source4/setup/newuser @@ -0,0 +1,48 @@ +#!/usr/bin/python +# +# add a new user to a Samba4 server +# Copyright Andrew Tridgell 2005 +# Copyright Jelmer Vernooij 2008 +# Released under the GNU GPL version 3 or later +# + +import sys + +# Find right directory when running from source tree +sys.path.insert(0, "bin/python") + +import samba.getopt as options +import optparse +from getpass import getpass +from samba.auth import system_session + +parser = optparse.OptionParser("newuser [options] <username> [<password>]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--quiet", help="Be quiet", action="store_true") +parser.add_option("--unixname", help="Unix Username", type=str) + +opts, args = parser.parse_args() + +if len(args) == 0: + parser.print_usage() + sys.exit(1) + +username = args[0] +if len(args) > 1: + password = args[1] +else: + password = getpass("New Password: ") + +if opts.unixname is None: + opts.unixname = username + +lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + +samdb = sambaopts.get_hostconfig().get_samdb(session_info=system_session(), + credentials=creds) +samdb.newuser(username, opts.unixname, password) diff --git a/source4/setup/phpldapadmin-config.php b/source4/setup/phpldapadmin-config.php new file mode 100644 index 0000000000..5a4c2d7a6b --- /dev/null +++ b/source4/setup/phpldapadmin-config.php @@ -0,0 +1,28 @@ +<?php +/** + * The phpLDAPadmin config file, customised for use with Samba4 + * This overrides phpLDAPadmin defaults + * that are defined in config_default.php. + * + * DONT change config_default.php, you changes will be lost by the next release + * of PLA. Instead change this file - as it will NOT be replaced by a new + * version of phpLDAPadmin. + */ + +/*********************************************/ +/* Useful important configuration overrides */ +/*********************************************/ + +/* phpLDAPadmin can encrypt the content of sensitive cookies if you set this + to a big random string. */ + +$i=0; +$ldapservers = new LDAPServers; + +/* A convenient name that will appear in the tree viewer and throughout + phpLDAPadmin to identify this LDAP server to users. */ +$ldapservers->SetValue($i,'server','name','Samba4 LDAP Server'); +$ldapservers->SetValue($i,'server','host','${S4_LDAPI_URI}'); +$ldapservers->SetValue($i,'server','auth_type','session'); +$ldapservers->SetValue($i,'login','attr','dn'); +?> diff --git a/source4/setup/prefixMap.txt b/source4/setup/prefixMap.txt new file mode 100644 index 0000000000..8ba9b9531c --- /dev/null +++ b/source4/setup/prefixMap.txt @@ -0,0 +1,34 @@ +0:2.5.4 +1:2.5.6 +2:1.2.840.113556.1.2 +3:1.2.840.113556.1.3 +4:2.16.840.1.101.2.2.1 +5:2.16.840.1.101.2.2.3 +6:2.16.840.1.101.2.1.5 +7:2.16.840.1.101.2.1.4 +8:2.5.5 +9:1.2.840.113556.1.4 +10:1.2.840.113556.1.5 +19:0.9.2342.19200300.100 +20:2.16.840.1.113730.3 +21:0.9.2342.19200300.100.1 +22:2.16.840.1.113730.3.1 +23:1.2.840.113556.1.5.7000 +24:2.5.21 +25:2.5.18 +26:2.5.20 +11:1.2.840.113556.1.4.260 +12:1.2.840.113556.1.5.56 +13:1.2.840.113556.1.4.262 +14:1.2.840.113556.1.5.57 +15:1.2.840.113556.1.4.263 +16:1.2.840.113556.1.5.58 +17:1.2.840.113556.1.5.73 +18:1.2.840.113556.1.4.305 +27:1.3.6.1.4.1.1466.101.119 +28:2.16.840.1.113730.3.2 +29:1.3.6.1.4.1.250.1 +30:1.2.840.113549.1.9 +31:0.9.2342.19200300.100.4 +32:1.3.6.1.4.1.7165.4.1 +33:1.3.6.1.4.1.7165.4.2 diff --git a/source4/setup/provision b/source4/setup/provision new file mode 100755 index 0000000000..7bd61fc1d8 --- /dev/null +++ b/source4/setup/provision @@ -0,0 +1,158 @@ +#!/usr/bin/python +# +# Unix SMB/CIFS implementation. +# provision a Samba4 server +# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008 +# Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008 +# +# Based on the original in EJS: +# Copyright (C) Andrew Tridgell 2005 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +import getopt +import optparse +import os, sys + +# Find right directory when running from source tree +sys.path.insert(0, "bin/python") + +import samba +from samba.credentials import DONT_USE_KERBEROS +from samba.auth import system_session +import samba.getopt as options +from samba import param +from samba.provision import (provision, + FILL_FULL, FILL_NT4SYNC, + FILL_DRS) + +# how do we make this case insensitive?? + +parser = optparse.OptionParser("provision [options]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--setupdir", type="string", metavar="DIR", + help="directory with setup files") +parser.add_option("--realm", type="string", metavar="REALM", help="set realm") +parser.add_option("--domain", type="string", metavar="DOMAIN", + help="set domain") +parser.add_option("--domain-guid", type="string", metavar="GUID", + help="set domainguid (otherwise random)") +parser.add_option("--domain-sid", type="string", metavar="SID", + help="set domainsid (otherwise random)") +parser.add_option("--policy-guid", type="string", metavar="GUID", + help="set policy guid") +parser.add_option("--invocationid", type="string", metavar="GUID", + help="set invocationid (otherwise random)") +parser.add_option("--host-name", type="string", metavar="HOSTNAME", + help="set hostname") +parser.add_option("--host-ip", type="string", metavar="IPADDRESS", + help="set IPv4 ipaddress") +parser.add_option("--host-ip6", type="string", metavar="IP6ADDRESS", + help="set IPv6 ipaddress") +parser.add_option("--adminpass", type="string", metavar="PASSWORD", + help="choose admin password (otherwise random)") +parser.add_option("--krbtgtpass", type="string", metavar="PASSWORD", + help="choose krbtgt password (otherwise random)") +parser.add_option("--machinepass", type="string", metavar="PASSWORD", + help="choose machine password (otherwise random)") +parser.add_option("--dnspass", type="string", metavar="PASSWORD", + help="choose dns password (otherwise random)") +parser.add_option("--root", type="string", metavar="USERNAME", + help="choose 'root' unix username") +parser.add_option("--nobody", type="string", metavar="USERNAME", + help="choose 'nobody' user") +parser.add_option("--nogroup", type="string", metavar="GROUPNAME", + help="choose 'nogroup' group") +parser.add_option("--wheel", type="string", metavar="GROUPNAME", + help="choose 'wheel' privileged group") +parser.add_option("--users", type="string", metavar="GROUPNAME", + help="choose 'users' group") +parser.add_option("--quiet", help="Be quiet", action="store_true") +parser.add_option("--blank", action="store_true", + help="do not add users or groups, just the structure") +parser.add_option("--ldap-backend", type="string", metavar="LDAPSERVER", + help="LDAP server to use for this provision") +parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE", + help="LDB mapping module to use for the LDAP backend", + choices=["fedora-ds", "openldap"]) +parser.add_option("--aci", type="string", metavar="ACI", + help="An arbitary LDIF fragment, particularly useful to loading a backend ACI value into a target LDAP server. You must provide at least a realm and domain") +parser.add_option("--server-role", type="choice", metavar="ROLE", + choices=["domain controller", "dc", "member server", "member", "standalone"], + help="Set server role to provision for (default standalone)") +parser.add_option("--partitions-only", + help="Configure Samba's partitions, but do not modify them (ie, join a BDC)", action="store_true") +parser.add_option("--targetdir", type="string", metavar="DIR", + help="Set target directory") + +opts = parser.parse_args()[0] + +def message(text): + """print a message if quiet is not set.""" + if not opts.quiet: + print text + +if opts.realm is None or opts.domain is None: + if opts.realm is None: + print >>sys.stderr, "No realm set" + if opts.domain is None: + print >>sys.stderr, "No domain set" + parser.print_usage() + sys.exit(1) + +lp = sambaopts.get_loadparm() +smbconf = lp.configfile() + +if opts.aci is not None: + print "set ACI: %s" % opts.aci + +if opts.server_role == "dc": + server_role = "domain controller" +elif opts.server_role == "member": + server_role = "member server" +else: + server_role = opts.server_role + +creds = credopts.get_credentials(lp) + +creds.set_kerberos_state(DONT_USE_KERBEROS) + +setup_dir = opts.setupdir +if setup_dir is None: + setup_dir = "setup" + +samdb_fill = FILL_FULL +if opts.blank: + samdb_fill = FILL_NT4SYNC +elif opts.partitions_only: + samdb_fill = FILL_DRS + +provision(setup_dir, message, + system_session(), creds, smbconf=smbconf, targetdir=opts.targetdir, + samdb_fill=samdb_fill, realm=opts.realm, domain=opts.domain, + domainguid=opts.domain_guid, domainsid=opts.domain_sid, + policyguid=opts.policy_guid, hostname=opts.host_name, + hostip=opts.host_ip, hostip6=opts.host_ip6, + invocationid=opts.invocationid, adminpass=opts.adminpass, + krbtgtpass=opts.krbtgtpass, machinepass=opts.machinepass, + dnspass=opts.dnspass, root=opts.root, nobody=opts.nobody, + nogroup=opts.nogroup, wheel=opts.wheel, users=opts.users, + aci=opts.aci, serverrole=server_role, + ldap_backend=opts.ldap_backend, + ldap_backend_type=opts.ldap_backend_type) diff --git a/source4/setup/provision-backend b/source4/setup/provision-backend new file mode 100755 index 0000000000..0943da29b6 --- /dev/null +++ b/source4/setup/provision-backend @@ -0,0 +1,107 @@ +#!/usr/bin/python +# +# Unix SMB/CIFS implementation. +# provision a Samba4 server +# Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007-2008 +# Copyright (C) Andrew Bartlett <abartlet@samba.org> 2008 +# +# Based on the original in EJS: +# Copyright (C) Andrew Tridgell 2005 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +import os, sys + +sys.path.insert(0, "bin/python") + +import getopt +import optparse + +import samba +from samba import param + +from samba.auth import system_session +import samba.getopt as options +from samba.provision import (provision_backend) + +parser = optparse.OptionParser("provision [options]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--setupdir", type="string", metavar="DIR", + help="directory with setup files") +parser.add_option("--realm", type="string", metavar="REALM", help="set realm") +parser.add_option("--domain", type="string", metavar="DOMAIN", + help="set domain") +parser.add_option("--host-name", type="string", metavar="HOSTNAME", + help="set hostname") +parser.add_option("--ldap-admin-pass", type="string", metavar="PASSWORD", + help="choose LDAP admin password (otherwise random)") +parser.add_option("--root", type="string", metavar="USERNAME", + help="choose 'root' unix username") +parser.add_option("--quiet", help="Be quiet", action="store_true") +parser.add_option("--ldap-backend-type", type="choice", metavar="LDAP-BACKEND-TYPE", + help="LDB mapping module to use for the LDAP backend", + choices=["fedora-ds", "openldap"]) +parser.add_option("--ldap-backend-port", type="int", metavar="PORT", + help="TCP Port LDAP server should listen to (default ldapi only)") +parser.add_option("--server-role", type="choice", metavar="ROLE", + choices=["domain controller", "dc", "member server", "member", "standalone"], + help="Set server role to provision for (default standalone)") +parser.add_option("--targetdir", type="string", metavar="DIR", + help="Set target directory") +parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER", + help="List of LDAP-URLS [ ldap://<FQDN>:port/ (where port != 389) ] separated with whitespaces for use with OpenLDAP-MMR") + + +opts = parser.parse_args()[0] + +def message(text): + """print a message if quiet is not set.""" + if not opts.quiet: + print text + +if opts.realm is None or opts.domain is None: + if opts.realm is None: + print >>sys.stderr, "No realm set" + if opts.domain is None: + print >>sys.stderr, "No domain set" + parser.print_usage() + sys.exit(1) + +smbconf = sambaopts.get_loadparm().configfile() + +if opts.server_role == "dc": + server_role = "domain controller" +elif opts.server_role == "member": + server_role = "member server" +else: + server_role = opts.server_role + +setup_dir = opts.setupdir +if setup_dir is None: + setup_dir = "setup" + +provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetdir=opts.targetdir, + realm=opts.realm, domain=opts.domain, + hostname=opts.host_name, + adminpass=opts.ldap_admin_pass, + root=opts.root, serverrole=server_role, + ldap_backend_type=opts.ldap_backend_type, + ldap_backend_port=opts.ldap_backend_port, + ol_mmr_urls=opts.ol_mmr_urls) + diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif new file mode 100644 index 0000000000..2f734e83b2 --- /dev/null +++ b/source4/setup/provision.ldif @@ -0,0 +1,84 @@ +dn: OU=Domain Controllers,${DOMAINDN} +objectClass: top +objectClass: organizationalUnit +cn: Domain Controllers +description: Default container for domain controllers +systemFlags: 2348810240 +isCriticalSystemObject: TRUE +showInAdvancedViewOnly: FALSE + +dn: CN=ForeignSecurityPrincipals,${DOMAINDN} +objectClass: top +objectClass: container +cn: ForeignSecurityPrincipals +description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains +systemFlags: 2348810240 +isCriticalSystemObject: TRUE +showInAdvancedViewOnly: FALSE + +dn: CN=System,${DOMAINDN} +objectClass: top +objectClass: container +cn: System +description: Builtin system settings +systemFlags: 2348810240 +isCriticalSystemObject: TRUE + +dn: CN=RID Manager$,CN=System,${DOMAINDN} +objectclass: top +objectclass: rIDManager +cn: RID Manager$ +systemFlags: 2348810240 +isCriticalSystemObject: TRUE +fSMORoleOwner: CN=NTDS Settings,${SERVERDN} +rIDAvailablePool: 4611686014132423217 + +dn: CN=DomainUpdates,CN=System,${DOMAINDN} +objectClass: top +objectClass: container +cn: DomainUpdates + +dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${DOMAINDN} +objectClass: top +objectClass: container +cn: Windows2003Update +revision: 8 + +dn: CN=Infrastructure,${DOMAINDN} +objectclass: top +objectclass: infrastructureUpdate +cn: Infrastructure +systemFlags: 2348810240 +isCriticalSystemObject: TRUE +fSMORoleOwner: CN=NTDS Settings,${SERVERDN} + +dn: CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: builtinDomain +cn: Builtin +forceLogoff: 9223372036854775808 +lockoutDuration: -18000000000 +lockOutObservationWindow: -18000000000 +lockoutThreshold: 0 +maxPwdAge: -37108517437440 +minPwdAge: 0 +minPwdLength: 0 +modifiedCountAtLastProm: 0 +nextRid: 1000 +pwdProperties: 0 +pwdHistoryLength: 0 +objectSid: S-1-5-32 +serverState: 1 +uASCompat: 1 +modifiedCount: 1 +isCriticalSystemObject: TRUE +showInAdvancedViewOnly: FALSE + +dn: CN=Policies,CN=System,${DOMAINDN} +objectClass: top +objectClass: container + +dn: CN=IP Security,CN=System,${DOMAINDN} +objectClass: top +objectClass: container + diff --git a/source4/setup/provision.reg b/source4/setup/provision.reg new file mode 100644 index 0000000000..b80db09c09 --- /dev/null +++ b/source4/setup/provision.reg @@ -0,0 +1,49 @@ +REGEDIT4 + +[HKEY_LOCAL_MACHINE] + +[HKEY_LOCAL_MACHINE\SOFTWARE] + +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft] + +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT] + +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion] +CurrentVersion=5.2 + +[HKEY_LOCAL_MACHINE\SYSTEM] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions] +ProductType=LanmanNT + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server] + +[HKEY_LOCAL_MACHINE\SYSTEM] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] +RefusePasswordChange=REG_DWORD:0 + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\REPLICATOR] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\REPLICATOR\Parameters] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter\Parameters] + +[HKEY_USERS] + +[HKEY_CLASSES_ROOT] + diff --git a/source4/setup/provision.smb.conf.dc b/source4/setup/provision.smb.conf.dc new file mode 100644 index 0000000000..ad06be4301 --- /dev/null +++ b/source4/setup/provision.smb.conf.dc @@ -0,0 +1,15 @@ +[globals] + netbios name = ${HOSTNAME} + workgroup = ${DOMAIN} + realm = ${REALM} + server role = ${SERVERROLE} + ${PRIVATEDIR_LINE} + ${LOCKDIR_LINE} + +[netlogon] + path = ${NETLOGONPATH} + read only = no + +[sysvol] + path = ${SYSVOLPATH} + read only = no diff --git a/source4/setup/provision.smb.conf.member b/source4/setup/provision.smb.conf.member new file mode 100644 index 0000000000..0d742fb903 --- /dev/null +++ b/source4/setup/provision.smb.conf.member @@ -0,0 +1,7 @@ +[globals] + netbios name = ${HOSTNAME} + workgroup = ${DOMAIN} + realm = ${REALM} + server role = ${SERVERROLE} + ${PRIVATEDIR_LINE} + ${LOCKDIR_LINE} diff --git a/source4/setup/provision.smb.conf.standalone b/source4/setup/provision.smb.conf.standalone new file mode 100644 index 0000000000..0d742fb903 --- /dev/null +++ b/source4/setup/provision.smb.conf.standalone @@ -0,0 +1,7 @@ +[globals] + netbios name = ${HOSTNAME} + workgroup = ${DOMAIN} + realm = ${REALM} + server role = ${SERVERROLE} + ${PRIVATEDIR_LINE} + ${LOCKDIR_LINE} diff --git a/source4/setup/provision.zone b/source4/setup/provision.zone new file mode 100644 index 0000000000..17ae3bb47a --- /dev/null +++ b/source4/setup/provision.zone @@ -0,0 +1,50 @@ +; -*- zone -*- +; generated by provision.pl +$ORIGIN ${DNSDOMAIN}. +$TTL 1W +@ IN SOA @ hostmaster ( + ${DATESTRING} ; serial + 2D ; refresh + 4H ; retry + 6W ; expiry + 1W ) ; minimum + IN NS ${HOSTNAME} +${HOSTIP6_BASE_LINE} + IN A ${HOSTIP} +; +${HOSTIP6_HOST_LINE} +${HOSTNAME} IN A ${HOSTIP} +gc._msdcs IN CNAME ${HOSTNAME} +${HOSTGUID}._msdcs IN CNAME ${HOSTNAME} +; +; global catalog servers +_gc._tcp IN SRV 0 100 3268 ${HOSTNAME} +_gc._tcp.${DEFAULTSITE}._sites IN SRV 0 100 3268 ${HOSTNAME} +_ldap._tcp.gc._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.${DEFAULTSITE}._sites.gc._msdcs IN SRV 0 100 389 ${HOSTNAME} +; +; ldap servers +_ldap._tcp IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.dc._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.pdc._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.${DOMAINGUID} IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.${DOMAINGUID}.domains._msdcs IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.${DEFAULTSITE}._sites IN SRV 0 100 389 ${HOSTNAME} +_ldap._tcp.${DEFAULTSITE}._sites.dc._msdcs IN SRV 0 100 389 ${HOSTNAME} +; +; krb5 servers +_kerberos._tcp IN SRV 0 100 88 ${HOSTNAME} +_kerberos._tcp.dc._msdcs IN SRV 0 100 88 ${HOSTNAME} +_kerberos._tcp.${DEFAULTSITE}._sites IN SRV 0 100 88 ${HOSTNAME} +_kerberos._tcp.${DEFAULTSITE}._sites.dc._msdcs IN SRV 0 100 88 ${HOSTNAME} +_kerberos._udp IN SRV 0 100 88 ${HOSTNAME} +; MIT kpasswd likes to lookup this name on password change +_kerberos-master._tcp IN SRV 0 100 88 ${HOSTNAME} +_kerberos-master._udp IN SRV 0 100 88 ${HOSTNAME} +; +; kpasswd +_kpasswd._tcp IN SRV 0 100 464 ${HOSTNAME} +_kpasswd._udp IN SRV 0 100 464 ${HOSTNAME} +; +; heimdal 'find realm for host' hack +_kerberos IN TXT ${REALM} diff --git a/source4/setup/provision_basedn.ldif b/source4/setup/provision_basedn.ldif new file mode 100644 index 0000000000..7fdecfa3c0 --- /dev/null +++ b/source4/setup/provision_basedn.ldif @@ -0,0 +1,8 @@ +################################ +## Domain Naming Context +################################ +dn: ${DOMAINDN} +objectClass: top +objectClass: ${DOMAIN_OC} +${ACI} + diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif new file mode 100644 index 0000000000..63332e937b --- /dev/null +++ b/source4/setup/provision_basedn_modify.ldif @@ -0,0 +1,80 @@ +############################### +# Domain Naming Context +############################### +dn: ${DOMAINDN} +changetype: modify +- +replace: forceLogoff +forceLogoff: 9223372036854775808 +- +replace: lockoutDuration +lockoutDuration: -18000000000 +- +replace: lockOutObservationWindow +lockOutObservationWindow: -18000000000 +- +replace: lockoutThreshold +lockoutThreshold: 0 +- +replace: maxPwdAge +maxPwdAge: -37108517437440 +- +replace: minPwdAge +minPwdAge: 0 +- +replace: minPwdLength +minPwdLength: 7 +- +replace: modifiedCountAtLastProm +modifiedCountAtLastProm: 0 +- +replace: nextRid +nextRid: 1000 +- +replace: pwdProperties +pwdProperties: 1 +- +replace: pwdHistoryLength +pwdHistoryLength: 24 +- +replace: objectSid +objectSid: ${DOMAINSID} +- +replace: oEMInformation +oEMInformation: Provisioned by Samba4: ${LDAPTIME} +- +replace: serverState +serverState: 1 +- +replace: nTMixedDomain +nTMixedDomain: 1 +- +replace: msDS-Behavior-Version +msDS-Behavior-Version: 0 +- +replace: ridManagerReference +ridManagerReference: CN=RID Manager$,CN=System,${DOMAINDN} +- +replace: uASCompat +uASCompat: 1 +- +replace: modifiedCount +modifiedCount: 1 +- +replace: objectCategory +objectCategory: CN=Domain-DNS,${SCHEMADN} +- +replace: fSMORoleOwner +fSMORoleOwner: CN=NTDS Settings,${SERVERDN} +- +replace: isCriticalSystemObject +isCriticalSystemObject: TRUE +- +replace: subRefs +subRefs: ${CONFIGDN} +subRefs: ${SCHEMADN} +- +replace: gPLink +gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0] +- +${DOMAINGUID_MOD} diff --git a/source4/setup/provision_computers_add.ldif b/source4/setup/provision_computers_add.ldif new file mode 100644 index 0000000000..6db3f41524 --- /dev/null +++ b/source4/setup/provision_computers_add.ldif @@ -0,0 +1,3 @@ +dn: CN=Computers,${DOMAINDN} +objectClass: top +objectClass: container diff --git a/source4/setup/provision_computers_modify.ldif b/source4/setup/provision_computers_modify.ldif new file mode 100644 index 0000000000..3bb4074d42 --- /dev/null +++ b/source4/setup/provision_computers_modify.ldif @@ -0,0 +1,13 @@ +dn: CN=Computers,${DOMAINDN} +changetype: modify +replace: description +description: Default container for upgraded computer accounts +- +replace: showInAdvancedViewOnly +showInAdvancedViewOnly: FALSE +- +replace: systemFlags +systemFlags: 2348810240 +- +replace: isCriticalSystemObject +isCriticalSystemObject: TRUE diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif new file mode 100644 index 0000000000..2a7357d7ad --- /dev/null +++ b/source4/setup/provision_configuration.ldif @@ -0,0 +1,94 @@ +############################### +# Configuration Naming Context +############################### +dn: CN=Partitions,${CONFIGDN} +objectClass: top +objectClass: crossRefContainer +cn: Partitions +systemFlags: 2147483648 +msDS-Behavior-Version: 0 +fSMORoleOwner: CN=NTDS Settings,${SERVERDN} + +dn: CN=Enterprise Configuration,CN=Partitions,${CONFIGDN} +objectClass: top +objectClass: crossRef +cn: Enterprise Configuration +systemFlags: 1 +nCName: ${CONFIGDN} +dnsRoot: ${DNSDOMAIN} + +dn: CN=Enterprise Schema,CN=Partitions,${CONFIGDN} +objectClass: top +objectClass: crossRef +cn: Enterprise Schema +systemFlags: 1 +nCName: ${SCHEMADN} +dnsRoot: ${DNSDOMAIN} + +dn: CN=${DOMAIN},CN=Partitions,${CONFIGDN} +objectClass: top +objectClass: crossRef +cn: ${DOMAIN} +systemFlags: 3 +nCName: ${DOMAINDN} +nETBIOSName: ${DOMAIN} +dnsRoot: ${DNSDOMAIN} + +dn: CN=Sites,${CONFIGDN} +objectClass: top +objectClass: sitesContainer +cn: Sites +systemFlags: 2181038080 + +dn: CN=${DEFAULTSITE},CN=Sites,${CONFIGDN} +objectClass: top +objectClass: site +cn: ${DEFAULTSITE} +systemFlags: 2181038080 + +dn: CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN} +objectClass: top +objectClass: serversContainer +cn: Servers +systemFlags: 2181038080 + +dn: CN=Services,${CONFIGDN} +objectClass: top +objectClass: container +cn: Services +systemFlags: 2147483648 + +dn: CN=Windows NT,CN=Services,${CONFIGDN} +objectClass: top +objectClass: container +cn: Windows NT + +dn: CN=Directory Service,CN=Windows NT,CN=Services,${CONFIGDN} +objectClass: top +objectClass: nTDSService +cn: Directory Service +sPNMappings: host=ldap,dns,cifs,http + +dn: CN=Query-Policies,CN=Directory Service,CN=Windows NT,CN=Services,${CONFIGDN} +objectClass: top +objectClass: container +cn: Query-Policies + +dn: CN=Default Query Policy,CN=Query-Policies,CN=Directory Service,CN=Windows NT,CN=Services,${CONFIGDN} +objectClass: top +objectClass: queryPolicy +cn: Default Query Policy +lDAPAdminLimits: MaxValRange=1500 +lDAPAdminLimits: MaxReceiveBuffer=10485760 +lDAPAdminLimits: MaxDatagramRecv=4096 +lDAPAdminLimits: MaxPoolThreads=4 +lDAPAdminLimits: MaxResultSetSize=262144 +lDAPAdminLimits: MaxTempTableSize=10000 +lDAPAdminLimits: MaxQueryDuration=120 +lDAPAdminLimits: MaxPageSize=1000 +lDAPAdminLimits: MaxNotificationPerConn=5 +lDAPAdminLimits: MaxActiveQueries=20 +lDAPAdminLimits: MaxConnIdleTime=900 +lDAPAdminLimits: InitRecvTimeout=120 +lDAPAdminLimits: MaxConnections=5000 + diff --git a/source4/setup/provision_configuration_basedn.ldif b/source4/setup/provision_configuration_basedn.ldif new file mode 100644 index 0000000000..575f8faa0a --- /dev/null +++ b/source4/setup/provision_configuration_basedn.ldif @@ -0,0 +1,8 @@ +############################### +# Configuration Naming Context +############################### +dn: ${CONFIGDN} +objectClass: top +objectClass: configuration +${ACI} +cn: Configuration diff --git a/source4/setup/provision_configuration_basedn_modify.ldif b/source4/setup/provision_configuration_basedn_modify.ldif new file mode 100644 index 0000000000..9b87e1cead --- /dev/null +++ b/source4/setup/provision_configuration_basedn_modify.ldif @@ -0,0 +1,7 @@ +############################### +# Configuration Naming Context +############################### +dn: ${CONFIGDN} +changetype: modify +replace: subRefs +subRefs: ${SCHEMADN} diff --git a/source4/setup/provision_group_policy.ldif b/source4/setup/provision_group_policy.ldif new file mode 100644 index 0000000000..0f3e1f15f9 --- /dev/null +++ b/source4/setup/provision_group_policy.ldif @@ -0,0 +1,25 @@ +dn: CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} +objectClass: top +objectClass: container +objectClass: groupPolicyContainer +displayName: Default Domain Policy +gPCFunctionalityVersion: 2 +gPCFileSysPath: \\${DNSDOMAIN}\sysvol\${DNSDOMAIN}\Policies\{${POLICYGUID}} +versionNumber: 1 +flags: 0 +gPCMachineExtensionNames: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1B-248 + 8-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4 + FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2 + 488-11D1-A28C-00C04FB94F17}] +gPCUserExtensionNames: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-1 + 1D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E- + 11D1-A7CC-0000F87571E3}] +nTSecurityDescriptor: O:${DOMAINSID}-512G:${DOMAINSID}-512D:PAI(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-519)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;${DOMAINSID}-512)(A;CIIO;RPWPCCDCLCLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;RPLCLORC;;;ED)S:AI(OU;CIIDSA;WPWD;;f30e3bc2-9ff0-11d1-b603-0000f80367c1;WD)(OU;CIIOIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIOIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) + +dn: CN=User,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} +objectClass: top +objectClass: container + +dn: CN=Machine,CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN} +objectClass: top +objectClass: container diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif new file mode 100644 index 0000000000..a6c591dd51 --- /dev/null +++ b/source4/setup/provision_init.ldif @@ -0,0 +1,53 @@ +#These attributes are only used as far as the bootstrapping of the +# schema. After that, the attributes from the schema are used. +# +# Therefore, they must strictly match the schema + +dn: @ATTRIBUTES +userPrincipalName: CASE_INSENSITIVE +servicePrincipalName: CASE_INSENSITIVE +dnsDomain: CASE_INSENSITIVE +dnsRoot: CASE_INSENSITIVE +nETBIOSName: CASE_INSENSITIVE +cn: CASE_INSENSITIVE +dc: CASE_INSENSITIVE +name: CASE_INSENSITIVE +lDAPDisplayName: CASE_INSENSITIVE +subClassOf: CASE_INSENSITIVE +dn: CASE_INSENSITIVE +sAMAccountName: CASE_INSENSITIVE +objectClass: CASE_INSENSITIVE +userPassword: HIDDEN +krb5Key: HIDDEN +ntPwdHash: HIDDEN +sambaNTPwdHistory: HIDDEN +lmPwdHash: HIDDEN +sambaLMPwdHistory: HIDDEN +createTimestamp: HIDDEN +modifyTimestamp: HIDDEN +groupType: INTEGER +sAMAccountType: INTEGER +systemFlags: INTEGER +userAccountControl: INTEGER + +dn: @OPTIONS +checkBaseOnSearch: TRUE + +dn: @KLUDGEACL +passwordAttribute: userPassword +passwordAttribute: ntPwdHash +passwordAttribute: sambaNTPwdHistory +passwordAttribute: lmPwdHash +passwordAttribute: sambaLMPwdHistory +passwordAttribute: krb5key +passwordAttribute: dBCSPwd +passwordAttribute: unicodePwd +passwordAttribute: ntPwdHistory +passwordAttribute: lmPwdHistory +passwordAttribute: supplementalCredentials +passwordAttribute: priorValue +passwordAttribute: currentValue +passwordAttribute: trustAuthOutgoing +passwordAttribute: trustAuthIncoming +passwordAttribute: initialAuthOutgoing +passwordAttribute: initialAuthIncoming diff --git a/source4/setup/provision_partitions.ldif b/source4/setup/provision_partitions.ldif new file mode 100644 index 0000000000..93fea6bc2d --- /dev/null +++ b/source4/setup/provision_partitions.ldif @@ -0,0 +1,13 @@ +dn: @PARTITION +partition: ${SCHEMADN}:${SCHEMADN_LDB} +partition: ${CONFIGDN}:${CONFIGDN_LDB} +partition: ${DOMAINDN}:${DOMAINDN_LDB} +replicateEntries: @ATTRIBUTES +replicateEntries: @INDEXLIST +replicateEntries: @OPTIONS +modules:${SCHEMADN}:${SCHEMADN_MOD},${BACKEND_MOD} +modules:${CONFIGDN}:${CONFIGDN_MOD},${BACKEND_MOD} +modules:${DOMAINDN}:${DOMAINDN_MOD},${BACKEND_MOD} + +dn: @MODULES +@LIST: ${MODULES_LIST}${TDB_MODULES_LIST},${MODULES_LIST2} diff --git a/source4/setup/provision_rootdse_add.ldif b/source4/setup/provision_rootdse_add.ldif new file mode 100644 index 0000000000..14e0d71df6 --- /dev/null +++ b/source4/setup/provision_rootdse_add.ldif @@ -0,0 +1,17 @@ +# the rootDSE module looks in this record for its base data +dn: @ROOTDSE +subschemaSubentry: CN=Aggregate,${SCHEMADN} +dsServiceName: CN=NTDS Settings,${SERVERDN} +defaultNamingContext: ${DOMAINDN} +rootDomainNamingContext: ${ROOTDN} +configurationNamingContext: ${CONFIGDN} +schemaNamingContext: ${SCHEMADN} +supportedLDAPVersion: 3 +dnsHostName: ${DNSNAME} +ldapServiceName: ${DNSDOMAIN}:${NETBIOSNAME}$@${REALM} +serverName: ${SERVERDN} +domainFunctionality: 0 +forestFunctionality: 0 +domainControllerFunctionality: 2 +isSynchronized: FALSE +vendorName: Samba Team (http://samba.org) diff --git a/source4/setup/provision_rootdse_modify.ldif b/source4/setup/provision_rootdse_modify.ldif new file mode 100644 index 0000000000..1f950171a2 --- /dev/null +++ b/source4/setup/provision_rootdse_modify.ldif @@ -0,0 +1,5 @@ +# mark the database as syncronized +dn: @ROOTDSE +changetype: modify +replace: isSynchronized +isSynchronized: TRUE diff --git a/source4/setup/provision_schema_basedn.ldif b/source4/setup/provision_schema_basedn.ldif new file mode 100644 index 0000000000..fbfd4c09d6 --- /dev/null +++ b/source4/setup/provision_schema_basedn.ldif @@ -0,0 +1,8 @@ +############################### +# Schema Naming Context +############################### +dn: ${SCHEMADN} +objectClass: top +objectClass: dMD +${ACI} +cn: Schema diff --git a/source4/setup/provision_schema_basedn_modify.ldif b/source4/setup/provision_schema_basedn_modify.ldif new file mode 100644 index 0000000000..d6c458904e --- /dev/null +++ b/source4/setup/provision_schema_basedn_modify.ldif @@ -0,0 +1,14 @@ +############################### +# Schema Naming Context +############################### +dn: ${SCHEMADN} +changetype: modify +replace: fSMORoleOwner +fSMORoleOwner: CN=NTDS Settings,${SERVERDN} +- +replace: objectVersion +objectVersion: 30 +- +replace: prefixMap +prefixMap:: ${PREFIXMAP_B64} + diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif new file mode 100644 index 0000000000..77a2e49865 --- /dev/null +++ b/source4/setup/provision_self_join.ldif @@ -0,0 +1,62 @@ +#Join the DC to itself by default + +dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN} +objectClass: computer +cn: ${NETBIOSNAME} +userAccountControl: 532480 +localPolicyFlags: 0 +primaryGroupID: 516 +accountExpires: 9223372036854775807 +sAMAccountName: ${NETBIOSNAME}$ +operatingSystem: Samba +operatingSystemVersion: 4.0 +dNSHostName: ${DNSNAME} +isCriticalSystemObject: TRUE +userPassword:: ${MACHINEPASS_B64} +servicePrincipalName: HOST/${DNSNAME} +servicePrincipalName: HOST/${NETBIOSNAME} +servicePrincipalName: HOST/${DNSNAME}/${REALM} +servicePrincipalName: HOST/${NETBIOSNAME}/${REALM} +servicePrincipalName: HOST/${DNSNAME}/${DOMAIN} +servicePrincipalName: HOST/${NETBIOSNAME}/${DOMAIN} + +#Provide a account for DNS keytab export +dn: CN=dns,CN=Users,${DOMAINDN} +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +cn: dns +description: DNS Service Account +userAccountControl: 514 +accountExpires: 9223372036854775807 +sAMAccountName: dns +servicePrincipalName: DNS/${DNSDOMAIN} +isCriticalSystemObject: TRUE +userPassword:: ${DNSPASS_B64} +showInAdvancedViewOnly: TRUE + +dn: ${SERVERDN} +objectClass: top +objectClass: server +cn: ${NETBIOSNAME} +systemFlags: 1375731712 +dNSHostName: ${DNSNAME} +serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN} + +dn: CN=NTDS Settings,${SERVERDN} +objectClass: top +objectClass: applicationSettings +objectClass: nTDSDSA +cn: NTDS Settings +options: 1 +systemFlags: 33554432 +dMDLocation: ${SCHEMADN} +invocationId: ${INVOCATIONID} +msDS-Behavior-Version: 2 +msDS-hasMasterNCs: ${CONFIGDN} +msDS-hasMasterNCs: ${SCHEMADN} +msDS-hasMasterNCs: ${DOMAINDN} +hasMasterNCs: ${CONFIGDN} +hasMasterNCs: ${SCHEMADN} +hasMasterNCs: ${DOMAINDN} diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif new file mode 100644 index 0000000000..04257549d5 --- /dev/null +++ b/source4/setup/provision_templates.ldif @@ -0,0 +1,43 @@ +### +# Templates to be put in templates.ldb. Not part of main samdb any more. +### + +dn: CN=Templates +objectClass: top +objectClass: container +description: Container for SAM account templates + +dn: CN=TemplateUser,CN=Templates +userAccountControl: 546 +badPwdCount: 0 +codePage: 0 +countryCode: 0 +badPasswordTime: 0 +lastLogoff: 0 +lastLogon: 0 +pwdLastSet: 0 +primaryGroupID: 513 +accountExpires: 9223372036854775807 +logonCount: 0 + +dn: CN=TemplateTrustingDomain,CN=Templates +userAccountControl: 2080 +badPwdCount: 0 +codePage: 0 +countryCode: 0 +badPasswordTime: 0 +lastLogoff: 0 +lastLogon: 0 +primaryGroupID: 513 +accountExpires: 9223372036854775807 +logonCount: 0 + +dn: CN=TemplateGroup,CN=Templates +groupType: -2147483646 + +dn: CN=TemplateForeignSecurityPrincipal,CN=Templates + +dn: CN=TemplateSecret,CN=Templates + +dn: CN=TemplateTrustedDomain,CN=Templates + diff --git a/source4/setup/provision_templates_init.ldif b/source4/setup/provision_templates_init.ldif new file mode 100644 index 0000000000..6d6a3c228c --- /dev/null +++ b/source4/setup/provision_templates_init.ldif @@ -0,0 +1,10 @@ +dn: @OPTIONS +checkBaseOnSearch: TRUE + +dn: @INDEXLIST +@IDXATTR: cn + +dn: @ATTRIBUTES +cn: CASE_INSENSITIVE +dn: CASE_INSENSITIVE + diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif new file mode 100644 index 0000000000..854c42d07c --- /dev/null +++ b/source4/setup/provision_users.ldif @@ -0,0 +1,528 @@ +dn: CN=Administrator,CN=Users,${DOMAINDN} +objectClass: user +cn: Administrator +description: Built-in account for administering the computer/domain +userAccountControl: 66048 +objectSid: ${DOMAINSID}-500 +adminCount: 1 +accountExpires: 9223372036854775807 +sAMAccountName: Administrator +isCriticalSystemObject: TRUE +userPassword:: ${ADMINPASS_B64} + +dn: CN=Guest,CN=Users,${DOMAINDN} +objectClass: user +cn: Guest +description: Built-in account for guest access to the computer/domain +userAccountControl: 66082 +primaryGroupID: 514 +objectSid: ${DOMAINSID}-501 +sAMAccountName: Guest +isCriticalSystemObject: TRUE + +dn: CN=Enterprise Admins,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Enterprise Admins +description: Designated administrators of the enterprise +member: CN=Administrator,CN=Users,${DOMAINDN} +objectSid: ${DOMAINSID}-519 +adminCount: 1 +sAMAccountName: Enterprise Admins +isCriticalSystemObject: TRUE + +dn: CN=krbtgt,CN=Users,${DOMAINDN} +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +cn: krbtgt +description: Key Distribution Center Service Account +showInAdvancedViewOnly: TRUE +userAccountControl: 514 +objectSid: ${DOMAINSID}-502 +adminCount: 1 +accountExpires: 9223372036854775807 +sAMAccountName: krbtgt +servicePrincipalName: kadmin/changepw +isCriticalSystemObject: TRUE +userPassword:: ${KRBTGTPASS_B64} + +dn: CN=Domain Computers,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Domain Computers +description: All workstations and servers joined to the domain +objectSid: ${DOMAINSID}-515 +sAMAccountName: Domain Computers +isCriticalSystemObject: TRUE + +dn: CN=Domain Controllers,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Domain Controllers +description: All domain controllers in the domain +objectSid: ${DOMAINSID}-516 +adminCount: 1 +sAMAccountName: Domain Controllers +isCriticalSystemObject: TRUE + +dn: CN=Schema Admins,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Schema Admins +description: Designated administrators of the schema +member: CN=Administrator,CN=Users,${DOMAINDN} +objectSid: ${DOMAINSID}-518 +adminCount: 1 +sAMAccountName: Schema Admins +isCriticalSystemObject: TRUE + +dn: CN=Cert Publishers,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Cert Publishers +description: Members of this group are permitted to publish certificates to the Active Directory +groupType: -2147483644 +objectSid: ${DOMAINSID}-517 +sAMAccountName: Cert Publishers +isCriticalSystemObject: TRUE + +dn: CN=Domain Admins,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Domain Admins +description: Designated administrators of the domain +member: CN=Administrator,CN=Users,${DOMAINDN} +objectSid: ${DOMAINSID}-512 +adminCount: 1 +sAMAccountName: Domain Admins +isCriticalSystemObject: TRUE + +dn: CN=Domain Users,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Domain Users +description: All domain users +objectSid: ${DOMAINSID}-513 +sAMAccountName: Domain Users +isCriticalSystemObject: TRUE + +dn: CN=Domain Guests,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Domain Guests +description: All domain guests +objectSid: ${DOMAINSID}-514 +sAMAccountName: Domain Guests +isCriticalSystemObject: TRUE + +dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: Group Policy Creator Owners +description: Members in this group can modify group policy for the domain +member: CN=Administrator,CN=Users,${DOMAINDN} +objectSid: ${DOMAINSID}-520 +sAMAccountName: Group Policy Creator Owners +isCriticalSystemObject: TRUE + +dn: CN=RAS and IAS Servers,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +cn: RAS and IAS Servers +description: Servers in this group can access remote access properties of users +objectSid: ${DOMAINSID}-553 +sAMAccountName: RAS and IAS Servers +groupType: -2147483644 +isCriticalSystemObject: TRUE + +dn: CN=Administrators,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Administrators +description: Administrators have complete and unrestricted access to the computer/domain +member: CN=Domain Admins,CN=Users,${DOMAINDN} +member: CN=Enterprise Admins,CN=Users,${DOMAINDN} +member: CN=Administrator,CN=Users,${DOMAINDN} +objectSid: S-1-5-32-544 +adminCount: 1 +sAMAccountName: Administrators +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE +privilege: SeSecurityPrivilege +privilege: SeBackupPrivilege +privilege: SeRestorePrivilege +privilege: SeSystemtimePrivilege +privilege: SeShutdownPrivilege +privilege: SeRemoteShutdownPrivilege +privilege: SeTakeOwnershipPrivilege +privilege: SeDebugPrivilege +privilege: SeSystemEnvironmentPrivilege +privilege: SeSystemProfilePrivilege +privilege: SeProfileSingleProcessPrivilege +privilege: SeIncreaseBasePriorityPrivilege +privilege: SeLoadDriverPrivilege +privilege: SeCreatePagefilePrivilege +privilege: SeIncreaseQuotaPrivilege +privilege: SeChangeNotifyPrivilege +privilege: SeUndockPrivilege +privilege: SeManageVolumePrivilege +privilege: SeImpersonatePrivilege +privilege: SeCreateGlobalPrivilege +privilege: SeEnableDelegationPrivilege +privilege: SeInteractiveLogonRight +privilege: SeNetworkLogonRight +privilege: SeRemoteInteractiveLogonRight + +dn: CN=Users,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Users +description: Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications +member: CN=Domain Users,CN=Users,${DOMAINDN} +objectSid: S-1-5-32-545 +sAMAccountName: Users +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Guests,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Guests +description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted +member: CN=Domain Guests,CN=Users,${DOMAINDN} +member: CN=Guest,CN=Users,${DOMAINDN} +objectSid: S-1-5-32-546 +sAMAccountName: Guests +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Print Operators,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Print Operators +description: Members can administer domain printers +objectSid: S-1-5-32-550 +adminCount: 1 +sAMAccountName: Print Operators +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE +privilege: SeLoadDriverPrivilege +privilege: SeShutdownPrivilege +privilege: SeInteractiveLogonRight + +dn: CN=Backup Operators,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Backup Operators +description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files +objectSid: S-1-5-32-551 +adminCount: 1 +sAMAccountName: Backup Operators +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE +privilege: SeBackupPrivilege +privilege: SeRestorePrivilege +privilege: SeShutdownPrivilege +privilege: SeInteractiveLogonRight + +dn: CN=Replicator,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Replicator +description: Supports file replication in a domain +objectSid: S-1-5-32-552 +adminCount: 1 +sAMAccountName: Replicator +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Remote Desktop Users,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Remote Desktop Users +description: Members in this group are granted the right to logon remotely +objectSid: S-1-5-32-555 +sAMAccountName: Remote Desktop Users +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Network Configuration Operators,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Network Configuration Operators +description: Members in this group can have some administrative privileges to manage configuration of networking features +objectSid: S-1-5-32-556 +sAMAccountName: Network Configuration Operators +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Performance Monitor Users,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Performance Monitor Users +description: Members of this group have remote access to monitor this computer +objectSid: S-1-5-32-558 +sAMAccountName: Performance Monitor Users +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Performance Log Users,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Performance Log Users +description: Members of this group have remote access to schedule logging of performance counters on this computer +objectSid: S-1-5-32-559 +sAMAccountName: Performance Log Users +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Server Operators,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Server Operators +description: Members can administer domain servers +objectSid: S-1-5-32-549 +adminCount: 1 +sAMAccountName: Server Operators +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE +privilege: SeBackupPrivilege +privilege: SeSystemtimePrivilege +privilege: SeRemoteShutdownPrivilege +privilege: SeRestorePrivilege +privilege: SeShutdownPrivilege +privilege: SeInteractiveLogonRight + +dn: CN=Account Operators,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Account Operators +description: Members can administer domain user and group accounts +objectSid: S-1-5-32-548 +adminCount: 1 +sAMAccountName: Account Operators +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE +privilege: SeInteractiveLogonRight + +dn: CN=Pre-Windows 2000 Compatible Access,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Pre-Windows 2000 Compatible Access +description: A backward compatibility group which allows read access on all users and groups in the domain +objectSid: S-1-5-32-554 +sAMAccountName: Pre-Windows 2000 Compatible Access +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE +privilege: SeRemoteInteractiveLogonRight +privilege: SeChangeNotifyPrivilege + +dn: CN=Incoming Forest Trust Builders,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Incoming Forest Trust Builders +description: Members of this group can create incoming, one-way trusts to this forest +objectSid: S-1-5-32-557 +sAMAccountName: Incoming Forest Trust Builders +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Windows Authorization Access Group,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Windows Authorization Access Group +description: Members of this group have access to the computed tokenGroupsGlobalAndUniversal attribute on User objects +objectSid: S-1-5-32-560 +sAMAccountName: Windows Authorization Access Group +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Terminal Server License Servers,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Terminal Server License Servers +description: Terminal Server License Servers +objectSid: S-1-5-32-561 +sAMAccountName: Terminal Server License Servers +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=Distributed COM Users,CN=Builtin,${DOMAINDN} +objectClass: top +objectClass: group +cn: Distributed COM Users +description: Members are allowed to launch, activate and use Distributed COM objects on this machine. +objectSid: S-1-5-32-562 +sAMAccountName: Distributed COM Users +systemFlags: 2348810240 +groupType: -2147483643 +isCriticalSystemObject: TRUE + +dn: CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: container +cn: WellKnown Security Principals +systemFlags: 2147483648 + +dn: CN=Anonymous Logon,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Anonymous Logon +objectSid: S-1-5-7 + +dn: CN=Authenticated Users,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Authenticated Users +objectSid: S-1-5-11 + +dn: CN=Batch,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Batch +objectSid: S-1-5-3 + +dn: CN=Creator Group,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Creator Group +objectSid: S-1-3-1 + +dn: CN=Creator Owner,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Creator Owner +objectSid: S-1-3-0 + +dn: CN=Dialup,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Dialup +objectSid: S-1-5-1 + +dn: CN=Digest Authentication,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Digest Authentication +objectSid: S-1-5-64-21 + +dn: CN=Enterprise Domain Controllers,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Enterprise Domain Controllers +objectSid: S-1-5-9 + +dn: CN=Everyone,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Everyone +objectSid: S-1-1-0 + +dn: CN=Interactive,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Interactive +objectSid: S-1-5-4 + +dn: CN=Local Service,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Local Service +objectSid: S-1-5-19 + +dn: CN=Network,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Network +objectSid: S-1-5-2 + +dn: CN=Network Service,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Network Service +objectSid: S-1-5-20 + +dn: CN=NTLM Authentication,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: NTLM Authentication +objectSid: S-1-5-64-10 + +dn: CN=Other Organization,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Other Organization +objectSid: S-1-5-1000 + +dn: CN=Proxy,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Proxy +objectSid: S-1-5-8 + +dn: CN=Remote Interactive Logon,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Remote Interactive Logon +objectSid: S-1-5-14 + +dn: CN=Restricted,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Restricted +objectSid: S-1-5-12 + +dn: CN=SChannel Authentication,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: SChannel Authentication +objectSid: S-1-5-64-14 + +dn: CN=Self,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Self +objectSid: S-1-5-10 + +dn: CN=Service,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Service +objectSid: S-1-5-6 + +dn: CN=Terminal Server User,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Terminal Server User +objectSid: S-1-5-13 + +dn: CN=This Organization,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: This Organization +objectSid: S-1-5-15 + +dn: CN=Well-Known-Security-Id-System,CN=WellKnown Security Principals,${CONFIGDN} +objectClass: top +objectClass: foreignSecurityPrincipal +cn: Well-Known-Security-Id-System +objectSid: S-1-5-18 + diff --git a/source4/setup/provision_users_add.ldif b/source4/setup/provision_users_add.ldif new file mode 100644 index 0000000000..db075d9c80 --- /dev/null +++ b/source4/setup/provision_users_add.ldif @@ -0,0 +1,3 @@ +dn: CN=Users,${DOMAINDN} +objectClass: top +objectClass: container diff --git a/source4/setup/provision_users_modify.ldif b/source4/setup/provision_users_modify.ldif new file mode 100644 index 0000000000..06954c44f0 --- /dev/null +++ b/source4/setup/provision_users_modify.ldif @@ -0,0 +1,13 @@ +dn: CN=Users,${DOMAINDN} +changetype: modify +replace: description +description: Default container for upgraded user accounts +- +replace: showInAdvancedViewOnly +showInAdvancedViewOnly: FALSE +- +replace: systemFlags +systemFlags: 2348810240 +- +replace: isCriticalSystemObject +isCriticalSystemObject: TRUE diff --git a/source4/setup/refint.conf b/source4/setup/refint.conf new file mode 100644 index 0000000000..a3a7d3e0ad --- /dev/null +++ b/source4/setup/refint.conf @@ -0,0 +1,3 @@ +overlay refint +refint_modifiersName cn=samba-admin,cn=samba +refint_attributes ${LINK_ATTRS} diff --git a/source4/setup/schema-map-fedora-ds-1.0 b/source4/setup/schema-map-fedora-ds-1.0 new file mode 100644 index 0000000000..e55ef0a9e7 --- /dev/null +++ b/source4/setup/schema-map-fedora-ds-1.0 @@ -0,0 +1,31 @@ +#Standard OpenLDAP attributes +name +objectClasses +createTimeStamp +attributeTypes +objectClass +userPassword +seeAlso +modifyTimeStamp +distinguishedName +description +cn +dITContentRules +top +#This should be provided by the LDAP server, only in our schema to permit provision +aci +#Skip ObjectClasses +#MiddleName has a conflicting OID +2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1 +#defaultGroup has a conflicting OID +1.2.840.113556.1.4.480:1.3.6.1.4.1.7165.4.255.2 +#This large integer format is unimplemented in OpenLDAP 2.3 +1.2.840.113556.1.4.906:1.3.6.1.4.1.1466.115.121.1.27 +#This case insensitive string isn't available +1.2.840.113556.1.4.905:1.3.6.1.4.1.1466.115.121.1.15 +#This type of DN isn't in OpenLDAP +1.2.840.113556.1.4.903:1.3.6.1.4.1.1466.115.121.1.12 +#Treat Security Descriptors as binary +1.2.840.113556.1.4.907:1.3.6.1.4.1.1466.115.121.1.40 +#NumbericString is not supported in Fedora DS 1.0, map to a directory string +1.3.6.1.4.1.1466.115.121.1.36:1.3.6.1.4.1.1466.115.121.1.15 diff --git a/source4/setup/schema-map-openldap-2.3 b/source4/setup/schema-map-openldap-2.3 new file mode 100644 index 0000000000..7de2e67b5e --- /dev/null +++ b/source4/setup/schema-map-openldap-2.3 @@ -0,0 +1,44 @@ +#Standard OpenLDAP attributes +labeledURI +createTimeStamp +objectClass +userPassword +seeAlso +uid +subSchemaSubEntry +structuralObjectClass +distinguishedName +description +cn +top +#The memberOf plugin provides this attribute +memberOf +#These conflict with OpenLDAP builtins +attributeTypes:samba4AttributeTypes +2.5.21.5:1.3.6.1.4.1.7165.4.255.7 +dITContentRules:samba4DITContentRules +2.5.21.2:1.3.6.1.4.1.7165.4.255.6 +objectClasses:samba4ObjectClasses +2.5.21.6:1.3.6.1.4.1.7165.4.255.5 +subSchema:samba4SubSchema +2.5.20.1:1.3.6.1.4.1.7165.4.255.4 +#'name' is the RDN in AD, but something else in OpenLDAP +name:samba4RDN +#Remap these so that we don't put operational attributes in a schema MAY +modifyTimeStamp:samba4ModifyTimestamp +2.5.18.2:1.3.6.1.4.1.7165.4.255.3 +#MiddleName has a conflicting OID +2.16.840.1.113730.3.1.34:1.3.6.1.4.1.7165.4.255.1 +#defaultGroup has a conflicting OID +1.2.840.113556.1.4.480:1.3.6.1.4.1.7165.4.255.2 +#This large integer format is unimplemented in OpenLDAP 2.3 +1.2.840.113556.1.4.906:1.3.6.1.4.1.1466.115.121.1.27 +#This case insensitive string isn't available +1.2.840.113556.1.4.905:1.3.6.1.4.1.1466.115.121.1.44 +#This type of DN isn't in OpenLDAP +1.2.840.113556.1.4.903:1.3.6.1.4.1.1466.115.121.1.12 +#Treat Security Descriptors as binary +1.2.840.113556.1.4.907:1.3.6.1.4.1.1466.115.121.1.40 +#Treat OIDs as case insensitive strings (as otherwise ldap class and +#attribute names, declared at OIDs fail +1.3.6.1.4.1.1466.115.121.1.38:1.3.6.1.4.1.1466.115.121.1.44 diff --git a/source4/setup/schema.ldif b/source4/setup/schema.ldif new file mode 100644 index 0000000000..40ef709ac3 --- /dev/null +++ b/source4/setup/schema.ldif @@ -0,0 +1,10378 @@ +dn: CN=SD-Rights-Effective,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1304 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: SD-Rights-Effective +adminDescription: SD-Rights-Effective +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: sDRightsEffective +schemaIDGUID: c3dbafa6-33df-11d2-98b2-0000f87a57d4 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 134217748 + +dn: CN=ms-Exch-Owner-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.104 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 45 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-Exch-Owner-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: ms-Exch-Owner-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: ownerBL +schemaIDGUID: bf9679f4-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Is-Member-Of-DL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.102 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 32776 +linkID: 3 +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Member-Of-DL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Is-Member-Of-DL +oMSyntax: 127 +searchFlags: 16 +lDAPDisplayName: memberOf +schemaIDGUID: bf967991-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: bc0ac240-79a9-11d0-9020-00c04fc2d4cf +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Search-Guide,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.14 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +mAPIID: 33070 +showInAdvancedViewOnly: TRUE +adminDisplayName: Search-Guide +adminDescription: Search-Guide +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: searchGuide +schemaIDGUID: bf967a2e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-ReplicationEpoch,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1720 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-ReplicationEpoch +adminDescription: ms-DS-ReplicationEpoch +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-ReplicationEpoch +schemaIDGUID: 08e3aa79-eb1c-45b5-af7b-8f94246c8e41 +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Auditing-Policy,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.202 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Auditing-Policy +adminDescription: Auditing-Policy +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: auditingPolicy +schemaIDGUID: 6da8a4fe-0e52-11d0-a286-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-Fax-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.646 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Fax-Other +adminDescription: Phone-Fax-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: otherFacsimileTelephoneNumber +schemaIDGUID: 0296c11d-40da-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.256 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 1024 +mAPIID: 14889 +showInAdvancedViewOnly: TRUE +adminDisplayName: Address +adminDescription: Address +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: streetAddress +schemaIDGUID: f0f8ff84-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Security-Identifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.121 +attributeSyntax: 2.5.5.17 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Security-Identifier +adminDescription: Security-Identifier +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: securityIdentifier +schemaIDGUID: bf967a2f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-KeyVersionNumber,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1782 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: FALSE +adminDisplayName: ms-DS-KeyVersionNumber +adminDescription: The Kerberos version number of the current key for this account. This is a constructed attribute. +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-KeyVersionNumber +schemaIDGUID: c523e9c0-33b5-4ac8-8923-b57b927f42f6 +systemOnly: TRUE +systemFlags: 20 + +dn: CN=Account-Name-History,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1307 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Account-Name-History +adminDescription: Account-Name-History +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: accountNameHistory +schemaIDGUID: 031952ec-3b72-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=preferredLanguage,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.1.39 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: FALSE +adminDisplayName: preferredLanguage +adminDescription: The preferred written or spoken language for a person. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: preferredLanguage +schemaIDGUID: 856be0d0-18e7-46e1-8f5f-7ee4d9020e0d +systemOnly: FALSE +systemFlags: 0 + +dn: CN=User-Shared-Folder-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.752 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Shared-Folder-Other +adminDescription: User-Shared-Folder-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: userSharedFolderOther +schemaIDGUID: 9a9a0220-4a5b-11d1-a9c3-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=User-Shared-Folder,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.751 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Shared-Folder +adminDescription: User-Shared-Folder +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: userSharedFolder +schemaIDGUID: 9a9a021f-4a5b-11d1-a9c3-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MSMQ-Digests-Mig,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.966 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Digests-Mig +adminDescription: MSMQ-Digests-Mig +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: mSMQDigestsMig +schemaIDGUID: 0f71d8e0-da3b-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Domain-Identifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.755 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Domain-Identifier +adminDescription: Domain-Identifier +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: domainIdentifier +schemaIDGUID: 7f561278-5301-11d1-a9c5-0000f80367c1 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Legacy-Exchange-DN,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.655 +attributeSyntax: 2.5.5.4 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Legacy-Exchange-DN +adminDescription: Legacy-Exchange-DN +oMSyntax: 20 +searchFlags: 13 +lDAPDisplayName: legacyExchangeDN +schemaIDGUID: 28630ebc-41d5-11d1-a9c1-0000f80367c1 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Well-Known-Objects,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.618 +attributeSyntax: 2.5.5.7 +isSingleValued: FALSE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Well-Known-Objects +oMObjectClass:: KoZIhvcUAQEBCw== +adminDescription: Well-Known-Objects +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: wellKnownObjects +schemaIDGUID: 05308983-7688-11d1-aded-00c04fd8d5cd +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=RDN,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 255 +mAPIID: 33282 +showInAdvancedViewOnly: TRUE +adminDisplayName: RDN +adminDescription: RDN +oMSyntax: 64 +searchFlags: 13 +lDAPDisplayName: name +schemaIDGUID: bf967a0e-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Non-Security-Member-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.531 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 51 +showInAdvancedViewOnly: TRUE +adminDisplayName: Non-Security-Member-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Non-Security-Member-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: nonSecurityMemberBL +schemaIDGUID: 52458019-ca6a-11d0-afff-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-DS-Repl-Attribute-Meta-Data,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1707 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Repl-Attribute-Meta-Data +adminDescription: ms-DS-Repl-Attribute-Meta-Data +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-ReplAttributeMetaData +schemaIDGUID: d7c53242-724e-4c39-9d4c-2df8c9d66c7a +systemOnly: FALSE +systemFlags: 20 + +dn: CN=DN-Reference-Update,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1242 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: DN-Reference-Update +oMObjectClass:: KwwCh3McAIVK +adminDescription: DN-Reference-Update +oMSyntax: 127 +searchFlags: 8 +lDAPDisplayName: dNReferenceUpdate +schemaIDGUID: 2df90d86-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +systemFlags: 16 + +dn: CN=GP-Options,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.892 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: GP-Options +adminDescription: GP-Options +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: gPOptions +schemaIDGUID: f30e3bbf-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MS-DS-Per-User-Trust-Tombstones-Quota,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1790 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Per-User-Trust-Tombstones-Quota +adminDescription: Used to enforce a per-user quota for deleting Trusted-Domain objects when authorization is based on matching the user's SID to the value of MS-DS-Creator-SID on the Trusted-Domain object. +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-PerUserTrustTombstonesQuota +schemaIDGUID: 8b70a6c6-50f9-4fa3-a71e-1ce03040449b +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-Pager-Primary,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.42 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14881 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Pager-Primary +adminDescription: Phone-Pager-Primary +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: pager +schemaIDGUID: f0f8ffa6-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Site-GUID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.362 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Site-GUID +adminDescription: Site-GUID +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: siteGUID +schemaIDGUID: 3e978924-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Az-Script-Engine-Cache-Max,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1796 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Script-Engine-Cache-Max +adminDescription: Maximum number of scripts that are cached by the application +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-AzScriptEngineCacheMax +schemaIDGUID: 2629f66a-1f95-4bf3-a296-8e9d7b9e30c8 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Token-Groups-No-GC-Acceptable,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1303 +attributeSyntax: 2.5.5.17 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Token-Groups-No-GC-Acceptable +adminDescription: Token-Groups-No-GC-Acceptable +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: tokenGroupsNoGCAcceptable +schemaIDGUID: 040fc392-33df-11d2-98b2-0000f87a57d4 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 134217748 + +dn: CN=Token-Groups-Global-And-Universal,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1418 +attributeSyntax: 2.5.5.17 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Token-Groups-Global-And-Universal +adminDescription: Token-Groups-Global-And-Universal +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: tokenGroupsGlobalAndUniversal +schemaIDGUID: 46a9b11d-60ae-405a-b7e8-ff8a58d456d2 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 134217748 + +dn: CN=Alt-Security-Identities,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.867 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Alt-Security-Identities +adminDescription: Alt-Security-Identities +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: altSecurityIdentities +schemaIDGUID: 00fbf30c-91fe-11d1-aebc-0000f80367c1 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=labeledURI,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.3.6.1.4.1.250.1.57 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: labeledURI +adminDescription: A Uniform Resource Identifier followed by a label. The label is used to describe the resource to which the URI points, and is intended as a friendly name fit for human consumption. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: labeledURI +schemaIDGUID: c569bb46-c680-44bc-a273-e6c227d71b45 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Pwd-Last-Set,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.96 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Pwd-Last-Set +adminDescription: Pwd-Last-Set +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: pwdLastSet +schemaIDGUID: bf967a0a-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 4c164200-20c0-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Object-Classes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.21.6 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Object-Classes +adminDescription: Object-Classes +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: objectClasses +schemaIDGUID: 9a7ad94b-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Trust-Attributes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.470 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Attributes +adminDescription: Trust-Attributes +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: trustAttributes +schemaIDGUID: 80a67e5a-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-Trust-Forest-Trust-Info,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1702 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Trust-Forest-Trust-Info +adminDescription: ms-DS-Trust-Forest-Trust-Info +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: msDS-TrustForestTrustInfo +schemaIDGUID: 29cc866e-49d3-4969-942e-1dbc0925d183 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Site-Object,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.512 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +linkID: 46 +showInAdvancedViewOnly: TRUE +adminDisplayName: Site-Object +oMObjectClass:: KwwCh3McAIVK +adminDescription: Site-Object +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: siteObject +schemaIDGUID: 3e10944c-c354-11d0-aff8-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Is-Privilege-Holder,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.638 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 71 +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Privilege-Holder +oMObjectClass:: KwwCh3McAIVK +adminDescription: Is-Privilege-Holder +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: isPrivilegeHolder +schemaIDGUID: 19405b9c-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Dns-Root,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.28 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 255 +showInAdvancedViewOnly: TRUE +adminDisplayName: Dns-Root +adminDescription: Dns-Root +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: dnsRoot +schemaIDGUID: bf967959-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Modified-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.168 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Modified-Count +adminDescription: Modified-Count +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: modifiedCount +schemaIDGUID: bf9679c5-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemOnly: FALSE +systemFlags: 17 + +dn: CN=International-ISDN-Number,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.25 +attributeSyntax: 2.5.5.6 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 16 +mAPIID: 32958 +showInAdvancedViewOnly: TRUE +adminDisplayName: International-ISDN-Number +adminDescription: International-ISDN-Number +oMSyntax: 18 +searchFlags: 0 +lDAPDisplayName: internationalISDNNumber +schemaIDGUID: bf96798d-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Business-Category,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.15 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 32855 +showInAdvancedViewOnly: TRUE +adminDisplayName: Business-Category +adminDescription: Business-Category +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: businessCategory +schemaIDGUID: bf967931-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=houseIdentifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.51 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 32768 +showInAdvancedViewOnly: TRUE +adminDisplayName: houseIdentifier +adminDescription: The houseIdentifier attribute type specifies a linguistic construct used to identify a particular building, for example a house number or house name relative to a street, avenue, town or city, etc. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: houseIdentifier +schemaIDGUID: a45398b7-c44a-4eb6-82d3-13c10946dbfe +systemOnly: FALSE + +dn: CN=Other-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.1.34 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: Other-Name +adminDescription: Other-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: middleName +schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Attribute-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.30 +attributeSyntax: 2.5.5.2 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Attribute-ID +adminDescription: Attribute-ID +oMSyntax: 6 +searchFlags: 8 +lDAPDisplayName: attributeID +schemaIDGUID: bf967922-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Repl-Topology-Stay-Of-Execution,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.677 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Repl-Topology-Stay-Of-Execution +adminDescription: Repl-Topology-Stay-Of-Execution +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: replTopologyStayOfExecution +schemaIDGUID: 7bfdcb83-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Netboot-GUID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.359 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Netboot-GUID +adminDescription: Netboot-GUID +oMSyntax: 4 +searchFlags: 1 +lDAPDisplayName: netbootGUID +schemaIDGUID: 3e978921-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=RDN-Att-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.26 +attributeSyntax: 2.5.5.2 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: RDN-Att-ID +adminDescription: RDN-Att-ID +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: rDNAttID +schemaIDGUID: bf967a0f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=May-Contain,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.25 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: May-Contain +adminDescription: May-Contain +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: mayContain +schemaIDGUID: bf9679bf-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Trust-Auth-Outgoing,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.135 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 32767 +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Auth-Outgoing +adminDescription: Trust-Auth-Outgoing +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: trustAuthOutgoing +schemaIDGUID: bf967a5f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=GPC-WQL-Filter,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1694 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: GPC-WQL-Filter +adminDescription: GPC-WQL-Filter +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: gPCWQLFilter +schemaIDGUID: 7bd4c7a6-1add-4436-8c04-3999a880154c +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Server-Reference-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.516 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 95 +showInAdvancedViewOnly: TRUE +adminDisplayName: Server-Reference-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Server-Reference-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: serverReferenceBL +schemaIDGUID: 26d9736e-6070-11d1-a9c6-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Create-Time-Stamp,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.18.1 +attributeSyntax: 2.5.5.11 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Create-Time-Stamp +adminDescription: Create-Time-Stamp +oMSyntax: 24 +searchFlags: 0 +lDAPDisplayName: createTimeStamp +schemaIDGUID: 2df90d73-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Attribute-Display-Names,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.748 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Attribute-Display-Names +adminDescription: Attribute-Display-Names +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: attributeDisplayNames +schemaIDGUID: cb843f80-48d9-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Admin-Context-Menu,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.614 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Admin-Context-Menu +adminDescription: Admin-Context-Menu +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: adminContextMenu +schemaIDGUID: 553fd038-f32e-11d0-b0bc-00c04fd8dca6 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=LSA-Modified-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.67 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: LSA-Modified-Count +adminDescription: LSA-Modified-Count +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lSAModifiedCount +schemaIDGUID: bf9679ae-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=LSA-Creation-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.66 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: LSA-Creation-Time +adminDescription: LSA-Creation-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lSACreationTime +schemaIDGUID: bf9679ad-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Server-State,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.154 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Server-State +adminDescription: Server-State +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: serverState +schemaIDGUID: bf967a34-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemOnly: FALSE +systemFlags: 17 + +dn: CN=LDAP-Display-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.460 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 256 +mAPIID: 33137 +showInAdvancedViewOnly: TRUE +adminDisplayName: LDAP-Display-Name +adminDescription: LDAP-Display-Name +oMSyntax: 64 +searchFlags: 9 +lDAPDisplayName: lDAPDisplayName +schemaIDGUID: bf96799a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Supplemental-Credentials,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.125 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Supplemental-Credentials +adminDescription: Supplemental-Credentials +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: supplementalCredentials +schemaIDGUID: bf967a3f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msNPSavedCallingStationID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1130 +attributeSyntax: 2.5.5.5 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: msNPSavedCallingStationID +adminDescription: msNPSavedCallingStationID +oMSyntax: 22 +searchFlags: 0 +lDAPDisplayName: msNPSavedCallingStationID +schemaIDGUID: db0c908e-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Flags,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.38 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Flags +adminDescription: Flags +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: flags +schemaIDGUID: bf967976-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Create-Wizard-Ext,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.812 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Create-Wizard-Ext +adminDescription: Create-Wizard-Ext +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: createWizardExt +schemaIDGUID: 2b09958b-8931-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=DMD-Location,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.36 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: DMD-Location +oMObjectClass:: KwwCh3McAIVK +adminDescription: DMD-Location +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: dMDLocation +schemaIDGUID: f0f8ff8b-1191-11d0-a060-00aa006c33ed +systemOnly: TRUE +systemFlags: 16 + +dn: CN=ms-Exch-House-Identifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.596 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 35924 +adminDisplayName: ms-Exch-House-Identifier +adminDescription: ms-Exch-House-Identifier +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msExchHouseIdentifier +schemaIDGUID: a8df7407-c5ea-11d1-bbcb-0080c76670c0 + +dn: CN=Phone-Mobile-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.647 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Mobile-Other +adminDescription: Phone-Mobile-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: otherMobile +schemaIDGUID: 0296c11e-40da-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Generation-Qualifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.44 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 35923 +showInAdvancedViewOnly: TRUE +adminDisplayName: Generation-Qualifier +adminDescription: Generation-Qualifier +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: generationQualifier +schemaIDGUID: 16775804-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Attribute-Syntax,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.32 +attributeSyntax: 2.5.5.2 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Attribute-Syntax +adminDescription: Attribute-Syntax +oMSyntax: 6 +searchFlags: 8 +lDAPDisplayName: attributeSyntax +schemaIDGUID: bf967925-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Attribute-Security-GUID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.149 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Attribute-Security-GUID +adminDescription: Attribute-Security-GUID +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: attributeSecurityGUID +schemaIDGUID: bf967924-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=DS-Heuristics,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.212 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: DS-Heuristics +adminDescription: DS-Heuristics +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: dSHeuristics +schemaIDGUID: f0f8ff86-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Serial-Number,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.5 +attributeSyntax: 2.5.5.5 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 33072 +showInAdvancedViewOnly: TRUE +adminDisplayName: Serial-Number +adminDescription: Serial-Number +oMSyntax: 19 +searchFlags: 0 +lDAPDisplayName: serialNumber +schemaIDGUID: bf967a32-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Settings,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1697 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeUpper: 1000000 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Settings +adminDescription: ms-DS-Settings +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-Settings +schemaIDGUID: 0e1b47d7-40a3-4b48-8d1b-4cac0c1cdf21 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Operator-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.144 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Operator-Count +adminDescription: Operator-Count +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: operatorCount +schemaIDGUID: bf9679ee-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msRADIUSFramedIPAddress,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1153 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: msRADIUSFramedIPAddress +adminDescription: msRADIUSFramedIPAddress +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msRADIUSFramedIPAddress +schemaIDGUID: db0c90a4-c1f2-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Home-Drive,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.45 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Home-Drive +adminDescription: Home-Drive +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: homeDrive +schemaIDGUID: bf967986-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Attribute-Types,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.21.5 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Attribute-Types +adminDescription: Attribute-Types +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: attributeTypes +schemaIDGUID: 9a7ad944-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Initial-Auth-Outgoing,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.540 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Initial-Auth-Outgoing +adminDescription: Initial-Auth-Outgoing +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: initialAuthOutgoing +schemaIDGUID: 52458024-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Version-Number,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.141 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Version-Number +adminDescription: Version-Number +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: versionNumber +schemaIDGUID: bf967a76-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Object-Class,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.0 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Object-Class +adminDescription: Object-Class +oMSyntax: 6 +searchFlags: 8 +lDAPDisplayName: objectClass +schemaIDGUID: bf9679e5-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Possible-Inferiors,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.915 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Possible-Inferiors +adminDescription: Possible-Inferiors +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: possibleInferiors +schemaIDGUID: 9a7ad94c-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=ms-DS-Approx-Immed-Subordinates,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1669 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Approx-Immed-Subordinates +adminDescription: ms-DS-Approx-Immed-Subordinates +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-Approx-Immed-Subordinates +schemaIDGUID: e185d243-f6ce-4adb-b496-b0c005d7823c +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 20 + +dn: CN=ms-DS-Replication-Notify-Subsequent-DSA-Delay,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1664 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Replication-Notify-Subsequent-DSA-Delay +adminDescription: This attribute controls the delay between notification of each subsequent replica partner for an NC. +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-Replication-Notify-Subsequent-DSA-Delay +schemaIDGUID: d63db385-dd92-4b52-b1d8-0d3ecc0e86b6 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Create-Dialog,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.810 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Create-Dialog +adminDescription: Create-Dialog +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: createDialog +schemaIDGUID: 2b09958a-8931-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Query-Policy-Object,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.607 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +linkID: 68 +showInAdvancedViewOnly: TRUE +adminDisplayName: Query-Policy-Object +oMObjectClass:: KwwCh3McAIVK +adminDescription: Query-Policy-Object +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: queryPolicyObject +schemaIDGUID: e1aea403-cd5b-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=FRS-Root-Path,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.487 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 2048 +showInAdvancedViewOnly: TRUE +adminDisplayName: FRS-Root-Path +adminDescription: FRS-Root-Path +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: fRSRootPath +schemaIDGUID: 1be8f174-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Organizational-Unit-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.11 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 33026 +showInAdvancedViewOnly: TRUE +adminDisplayName: Organizational-Unit-Name +adminDescription: Organizational-Unit-Name +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: ou +schemaIDGUID: bf9679f0-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Telex-Number,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.21 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 32 +mAPIID: 14892 +showInAdvancedViewOnly: TRUE +adminDisplayName: Telex-Number +adminDescription: Telex-Number +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: telexNumber +schemaIDGUID: bf967a4b-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Address-Home,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.617 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 4096 +mAPIID: 14941 +showInAdvancedViewOnly: TRUE +adminDisplayName: Address-Home +adminDescription: Address-Home +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: homePostalAddress +schemaIDGUID: 16775781-47f3-11d1-a9c3-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Assistant,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.652 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Assistant +oMObjectClass:: KwwCh3McAIVK +adminDescription: Assistant +oMSyntax: 127 +searchFlags: 16 +lDAPDisplayName: assistant +schemaIDGUID: 0296c11c-40da-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Netboot-Machine-File-Path,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.361 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Netboot-Machine-File-Path +adminDescription: Netboot-Machine-File-Path +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: netbootMachineFilePath +schemaIDGUID: 3e978923-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=x500uniqueIdentifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.45 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: x500uniqueIdentifier +adminDescription: Used to distinguish between objects when a distinguished name has been reused. This is a different attribute type from both the "uid" and "uniqueIdentifier" types. +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: x500uniqueIdentifier +schemaIDGUID: d07da11f-8a3d-42b6-b0aa-76c962be719a +systemOnly: FALSE +systemFlags: 0 + +dn: CN=DBCS-Pwd,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.55 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: DBCS-Pwd +adminDescription: DBCS-Pwd +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: dBCSPwd +schemaIDGUID: bf96799c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Prefix-Map,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.538 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Prefix-Map +adminDescription: Prefix-Map +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: prefixMap +schemaIDGUID: 52458022-ca6a-11d0-afff-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-DS-Members-For-Az-Role-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1807 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2017 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Members-For-Az-Role-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Back-link from member application group or user to Az-Role object(s) linking to it +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-MembersForAzRoleBL +schemaIDGUID: ececcd20-a7e0-4688-9ccf-02ece5e287f5 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Last-Known-Parent,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.781 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Last-Known-Parent +oMObjectClass:: KwwCh3McAIVK +adminDescription: Last-Known-Parent +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: lastKnownParent +schemaIDGUID: 52ab8670-5709-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=FSMO-Role-Owner,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.369 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: FSMO-Role-Owner +oMObjectClass:: KwwCh3McAIVK +adminDescription: FSMO-Role-Owner +oMSyntax: 127 +searchFlags: 1 +lDAPDisplayName: fSMORoleOwner +schemaIDGUID: 66171887-8f3c-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Retired-Repl-DSA-Signatures,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.673 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Retired-Repl-DSA-Signatures +adminDescription: Retired-Repl-DSA-Signatures +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: retiredReplDSASignatures +schemaIDGUID: 7bfdcb7f-4807-11d1-a9c3-0000f80367c1 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Network-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.459 +attributeSyntax: 2.5.5.4 +isSingleValued: FALSE +rangeLower: 0 +rangeUpper: 256 +mAPIID: 33136 +showInAdvancedViewOnly: TRUE +adminDisplayName: Network-Address +adminDescription: Network-Address +oMSyntax: 20 +searchFlags: 0 +lDAPDisplayName: networkAddress +schemaIDGUID: bf9679d9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE + +dn: CN=Schema-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.471 +attributeSyntax: 2.5.5.9 +isSingleValued: FALSE +mAPIID: 33148 +showInAdvancedViewOnly: TRUE +adminDisplayName: Schema-Version +adminDescription: Schema-Version +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: schemaVersion +schemaIDGUID: bf967a2c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Poss-Superiors,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.8 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Poss-Superiors +adminDescription: Poss-Superiors +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: possSuperiors +schemaIDGUID: bf9679fa-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Default-Security-Descriptor,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.224 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 32767 +showInAdvancedViewOnly: TRUE +adminDisplayName: Default-Security-Descriptor +adminDescription: Default-Security-Descriptor +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: defaultSecurityDescriptor +schemaIDGUID: 807a6d30-1669-11d0-a064-00aa006c33ed +systemOnly: FALSE +systemFlags: 16 + +dn: CN=User-SMIME-Certificate,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.140 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeUpper: 32768 +mAPIID: 14960 +showInAdvancedViewOnly: TRUE +adminDisplayName: User-SMIME-Certificate +adminDescription: User-SMIME-Certificate +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: userSMIMECertificate +schemaIDGUID: e16a9db2-403c-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 0 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=userPKCS12,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.1.216 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: userPKCS12 +adminDescription: PKCS #12 PFX PDU for exchange of personal identity information. +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: userPKCS12 +schemaIDGUID: 23998ab5-70f8-4007-a4c1-a84a38311f9a +systemOnly: FALSE +systemFlags: 0 + +dn: CN=User-Account-Control,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.8 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Account-Control +adminDescription: User-Account-Control +oMSyntax: 2 +searchFlags: 25 +lDAPDisplayName: userAccountControl +schemaIDGUID: bf967a68-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 4c164200-20c0-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Terminal-Server,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.885 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeUpper: 20480 +showInAdvancedViewOnly: TRUE +adminDisplayName: Terminal-Server +adminDescription: Terminal-Server +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: terminalServer +schemaIDGUID: 6db69a1c-9422-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Account-Expires,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.159 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Account-Expires +adminDescription: Account-Expires +oMSyntax: 65 +searchFlags: 16 +lDAPDisplayName: accountExpires +schemaIDGUID: bf967915-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 4c164200-20c0-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Group-Type,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.750 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Group-Type +adminDescription: Group-Type +oMSyntax: 2 +searchFlags: 9 +lDAPDisplayName: groupType +schemaIDGUID: 9a9a021e-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=NT-Group-Members,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.89 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: NT-Group-Members +adminDescription: NT-Group-Members +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: nTGroupMembers +schemaIDGUID: bf9679df-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=WWW-Page-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.749 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +mAPIID: 33141 +showInAdvancedViewOnly: TRUE +adminDisplayName: WWW-Page-Other +adminDescription: WWW-Page-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: url +schemaIDGUID: 9a9a0221-4a5b-11d1-a9c3-0000f80367c1 +attributeSecurityGUID: e45795b3-9455-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Revision,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.145 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Revision +adminDescription: Revision +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: revision +schemaIDGUID: bf967a21-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Object-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.76 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 33015 +showInAdvancedViewOnly: TRUE +adminDisplayName: Object-Version +adminDescription: Object-Version +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: objectVersion +schemaIDGUID: 16775848-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-NC-Repl-Inbound-Neighbors,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1705 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-NC-Repl-Inbound-Neighbors +adminDescription: ms-DS-NC-Repl-Inbound-Neighbors +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-NCReplInboundNeighbors +schemaIDGUID: 9edba85a-3e9e-431b-9b1a-a5b6e9eda796 +systemOnly: FALSE +systemFlags: 20 + +dn: CN=ms-COM-UserLink,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1425 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 1049 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-COM-UserLink +oMObjectClass:: KwwCh3McAIVK +adminDescription: Link from a PartitionSet to a User. Default = adminDisplayName +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msCOM-UserLink +schemaIDGUID: 9e6f3a4d-242c-4f37-b068-36b57f9fc852 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Mastered-By,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1409 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 77 +showInAdvancedViewOnly: TRUE +adminDisplayName: Mastered-By +oMObjectClass:: KwwCh3McAIVK +adminDescription: Mastered-By +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: masteredBy +schemaIDGUID: e48e64e0-12c9-11d3-9102-00c04fd91ab1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Canonical-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.916 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Canonical-Name +adminDescription: Canonical-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: canonicalName +schemaIDGUID: 9a7ad945-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=ms-DS-NC-Replica-Locations,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1661 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 1044 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-NC-Replica-Locations +oMObjectClass:: KwwCh3McAIVK +adminDescription: This is a list of servers that are the replica set for the corresponding Non-Domain Naming Context. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-NC-Replica-Locations +schemaIDGUID: 97de9615-b537-46bc-ac0f-10720f3909f3 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-UpdateScript,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1721 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-UpdateScript +adminDescription: ms-DS-UpdateScript +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-UpdateScript +schemaIDGUID: 146eb639-bb9f-4fc1-a825-e29e00c77920 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Next-Rid,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.88 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Next-Rid +adminDescription: Next-Rid +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: nextRid +schemaIDGUID: bf9679db-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=X121-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.24 +attributeSyntax: 2.5.5.6 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 15 +mAPIID: 33112 +showInAdvancedViewOnly: TRUE +adminDisplayName: X121-Address +adminDescription: X121-Address +oMSyntax: 18 +searchFlags: 0 +lDAPDisplayName: x121Address +schemaIDGUID: bf967a7b-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=User-Password,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.35 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 33107 +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Password +adminDescription: User-Password +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: userPassword +schemaIDGUID: bf967a6e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Telephone-Number,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.20 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14856 +showInAdvancedViewOnly: TRUE +adminDisplayName: Telephone-Number +adminDescription: Telephone-Number +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: telephoneNumber +schemaIDGUID: bf967a49-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Department,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.141 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14872 +showInAdvancedViewOnly: TRUE +adminDisplayName: Department +adminDescription: Department +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: department +schemaIDGUID: bf96794f-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Is-Member-Of-Partial-Attribute-Set,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.639 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Member-Of-Partial-Attribute-Set +adminDescription: Is-Member-Of-Partial-Attribute-Set +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: isMemberOfPartialAttributeSet +schemaIDGUID: 19405b9d-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Policy-Replication-Flags,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.633 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Policy-Replication-Flags +adminDescription: Policy-Replication-Flags +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: policyReplicationFlags +schemaIDGUID: 19405b96-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Ipsec-ISAKMP-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.626 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-ISAKMP-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: Ipsec-ISAKMP-Reference +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: ipsecISAKMPReference +schemaIDGUID: b40ff820-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Application-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.218 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: Application-Name +adminDescription: Application-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: applicationName +schemaIDGUID: dd712226-10e4-11d0-a05f-00aa006c33ed +systemOnly: FALSE +systemFlags: 16 + +dn: CN=System-May-Contain,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.196 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: System-May-Contain +adminDescription: System-May-Contain +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: systemMayContain +schemaIDGUID: bf967a44-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=msRASSavedFramedRoute,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1191 +attributeSyntax: 2.5.5.5 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: msRASSavedFramedRoute +adminDescription: msRASSavedFramedRoute +oMSyntax: 22 +searchFlags: 0 +lDAPDisplayName: msRASSavedFramedRoute +schemaIDGUID: db0c90c7-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msRASSavedCallbackNumber,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1189 +attributeSyntax: 2.5.5.5 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: msRASSavedCallbackNumber +adminDescription: msRASSavedCallbackNumber +oMSyntax: 22 +searchFlags: 0 +lDAPDisplayName: msRASSavedCallbackNumber +schemaIDGUID: db0c90c5-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Trust-Type,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.136 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Type +adminDescription: Trust-Type +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: trustType +schemaIDGUID: bf967a60-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Domain-Replica,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.158 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 32767 +showInAdvancedViewOnly: TRUE +adminDisplayName: Domain-Replica +adminDescription: Domain-Replica +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: domainReplica +schemaIDGUID: bf96795e-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Personal-Title,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.615 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 35947 +showInAdvancedViewOnly: TRUE +adminDisplayName: Personal-Title +adminDescription: Personal-Title +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: personalTitle +schemaIDGUID: 16775858-47f3-11d1-a9c3-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Other-Mailbox,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.651 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Other-Mailbox +adminDescription: Other-Mailbox +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: otherMailbox +schemaIDGUID: 0296c123-40da-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE + +dn: CN=E-mail-Addresses,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.3 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 256 +mAPIID: 14846 +showInAdvancedViewOnly: TRUE +adminDisplayName: E-mail-Addresses +adminDescription: E-mail-Addresses +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: mail +schemaIDGUID: bf967961-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=OM-Syntax,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.231 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 33022 +showInAdvancedViewOnly: TRUE +adminDisplayName: OM-Syntax +adminDescription: OM-Syntax +oMSyntax: 2 +searchFlags: 8 +lDAPDisplayName: oMSyntax +schemaIDGUID: bf9679ed-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Is-Defunct,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.661 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Defunct +adminDescription: Is-Defunct +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: isDefunct +schemaIDGUID: 28630ebe-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Other-Settings,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1621 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Other-Settings +adminDescription: ms-DS-Other-Settings +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-Other-Settings +schemaIDGUID: 79d2f34c-9d7d-42bb-838f-866b3e4400e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Machine-Role,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.71 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Machine-Role +adminDescription: Machine-Role +oMSyntax: 10 +searchFlags: 0 +lDAPDisplayName: machineRole +schemaIDGUID: bf9679b2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Az-Domain-Timeout,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1795 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Domain-Timeout +adminDescription: Time (in ms) after a domain is detected to be un-reachable, and before the DC is tried again +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-AzDomainTimeout +schemaIDGUID: 6448f56a-ca70-4e2e-b0af-d20e4ce653d0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=System-Auxiliary-Class,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.198 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: System-Auxiliary-Class +adminDescription: System-Auxiliary-Class +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: systemAuxiliaryClass +schemaIDGUID: bf967a43-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Primary-Group-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.98 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Primary-Group-ID +adminDescription: Primary-Group-ID +oMSyntax: 2 +searchFlags: 17 +lDAPDisplayName: primaryGroupID +schemaIDGUID: bf967a00-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Lm-Pwd-History,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.160 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Lm-Pwd-History +adminDescription: Lm-Pwd-History +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: lmPwdHistory +schemaIDGUID: bf96799d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Group-Membership-SAM,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.166 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Group-Membership-SAM +adminDescription: Group-Membership-SAM +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: groupMembershipSAM +schemaIDGUID: bf967980-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Trust-Partner,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.133 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 1024 +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Partner +adminDescription: Trust-Partner +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: trustPartner +schemaIDGUID: bf967a5d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Instance-Type,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.1 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 32957 +showInAdvancedViewOnly: TRUE +adminDisplayName: Instance-Type +adminDescription: Instance-Type +oMSyntax: 2 +searchFlags: 8 +lDAPDisplayName: instanceType +schemaIDGUID: bf96798c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Treat-As-Leaf,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.806 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Treat-As-Leaf +adminDescription: Treat-As-Leaf +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: treatAsLeaf +schemaIDGUID: 8fd044e3-771f-11d1-aeae-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Admin-Property-Pages,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.562 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Admin-Property-Pages +adminDescription: Admin-Property-Pages +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: adminPropertyPages +schemaIDGUID: 52458038-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Az-Scope-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1799 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 65536 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Scope-Name +adminDescription: A string that uniquely identifies a scope object +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AzScopeName +schemaIDGUID: 515a6b06-2617-4173-8099-d5605df043c6 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=See-Also,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.34 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 33071 +showInAdvancedViewOnly: TRUE +adminDisplayName: See-Also +oMObjectClass:: KwwCh3McAIVK +adminDescription: See-Also +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: seeAlso +schemaIDGUID: bf967a31-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=LDAP-IPDeny-List,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.844 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: LDAP-IPDeny-List +adminDescription: LDAP-IPDeny-List +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: lDAPIPDenyList +schemaIDGUID: 7359a353-90f7-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Retired-Repl-NC-Signatures,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1826 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Retired-Repl-NC-Signatures +adminDescription: Information about naming contexts that are no longer held on this computer +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: msDS-RetiredReplNCSignatures +schemaIDGUID: d5b35506-19d6-4d26-9afb-11357ac99b5e +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Has-Master-NCs,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.14 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 32950 +linkID: 76 +showInAdvancedViewOnly: TRUE +adminDisplayName: Has-Master-NCs +oMObjectClass:: KwwCh3McAIVK +adminDescription: Has-Master-NCs +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: hasMasterNCs +schemaIDGUID: bf967982-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Modified-Count-At-Last-Prom,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.81 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Modified-Count-At-Last-Prom +adminDescription: Modified-Count-At-Last-Prom +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: modifiedCountAtLastProm +schemaIDGUID: bf9679c6-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Min-Pwd-Age,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.78 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Min-Pwd-Age +adminDescription: Min-Pwd-Age +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: minPwdAge +schemaIDGUID: bf9679c2-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Force-Logoff,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.39 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Force-Logoff +adminDescription: Force-Logoff +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: forceLogoff +schemaIDGUID: bf967977-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Move-Tree-State,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1305 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Move-Tree-State +adminDescription: Move-Tree-State +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: moveTreeState +schemaIDGUID: 1f2ac2c8-3b71-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Allowed-To-Delegate-To,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1787 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Allowed-To-Delegate-To +adminDescription: Allowed-To-Delegate-To contains a list of SPNs that are used for Constrained Delegation +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AllowedToDelegateTo +schemaIDGUID: 800d94d7-b7a1-42a1-b14d-7cae1423d07f +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=System-Only,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.170 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: System-Only +adminDescription: System-Only +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: systemOnly +schemaIDGUID: bf967a46-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=ms-DS-IntId,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1716 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-IntId +adminDescription: ms-DS-IntId +oMSyntax: 2 +searchFlags: 8 +lDAPDisplayName: msDS-IntId +schemaIDGUID: bc60096a-1b47-4b30-8877-602c93f56532 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=DNS-Host-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.619 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 2048 +showInAdvancedViewOnly: TRUE +adminDisplayName: DNS-Host-Name +adminDescription: DNS-Host-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: dNSHostName +schemaIDGUID: 72e39547-7b18-11d1-adef-00c04fd8d5cd +attributeSecurityGUID: 72e39547-7b18-11d1-adef-00c04fd8d5cd +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-Az-Minor-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1825 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Minor-Version +adminDescription: Minor version number for AzRoles +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-AzMinorVersion +schemaIDGUID: ee85ed93-b209-4788-8165-e702f51bfbf3 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Bad-Password-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.49 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Bad-Password-Time +adminDescription: Bad-Password-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: badPasswordTime +schemaIDGUID: bf96792d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Primary-Group-Token,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1412 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Primary-Group-Token +adminDescription: Primary-Group-Token +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: primaryGroupToken +schemaIDGUID: c0ed8738-7efd-4481-84d9-66d2db8be369 +systemOnly: TRUE +systemFlags: 20 + +dn: CN=USN-Intersite,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.469 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 33146 +showInAdvancedViewOnly: TRUE +adminDisplayName: USN-Intersite +adminDescription: USN-Intersite +oMSyntax: 2 +searchFlags: 1 +lDAPDisplayName: USNIntersite +schemaIDGUID: a8df7498-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=FRS-Member-Reference-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.876 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 105 +showInAdvancedViewOnly: TRUE +adminDisplayName: FRS-Member-Reference-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: FRS-Member-Reference-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: fRSMemberReferenceBL +schemaIDGUID: 2a13257f-9373-11d1-aebc-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-DS-SD-Reference-Domain,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1711 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +linkID: 2000 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-SD-Reference-Domain +oMObjectClass:: KwwCh3McAIVK +adminDescription: The domain to be used for default security descriptor translation for a Non-Domain Naming Context. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-SDReferenceDomain +schemaIDGUID: 4c51e316-f628-43a5-b06b-ffb695fcb4f3 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Ipsec-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.621 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-ID +adminDescription: Ipsec-ID +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: ipsecID +schemaIDGUID: b40ff81d-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=LDAP-Admin-Limits,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.843 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: LDAP-Admin-Limits +adminDescription: LDAP-Admin-Limits +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: lDAPAdminLimits +schemaIDGUID: 7359a352-90f7-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Last-Backup-Restoration-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.519 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Last-Backup-Restoration-Time +adminDescription: Last-Backup-Restoration-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lastBackupRestorationTime +schemaIDGUID: 1fbb0be8-ba63-11d0-afef-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Tree-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.660 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Tree-Name +adminDescription: Tree-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: treeName +schemaIDGUID: 28630ebd-41d5-11d1-a9c1-0000f80367c1 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=OEM-Information,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.151 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 32767 +showInAdvancedViewOnly: TRUE +adminDisplayName: OEM-Information +adminDescription: OEM-Information +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: oEMInformation +schemaIDGUID: bf9679ea-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Given-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.42 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14854 +showInAdvancedViewOnly: TRUE +adminDisplayName: Given-Name +adminDescription: Given-Name +oMSyntax: 64 +searchFlags: 5 +lDAPDisplayName: givenName +schemaIDGUID: f0f8ff8e-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=SPN-Mappings,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1347 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: SPN-Mappings +adminDescription: SPN-Mappings +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: sPNMappings +schemaIDGUID: 2ab0e76c-7041-11d2-9905-0000f87a57d4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Operating-System-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.364 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Operating-System-Version +adminDescription: Operating-System-Version +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: operatingSystemVersion +schemaIDGUID: 3e978926-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Notification-List,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.303 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Notification-List +oMObjectClass:: KwwCh3McAIVK +adminDescription: Notification-List +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: notificationList +schemaIDGUID: 19195a56-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Token-Groups,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1301 +attributeSyntax: 2.5.5.17 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Token-Groups +adminDescription: Token-Groups +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: tokenGroups +schemaIDGUID: b7c69e6d-2cc7-11d2-854e-00a0c983f608 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 134217748 + +dn: CN=carLicense,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.1.1 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: carLicense +adminDescription: Vehicle license or registration plate. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: carLicense +schemaIDGUID: d4159c92-957d-4a87-8a67-8d2934e01649 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Preferred-OU,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.97 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Preferred-OU +oMObjectClass:: KwwCh3McAIVK +adminDescription: Preferred-OU +oMSyntax: 127 +searchFlags: 16 +lDAPDisplayName: preferredOU +schemaIDGUID: bf9679ff-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MS-DS-Creator-SID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1410 +attributeSyntax: 2.5.5.17 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Creator-SID +adminDescription: MS-DS-Creator-SID +oMSyntax: 4 +searchFlags: 1 +lDAPDisplayName: mS-DS-CreatorSID +schemaIDGUID: c5e60132-1480-11d3-91c1-0000f87a57d4 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=ms-DS-Non-Members,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1793 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2014 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Non-Members +oMObjectClass:: KwwCh3McAIVK +adminDescription: ms-DS-Non-Members +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-NonMembers +schemaIDGUID: cafcb1de-f23c-46b5-adf7-1e64957bd5db +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Tasks-For-Az-Role-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1815 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2025 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Tasks-For-Az-Role-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Back-link from Az-Task to Az-Role object(s) linking to it +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-TasksForAzRoleBL +schemaIDGUID: a0dcd536-5158-42fe-8c40-c00a7ad37959 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Extension-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.227 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 255 +mAPIID: 32937 +showInAdvancedViewOnly: TRUE +adminDisplayName: Extension-Name +adminDescription: Extension-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: extensionName +schemaIDGUID: bf967972-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Replication-Notify-First-DSA-Delay,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1663 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Replication-Notify-First-DSA-Delay +adminDescription: This attribute controls the delay between changes to the DS, and notification of the first replica partner for an NC. +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-Replication-Notify-First-DSA-Delay +schemaIDGUID: 85abd4f4-0a89-4e49-bdec-6f35bb2562ba +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Max-Pwd-Age,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.74 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Max-Pwd-Age +adminDescription: Max-Pwd-Age +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: maxPwdAge +schemaIDGUID: bf9679bb-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-Ip-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.722 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Ip-Other +adminDescription: Phone-Ip-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: otherIpPhone +schemaIDGUID: 4d146e4b-48d4-11d1-a9c3-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Ipsec-NFA-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.627 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-NFA-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: Ipsec-NFA-Reference +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: ipsecNFAReference +schemaIDGUID: b40ff821-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=secretary,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.21 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: secretary +oMObjectClass:: KwwCh3McAIVK +adminDescription: Specifies the secretary of a person. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: secretary +schemaIDGUID: 01072d9a-98ad-4a53-9744-e83e287278fb +systemOnly: FALSE +systemFlags: 0 + +dn: CN=User-Parameters,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.138 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 32767 +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Parameters +adminDescription: User-Parameters +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: userParameters +schemaIDGUID: bf967a6d-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 4c164200-20c0-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Trust-Posix-Offset,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.134 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Posix-Offset +adminDescription: Trust-Posix-Offset +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: trustPosixOffset +schemaIDGUID: bf967a5e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Bridgehead-Server-List-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.820 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 99 +showInAdvancedViewOnly: TRUE +adminDisplayName: Bridgehead-Server-List-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Bridgehead-Server-List-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: bridgeheadServerListBL +schemaIDGUID: d50c2cdb-8951-11d1-aebc-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-DS-Az-Application-Data,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1819 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Application-Data +adminDescription: A string that is used by individual applications to store whatever information they may need to +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AzApplicationData +schemaIDGUID: 503fc3e8-1cc6-461a-99a3-9eee04f402a7 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Pek-Key-Change-Interval,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.866 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Pek-Key-Change-Interval +adminDescription: Pek-Key-Change-Interval +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: pekKeyChangeInterval +schemaIDGUID: 07383084-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Country-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.6 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 3 +mAPIID: 32873 +showInAdvancedViewOnly: TRUE +adminDisplayName: Country-Name +adminDescription: Country-Name +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: c +schemaIDGUID: bf967945-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Destination-Indicator,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.27 +attributeSyntax: 2.5.5.5 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 32880 +showInAdvancedViewOnly: TRUE +adminDisplayName: Destination-Indicator +adminDescription: Destination-Indicator +oMSyntax: 19 +searchFlags: 0 +lDAPDisplayName: destinationIndicator +schemaIDGUID: bf967951-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Country-Code,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.25 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 65535 +showInAdvancedViewOnly: TRUE +adminDisplayName: Country-Code +adminDescription: Country-Code +oMSyntax: 2 +searchFlags: 16 +lDAPDisplayName: countryCode +schemaIDGUID: 5fd42471-1262-11d0-a060-00aa006c33ed +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-Mobile-Primary,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.41 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14876 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Mobile-Primary +adminDescription: Phone-Mobile-Primary +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: mobile +schemaIDGUID: f0f8ffa3-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Schema-ID-GUID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.148 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Schema-ID-GUID +adminDescription: Schema-ID-GUID +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: schemaIDGUID +schemaIDGUID: bf967923-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=RID-Set-References,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.669 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: RID-Set-References +oMObjectClass:: KwwCh3McAIVK +adminDescription: RID-Set-References +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: rIDSetReferences +schemaIDGUID: 7bfdcb7b-4807-11d1-a9c3-0000f80367c1 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Auxiliary-Class,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.351 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Auxiliary-Class +adminDescription: Auxiliary-Class +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: auxiliaryClass +schemaIDGUID: bf96792c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=uid,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.1 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: uid +adminDescription: A user ID. +oMSyntax: 64 +searchFlags: 8 +lDAPDisplayName: uid +schemaIDGUID: 0bb0fca0-1e89-429f-901a-1413894d9f59 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 0 + +dn: CN=departmentNumber,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.1.2 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: departmentNumber +adminDescription: Identifies a department within an organization. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: departmentNumber +schemaIDGUID: be9ef6ee-cbc7-4f22-b27b-96967e7ee585 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Additional-Trusted-Service-Names,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.889 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Additional-Trusted-Service-Names +adminDescription: Additional-Trusted-Service-Names +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: additionalTrustedServiceNames +schemaIDGUID: 032160be-9824-11d1-aec0-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=WWW-Home-Page,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.464 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 2048 +showInAdvancedViewOnly: TRUE +adminDisplayName: WWW-Home-Page +adminDescription: WWW-Home-Page +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: wWWHomePage +schemaIDGUID: bf967a7a-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e45795b3-9455-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=USN-Source,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.896 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +mAPIID: 33111 +showInAdvancedViewOnly: TRUE +adminDisplayName: USN-Source +adminDescription: USN-Source +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: uSNSource +schemaIDGUID: 167758ad-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MS-DS-Consistency-Guid,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1360 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Consistency-Guid +adminDescription: MS-DS-Consistency-Guid +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: mS-DS-ConsistencyGuid +schemaIDGUID: 23773dc2-b63a-11d2-90e1-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Frs-Computer-Reference-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.870 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 103 +showInAdvancedViewOnly: TRUE +adminDisplayName: Frs-Computer-Reference-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Frs-Computer-Reference-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: frsComputerReferenceBL +schemaIDGUID: 2a132579-9373-11d1-aebc-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Allowed-Attributes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.913 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Allowed-Attributes +adminDescription: Allowed-Attributes +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: allowedAttributes +schemaIDGUID: 9a7ad940-ca53-11d1-bbd0-0080c76670c0 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=ms-DS-Az-Application-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1798 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 512 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Application-Name +adminDescription: A string that uniquely identifies an application object +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AzApplicationName +schemaIDGUID: db5b0728-6208-4876-83b7-95d3e5695275 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=UPN-Suffixes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.890 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: UPN-Suffixes +adminDescription: UPN-Suffixes +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: uPNSuffixes +schemaIDGUID: 032160bf-9824-11d1-aec0-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MS-DS-Per-User-Trust-Quota,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1788 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Per-User-Trust-Quota +adminDescription: Used to enforce a per-user quota for creating Trusted-Domain objects authorized by the control access right, "Create inbound Forest trust". This attribute limits the number of Trusted-Domain objects that can be created by a single non-admin user in the domain. +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-PerUserTrustQuota +schemaIDGUID: d161adf0-ca24-4993-a3aa-8b2c981302e8 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MS-DS-Machine-Account-Quota,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1411 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Machine-Account-Quota +adminDescription: MS-DS-Machine-Account-Quota +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: ms-DS-MachineAccountQuota +schemaIDGUID: d064fb68-1480-11d3-91c1-0000f87a57d4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Server-Role,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.157 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Server-Role +adminDescription: Server-Role +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: serverRole +schemaIDGUID: bf967a33-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-Home-Primary,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.20 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14857 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Home-Primary +adminDescription: Phone-Home-Primary +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: homePhone +schemaIDGUID: f0f8ffa1-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Range-Lower,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.34 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 33043 +showInAdvancedViewOnly: TRUE +adminDisplayName: Range-Lower +adminDescription: Range-Lower +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: rangeLower +schemaIDGUID: bf967a0c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Operating-System-Hotfix,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.415 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Operating-System-Hotfix +adminDescription: Operating-System-Hotfix +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: operatingSystemHotfix +schemaIDGUID: bd951b3c-9c96-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Additional-Dns-Host-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1717 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 0 +rangeUpper: 2048 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Additional-Dns-Host-Name +adminDescription: ms-DS-Additional-Dns-Host-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AdditionalDnsHostName +schemaIDGUID: 80863791-dbe9-4eb8-837e-7f0ab55d9ac7 +attributeSecurityGUID: 72e39547-7b18-11d1-adef-00c04fd8d5cd +systemOnly: TRUE +systemFlags: 16 + +dn: CN=ms-DS-Az-Script-Timeout,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1797 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Script-Timeout +adminDescription: Maximum time (in ms) to wait for a script to finish auditing a specific policy +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-AzScriptTimeout +schemaIDGUID: 87d0fb41-2c8b-41f6-b972-11fdfd50d6b0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Must-Contain,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.24 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Must-Contain +adminDescription: Must-Contain +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: mustContain +schemaIDGUID: bf9679d3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=X509-Cert,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.36 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeUpper: 32768 +mAPIID: 35946 +showInAdvancedViewOnly: TRUE +adminDisplayName: X509-Cert +adminDescription: X509-Cert +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: userCertificate +schemaIDGUID: bf967a7f-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=msNPCallingStationID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1124 +attributeSyntax: 2.5.5.5 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: msNPCallingStationID +adminDescription: msNPCallingStationID +oMSyntax: 22 +searchFlags: 0 +lDAPDisplayName: msNPCallingStationID +schemaIDGUID: db0c908a-c1f2-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-User-Account-Control-Computed,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1460 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-User-Account-Control-Computed +adminDescription: ms-DS-User-Account-Control-Computed +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-User-Account-Control-Computed +schemaIDGUID: 2cc4b836-b63f-4940-8d23-ea7acf06af56 +attributeSecurityGUID: 4c164200-20c0-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 20 + +dn: CN=Home-Directory,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.44 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Home-Directory +adminDescription: Home-Directory +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: homeDirectory +schemaIDGUID: bf967985-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Az-LDAP-Query,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1792 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 4096 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-LDAP-Query +adminDescription: ms-DS-Az-LDAP-Query +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AzLDAPQuery +schemaIDGUID: 5e53368b-fc94-45c8-9d7d-daf31ee7112d +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Partial-Attribute-Deletion-List,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.663 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Partial-Attribute-Deletion-List +adminDescription: Partial-Attribute-Deletion-List +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: partialAttributeDeletionList +schemaIDGUID: 28630ec0-41d5-11d1-a9c1-0000f80367c1 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Is-Critical-System-Object,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.868 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Critical-System-Object +adminDescription: Is-Critical-System-Object +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: isCriticalSystemObject +schemaIDGUID: 00fbf30d-91fe-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=GP-Link,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.891 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: GP-Link +adminDescription: GP-Link +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: gPLink +schemaIDGUID: f30e3bbe-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Scope-Flags,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1354 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Scope-Flags +adminDescription: Scope-Flags +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: scopeFlags +schemaIDGUID: 16f3a4c2-7e79-11d2-9921-0000f87a57d4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Lockout-Duration,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.60 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Lockout-Duration +adminDescription: Lockout-Duration +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lockoutDuration +schemaIDGUID: bf9679a5-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-COM-UserPartitionSetLink,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1426 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +linkID: 1048 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-COM-UserPartitionSetLink +oMObjectClass:: KwwCh3McAIVK +adminDescription: Link from a User to a PartitionSet. Default = adminDisplayName +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msCOM-UserPartitionSetLink +schemaIDGUID: 8e940c8a-e477-4367-b08d-ff2ff942dcd7 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Logo,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.1.36 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 32767 +showInAdvancedViewOnly: TRUE +adminDisplayName: Logo +adminDescription: Logo +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: thumbnailLogo +schemaIDGUID: bf9679a9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Picture,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.16.840.1.113730.3.1.35 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 102400 +showInAdvancedViewOnly: TRUE +adminDisplayName: Picture +adminDescription: Picture +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: thumbnailPhoto +schemaIDGUID: 8d3bca50-1d7e-11d0-a081-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Location,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.222 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 1024 +showInAdvancedViewOnly: TRUE +adminDisplayName: Location +adminDescription: Location +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: location +schemaIDGUID: 09dcb79f-165f-11d0-a064-00aa006c33ed +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=User-Workstations,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.86 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 1024 +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Workstations +adminDescription: User-Workstations +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: userWorkstations +schemaIDGUID: bf9679d7-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Logon-Workstation,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.65 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Logon-Workstation +adminDescription: Logon-Workstation +oMSyntax: 4 +searchFlags: 16 +lDAPDisplayName: logonWorkstation +schemaIDGUID: bf9679ac-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Last-Logon-Timestamp,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1696 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Last-Logon-Timestamp +adminDescription: Last-Logon-Timestamp +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lastLogonTimestamp +schemaIDGUID: c0e20a04-0e5a-4ff3-9482-5efeaecd7060 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Prior-Value,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.100 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Prior-Value +adminDescription: Prior-Value +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: priorValue +schemaIDGUID: bf967a02-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Last-Set-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.53 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Last-Set-Time +adminDescription: Last-Set-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lastSetTime +schemaIDGUID: bf967998-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Object-Guid,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.2 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 16 +rangeUpper: 16 +mAPIID: 35949 +showInAdvancedViewOnly: TRUE +adminDisplayName: Object-Guid +adminDescription: Object-Guid +oMSyntax: 4 +searchFlags: 9 +lDAPDisplayName: objectGUID +schemaIDGUID: bf9679e7-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-Tasks-For-Az-Task-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1811 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2021 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Tasks-For-Az-Task-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Back-link from Az-Task to the Az-Task object(s) linking to it +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-TasksForAzTaskBL +schemaIDGUID: df446e52-b5fa-4ca2-a42f-13f98a526c8f +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Managed-By,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.653 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +mAPIID: 32780 +linkID: 72 +showInAdvancedViewOnly: TRUE +adminDisplayName: Managed-By +oMObjectClass:: KwwCh3McAIVK +adminDescription: Managed-By +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: managedBy +schemaIDGUID: 0296c120-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Pwd-Properties,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.93 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Pwd-Properties +adminDescription: Pwd-Properties +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: pwdProperties +schemaIDGUID: bf967a0b-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Builtin-Creation-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.13 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Builtin-Creation-Time +adminDescription: Builtin-Creation-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: builtinCreationTime +schemaIDGUID: bf96792f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Post-Office-Box,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.18 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 40 +mAPIID: 14891 +showInAdvancedViewOnly: TRUE +adminDisplayName: Post-Office-Box +adminDescription: Post-Office-Box +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: postOfficeBox +schemaIDGUID: bf9679fb-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Company,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.146 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14870 +showInAdvancedViewOnly: TRUE +adminDisplayName: Company +adminDescription: Company +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: company +schemaIDGUID: f0f8ff88-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Catalogs,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.675 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Catalogs +adminDescription: Catalogs +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: catalogs +schemaIDGUID: 7bfdcb81-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Default-Object-Category,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.783 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Default-Object-Category +oMObjectClass:: KwwCh3McAIVK +adminDescription: Default-Object-Category +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: defaultObjectCategory +schemaIDGUID: 26d97367-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msRADIUSFramedRoute,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1158 +attributeSyntax: 2.5.5.5 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: msRADIUSFramedRoute +adminDescription: msRADIUSFramedRoute +oMSyntax: 22 +searchFlags: 0 +lDAPDisplayName: msRADIUSFramedRoute +schemaIDGUID: db0c90a9-c1f2-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Prior-Set-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.99 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Prior-Set-Time +adminDescription: Prior-Set-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: priorSetTime +schemaIDGUID: bf967a01-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=User-Cert,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.645 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 32767 +mAPIID: 14882 +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Cert +adminDescription: User-Cert +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: userCert +schemaIDGUID: bf967a69-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Non-Security-Member,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.530 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 50 +showInAdvancedViewOnly: TRUE +adminDisplayName: Non-Security-Member +oMObjectClass:: KwwCh3McAIVK +adminDescription: Non-Security-Member +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: nonSecurityMember +schemaIDGUID: 52458018-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Member,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.31 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 32777 +linkID: 2 +showInAdvancedViewOnly: TRUE +adminDisplayName: Member +oMObjectClass:: KwwCh3McAIVK +adminDescription: Member +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: member +schemaIDGUID: bf9679c0-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: bc0ac240-79a9-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Group-Attributes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.152 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Group-Attributes +adminDescription: Group-Attributes +oMSyntax: 2 +searchFlags: 1 +lDAPDisplayName: groupAttributes +schemaIDGUID: bf96797e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=System-Flags,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.375 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: System-Flags +adminDescription: System-Flags +oMSyntax: 2 +searchFlags: 8 +lDAPDisplayName: systemFlags +schemaIDGUID: e0fa1e62-9b45-11d0-afdd-00c04fd930c9 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Proxied-Object-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1249 +attributeSyntax: 2.5.5.7 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Proxied-Object-Name +oMObjectClass:: KoZIhvcUAQEBCw== +adminDescription: Proxied-Object-Name +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: proxiedObjectName +schemaIDGUID: e1aea402-cd5b-11d0-afff-0000f80367c1 +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-Repl-Value-Meta-Data,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1708 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Repl-Value-Meta-Data +adminDescription: ms-DS-Repl-Value-Meta-Data +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-ReplValueMetaData +schemaIDGUID: 2f5c8145-e1bd-410b-8957-8bfa81d5acfd +systemOnly: FALSE +systemFlags: 20 + +dn: CN=Allowed-Child-Classes-Effective,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.912 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Allowed-Child-Classes-Effective +adminDescription: Allowed-Child-Classes-Effective +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: allowedChildClassesEffective +schemaIDGUID: 9a7ad943-ca53-11d1-bbd0-0080c76670c0 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=ms-DS-Az-Generate-Audits,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1805 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Generate-Audits +adminDescription: A boolean field indicating if runtime audits need to be turned on (include audits for access checks, etc.) +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: msDS-AzGenerateAudits +schemaIDGUID: f90abab0-186c-4418-bb85-88447c87222a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Az-Application-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1817 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Application-Version +adminDescription: A version number to indicate that the AzApplication is updated +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AzApplicationVersion +schemaIDGUID: 7184a120-3ac4-47ae-848f-fe0ab20784d4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Icon-Path,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.219 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 0 +rangeUpper: 2048 +showInAdvancedViewOnly: TRUE +adminDisplayName: Icon-Path +adminDescription: Icon-Path +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: iconPath +schemaIDGUID: f0f8ff83-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Street-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.9 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 1024 +mAPIID: 33082 +showInAdvancedViewOnly: TRUE +adminDisplayName: Street-Address +adminDescription: Street-Address +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: street +schemaIDGUID: bf967a3a-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-ExecuteScriptPassword,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1783 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-ExecuteScriptPassword +adminDescription: ms-DS-ExecuteScriptPassword +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: msDS-ExecuteScriptPassword +schemaIDGUID: 9d054a5a-d187-46c1-9d85-42dfc44a56dd +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-DS-Logon-Time-Sync-Interval,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1784 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Logon-Time-Sync-Interval +adminDescription: ms-DS-Logon-Time-Sync-Interval +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-LogonTimeSyncInterval +schemaIDGUID: ad7940f8-e43a-4a42-83bc-d688e59ea605 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Garbage-Coll-Period,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.301 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 32943 +showInAdvancedViewOnly: TRUE +adminDisplayName: Garbage-Coll-Period +adminDescription: Garbage-Coll-Period +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: garbageCollPeriod +schemaIDGUID: 5fd424a1-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MSMQ-Sign-Certificates-Mig,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.967 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeUpper: 1048576 +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Sign-Certificates-Mig +adminDescription: MSMQ-Sign-Certificates-Mig +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: mSMQSignCertificatesMig +schemaIDGUID: 3881b8ea-da3b-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-Cached-Membership-Time-Stamp,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1442 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Cached-Membership-Time-Stamp +adminDescription: ms-DS-Cached-Membership-Time-Stamp +oMSyntax: 65 +searchFlags: 1 +lDAPDisplayName: msDS-Cached-Membership-Time-Stamp +schemaIDGUID: 3566bf1f-beee-4dcb-8abe-ef89fcfec6c1 +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Logon-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.169 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Logon-Count +adminDescription: Logon-Count +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: logonCount +schemaIDGUID: bf9679aa-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Locale-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.58 +attributeSyntax: 2.5.5.9 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Locale-ID +adminDescription: Locale-ID +oMSyntax: 2 +searchFlags: 16 +lDAPDisplayName: localeID +schemaIDGUID: bf9679a1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Bad-Pwd-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.12 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Bad-Pwd-Count +adminDescription: Bad-Pwd-Count +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: badPwdCount +schemaIDGUID: bf96792e-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Trust-Auth-Incoming,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.129 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 32767 +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Auth-Incoming +adminDescription: Trust-Auth-Incoming +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: trustAuthIncoming +schemaIDGUID: bf967a59-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=SubSchemaSubEntry,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.18.10 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: SubSchemaSubEntry +oMObjectClass:: KwwCh3McAIVK +adminDescription: SubSchemaSubEntry +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: subSchemaSubEntry +schemaIDGUID: 9a7ad94d-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Structural-Object-Class,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.21.9 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Structural-Object-Class +adminDescription: The class hierarchy without auxiliary classes +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: structuralObjectClass +schemaIDGUID: 3860949f-f6a8-4b38-9950-81ecb6bc2982 +systemOnly: FALSE +systemFlags: 20 + +dn: CN=Is-Deleted,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.48 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +mAPIID: 32960 +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Deleted +adminDescription: Is-Deleted +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: isDeleted +schemaIDGUID: bf96798f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Extra-Columns,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1687 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Extra-Columns +adminDescription: Extra-Columns +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: extraColumns +schemaIDGUID: d24e2846-1dd9-4bcf-99d7-a6227cc86da7 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Admin-Multiselect-Property-Pages,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1690 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Admin-Multiselect-Property-Pages +adminDescription: Admin-Multiselect-Property-Pages +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: adminMultiselectPropertyPages +schemaIDGUID: 18f9b67d-5ac6-4b3b-97db-d0a406afb7ba +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Options,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.307 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Options +adminDescription: Options +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: options +schemaIDGUID: 19195a53-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Lock-Out-Observation-Window,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.61 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Lock-Out-Observation-Window +adminDescription: Lock-Out-Observation-Window +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lockOutObservationWindow +schemaIDGUID: bf9679a4-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Default-Local-Policy-Object,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.57 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Default-Local-Policy-Object +oMObjectClass:: KwwCh3McAIVK +adminDescription: Default-Local-Policy-Object +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: defaultLocalPolicyObject +schemaIDGUID: bf96799f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Creation-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.26 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Creation-Time +adminDescription: Creation-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: creationTime +schemaIDGUID: bf967946-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Registered-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.26 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 4096 +mAPIID: 33049 +showInAdvancedViewOnly: TRUE +adminDisplayName: Registered-Address +adminDescription: Registered-Address +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: registeredAddress +schemaIDGUID: bf967a10-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE + +dn: CN=Postal-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.16 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 4096 +mAPIID: 33036 +showInAdvancedViewOnly: TRUE +adminDisplayName: Postal-Address +adminDescription: Postal-Address +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: postalAddress +schemaIDGUID: bf9679fc-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Initials,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.43 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 6 +mAPIID: 14858 +showInAdvancedViewOnly: TRUE +adminDisplayName: Initials +adminDescription: Initials +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: initials +schemaIDGUID: f0f8ff90-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Is-Single-Valued,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.33 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +mAPIID: 32961 +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Single-Valued +adminDescription: Is-Single-Valued +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: isSingleValued +schemaIDGUID: bf967992-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Netboot-SIF-File,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1240 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Netboot-SIF-File +adminDescription: Netboot-SIF-File +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: netbootSIFFile +schemaIDGUID: 2df90d84-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Additional-Sam-Account-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1718 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 0 +rangeUpper: 256 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Additional-Sam-Account-Name +adminDescription: ms-DS-Additional-Sam-Account-Name +oMSyntax: 64 +searchFlags: 13 +lDAPDisplayName: msDS-AdditionalSamAccountName +schemaIDGUID: 975571df-a4d5-429a-9f59-cdc6581d91e6 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=System-Poss-Superiors,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.195 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: System-Poss-Superiors +adminDescription: System-Poss-Superiors +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: systemPossSuperiors +schemaIDGUID: bf967a47-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=photo,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.7 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: photo +adminDescription: An object encoded in G3 fax as explained in recommendation T.4, with an ASN.1 wrapper to make it compatible with an X.400 BodyPart as defined in X.420. +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: photo +schemaIDGUID: 9c979768-ba1a-4c08-9632-c6a5c1ed649a +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Employee-Number,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.610 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 512 +mAPIID: 35943 +showInAdvancedViewOnly: TRUE +adminDisplayName: Employee-Number +adminDescription: Employee-Number +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: employeeNumber +schemaIDGUID: a8df73ef-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Lockout-Time,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.662 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Lockout-Time +adminDescription: Lockout-Time +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lockoutTime +schemaIDGUID: 28630ebf-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Dynamic-LDAP-Server,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.537 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Dynamic-LDAP-Server +oMObjectClass:: KwwCh3McAIVK +adminDescription: Dynamic-LDAP-Server +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: dynamicLDAPServer +schemaIDGUID: 52458021-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Extended-Attribute-Info,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.909 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Extended-Attribute-Info +adminDescription: Extended-Attribute-Info +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: extendedAttributeInfo +schemaIDGUID: 9a7ad947-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=ms-Exch-Assistant-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.444 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 256 +mAPIID: 14896 +adminDisplayName: ms-Exch-Assistant-Name +adminDescription: ms-Exch-Assistant-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msExchAssistantName +schemaIDGUID: a8df7394-c5ea-11d1-bbcb-0080c76670c0 + +dn: CN=GPC-User-Extension-Names,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1349 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: GPC-User-Extension-Names +adminDescription: GPC-User-Extension-Names +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: gPCUserExtensionNames +schemaIDGUID: 42a75fc6-783f-11d2-9916-0000f87a57d4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Non-Members-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1794 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2015 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Non-Members-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: MS-DS-Non-Members-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-NonMembersBL +schemaIDGUID: 2a8c68fc-3a7a-4e87-8720-fe77c51cbe74 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Admin-Display-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.194 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 256 +mAPIID: 32843 +showInAdvancedViewOnly: TRUE +adminDisplayName: Admin-Display-Name +adminDescription: Admin-Display-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: adminDisplayName +schemaIDGUID: bf96791a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Context-Menu,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.499 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Context-Menu +adminDescription: Context-Menu +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: contextMenu +schemaIDGUID: 4d8601ee-ac85-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Link-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.50 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 32965 +showInAdvancedViewOnly: TRUE +adminDisplayName: Link-ID +adminDescription: Link-ID +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: linkID +schemaIDGUID: bf96799b-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=attributeCertificateAttribute,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.58 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: attributeCertificateAttribute +adminDescription: A digitally signed or certified identity and set of attributes. Used to bind authorization information to an identity. X.509 +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: attributeCertificateAttribute +schemaIDGUID: fa4693bb-7bc2-4cb9-81a8-c99c43b7905e +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Surname,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.4 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14865 +showInAdvancedViewOnly: TRUE +adminDisplayName: Surname +adminDescription: Surname +oMSyntax: 64 +searchFlags: 5 +lDAPDisplayName: sn +schemaIDGUID: bf967a41-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=SAM-Account-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.221 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 256 +showInAdvancedViewOnly: TRUE +adminDisplayName: SAM-Account-Name +adminDescription: SAM-Account-Name +oMSyntax: 64 +searchFlags: 13 +lDAPDisplayName: sAMAccountName +schemaIDGUID: 3e0abfd0-126a-11d0-a060-00aa006c33ed +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Governs-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.22 +attributeSyntax: 2.5.5.2 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Governs-ID +adminDescription: Governs-ID +oMSyntax: 6 +searchFlags: 8 +lDAPDisplayName: governsID +schemaIDGUID: bf96797d-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=jpegPhoto,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.60 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: jpegPhoto +adminDescription: Used to store one or more images of a person using the JPEG File Interchange Format [JFIF]. +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: jpegPhoto +schemaIDGUID: bac80572-09c4-4fa9-9ae6-7628d7adbe0e +systemOnly: FALSE +systemFlags: 0 + +dn: CN=MSMQ-Sign-Certificates,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.947 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +rangeUpper: 1048576 +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Sign-Certificates +adminDescription: MSMQ-Sign-Certificates +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: mSMQSignCertificates +schemaIDGUID: 9a0dc33b-c100-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Initial-Auth-Incoming,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.539 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Initial-Auth-Incoming +adminDescription: Initial-Auth-Incoming +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: initialAuthIncoming +schemaIDGUID: 52458023-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Domain-Cross-Ref,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.472 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Domain-Cross-Ref +oMObjectClass:: KwwCh3McAIVK +adminDescription: Domain-Cross-Ref +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: domainCrossRef +schemaIDGUID: b000ea7b-a086-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Text-Encoded-OR-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.2 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 1024 +mAPIID: 35969 +showInAdvancedViewOnly: TRUE +adminDisplayName: Text-Encoded-OR-Address +adminDescription: Text-Encoded-OR-Address +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: textEncodedORAddress +schemaIDGUID: a8df7489-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE + +dn: CN=GPC-Functionality-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.893 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: GPC-Functionality-Version +adminDescription: GPC-Functionality-Version +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: gPCFunctionalityVersion +schemaIDGUID: f30e3bc0-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=USN-DSA-Last-Obj-Removed,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.267 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +mAPIID: 33109 +showInAdvancedViewOnly: TRUE +adminDisplayName: USN-DSA-Last-Obj-Removed +adminDescription: USN-DSA-Last-Obj-Removed +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: uSNDSALastObjRemoved +schemaIDGUID: bf967a71-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=ms-DS-Operations-For-Az-Role-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1813 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2023 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Operations-For-Az-Role-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Back-link from Az-Operation to Az-Role object(s) linking to it +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-OperationsForAzRoleBL +schemaIDGUID: f85b6228-3734-4525-b6b7-3f3bb220902c +systemOnly: TRUE +systemFlags: 17 + +dn: CN=MS-DS-Consistency-Child-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1361 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Consistency-Child-Count +adminDescription: MS-DS-Consistency-Child-Count +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: mS-DS-ConsistencyChildCount +schemaIDGUID: 178b7bc2-b63a-11d2-90e1-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=DSA-Signature,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.74 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +mAPIID: 32887 +showInAdvancedViewOnly: TRUE +adminDisplayName: DSA-Signature +adminDescription: DSA-Signature +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: dSASignature +schemaIDGUID: 167757bc-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Allowed-Child-Classes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.911 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Allowed-Child-Classes +adminDescription: Allowed-Child-Classes +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: allowedChildClasses +schemaIDGUID: 9a7ad942-ca53-11d1-bbd0-0080c76670c0 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Allowed-Attributes-Effective,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.914 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Allowed-Attributes-Effective +adminDescription: Allowed-Attributes-Effective +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: allowedAttributesEffective +schemaIDGUID: 9a7ad941-ca53-11d1-bbd0-0080c76670c0 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=NT-Mixed-Domain,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.357 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: NT-Mixed-Domain +adminDescription: NT-Mixed-Domain +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: nTMixedDomain +schemaIDGUID: 3e97891f-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Has-Instantiated-NCs,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1709 +attributeSyntax: 2.5.5.7 +isSingleValued: FALSE +rangeLower: 4 +rangeUpper: 4 +linkID: 2002 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Has-Instantiated-NCs +oMObjectClass:: KoZIhvcUAQEBCw== +adminDescription: DS replication information detailing the state of the NCs present on a particular server. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-HasInstantiatedNCs +schemaIDGUID: 11e9a5bc-4517-4049-af9c-51554fb0fc09 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Min-Pwd-Length,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.79 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Min-Pwd-Length +adminDescription: Min-Pwd-Length +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: minPwdLength +schemaIDGUID: bf9679c3-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Domain-Policy-Object,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.32 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Domain-Policy-Object +oMObjectClass:: KwwCh3McAIVK +adminDescription: Domain-Policy-Object +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: domainPolicyObject +schemaIDGUID: bf96795d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Physical-Delivery-Office-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.19 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 14873 +showInAdvancedViewOnly: TRUE +adminDisplayName: Physical-Delivery-Office-Name +adminDescription: Physical-Delivery-Office-Name +oMSyntax: 64 +searchFlags: 5 +lDAPDisplayName: physicalDeliveryOfficeName +schemaIDGUID: bf9679f7-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Volume-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.507 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Volume-Count +adminDescription: Volume-Count +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: volumeCount +schemaIDGUID: 34aaa217-b699-11d0-afee-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msRADIUSServiceType,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1171 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: msRADIUSServiceType +adminDescription: msRADIUSServiceType +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msRADIUSServiceType +schemaIDGUID: db0c90b6-c1f2-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Last-Logon,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.52 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Last-Logon +adminDescription: Last-Logon +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lastLogon +schemaIDGUID: bf967997-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Groups-to-Ignore,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.344 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Groups-to-Ignore +adminDescription: Groups-to-Ignore +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: groupsToIgnore +schemaIDGUID: eea65904-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Schema-Info,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1358 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Schema-Info +adminDescription: Schema-Info +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: schemaInfo +schemaIDGUID: f9fb64ae-93b4-11d2-9945-0000f87a57d4 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Domain-Component,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.25 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 255 +showInAdvancedViewOnly: TRUE +adminDisplayName: Domain-Component +adminDescription: Domain-Component +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: dc +schemaIDGUID: 19195a55-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Object-Category,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.782 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Object-Category +oMObjectClass:: KwwCh3McAIVK +adminDescription: Object-Category +oMSyntax: 127 +searchFlags: 1 +lDAPDisplayName: objectCategory +schemaIDGUID: 26d97369-6070-11d1-a9c6-0000f80367c1 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Modify-Time-Stamp,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.18.2 +attributeSyntax: 2.5.5.11 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Modify-Time-Stamp +adminDescription: Modify-Time-Stamp +oMSyntax: 24 +searchFlags: 0 +lDAPDisplayName: modifyTimeStamp +schemaIDGUID: 9a7ad94a-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Display-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.13 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 256 +showInAdvancedViewOnly: TRUE +adminDisplayName: Display-Name +adminDescription: Display-Name +oMSyntax: 64 +searchFlags: 5 +lDAPDisplayName: displayName +schemaIDGUID: bf967953-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Admin-Description,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.226 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 1024 +mAPIID: 32842 +showInAdvancedViewOnly: TRUE +adminDisplayName: Admin-Description +adminDescription: Admin-Description +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: adminDescription +schemaIDGUID: bf967919-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-DnsRootAlias,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1719 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 255 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-DnsRootAlias +adminDescription: ms-DS-DnsRootAlias +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-DnsRootAlias +schemaIDGUID: 2143acca-eead-4d29-b591-85fa49ce9173 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Creation-Wizard,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.498 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Creation-Wizard +adminDescription: Creation-Wizard +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: creationWizard +schemaIDGUID: 4d8601ed-ac85-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Has-Partial-Replica-NCs,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.15 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 32949 +linkID: 74 +showInAdvancedViewOnly: TRUE +adminDisplayName: Has-Partial-Replica-NCs +oMObjectClass:: KwwCh3McAIVK +adminDescription: Has-Partial-Replica-NCs +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: hasPartialReplicaNCs +schemaIDGUID: bf967981-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Control-Access-Rights,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.200 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Control-Access-Rights +adminDescription: Control-Access-Rights +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: controlAccessRights +schemaIDGUID: 6da8a4fc-0e52-11d0-a286-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=UAS-Compat,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.155 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: UAS-Compat +adminDescription: UAS-Compat +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: uASCompat +schemaIDGUID: bf967a61-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Object-Sid,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.146 +attributeSyntax: 2.5.5.17 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 28 +mAPIID: 32807 +showInAdvancedViewOnly: TRUE +adminDisplayName: Object-Sid +adminDescription: Object-Sid +oMSyntax: 4 +searchFlags: 9 +lDAPDisplayName: objectSid +schemaIDGUID: bf9679e8-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Title,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.12 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14871 +showInAdvancedViewOnly: TRUE +adminDisplayName: Title +adminDescription: Title +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: title +schemaIDGUID: bf967a55-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-Pager-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.118 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 35950 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Pager-Other +adminDescription: Phone-Pager-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: otherPager +schemaIDGUID: f0f8ffa4-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Division,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.261 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 256 +showInAdvancedViewOnly: TRUE +adminDisplayName: Division +adminDescription: Division +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: division +schemaIDGUID: fe6136a0-2073-11d0-a9c2-00aa006c33ed +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Range-Upper,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.35 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 33044 +showInAdvancedViewOnly: TRUE +adminDisplayName: Range-Upper +adminDescription: Range-Upper +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: rangeUpper +schemaIDGUID: bf967a0d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=OM-Object-Class,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.218 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +mAPIID: 33021 +showInAdvancedViewOnly: TRUE +adminDisplayName: OM-Object-Class +adminDescription: OM-Object-Class +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: oMObjectClass +schemaIDGUID: bf9679ec-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=MAPI-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.49 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 32974 +showInAdvancedViewOnly: TRUE +adminDisplayName: MAPI-ID +adminDescription: MAPI-ID +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: mAPIID +schemaIDGUID: bf9679b7-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=SAM-Account-Type,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.302 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: SAM-Account-Type +adminDescription: SAM-Account-Type +oMSyntax: 2 +searchFlags: 1 +lDAPDisplayName: sAMAccountType +schemaIDGUID: 6e7b626c-64f2-11d0-afd2-00c04fd930c9 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Object-Class-Category,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.370 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 3 +mAPIID: 33014 +showInAdvancedViewOnly: TRUE +adminDisplayName: Object-Class-Category +adminDescription: Object-Class-Category +oMSyntax: 10 +searchFlags: 0 +lDAPDisplayName: objectClassCategory +schemaIDGUID: bf9679e6-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Default-Hiding-Value,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.518 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Default-Hiding-Value +adminDescription: Default-Hiding-Value +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: defaultHidingValue +schemaIDGUID: b7b13116-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msNPAllowDialin,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1119 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: msNPAllowDialin +adminDescription: msNPAllowDialin +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: msNPAllowDialin +schemaIDGUID: db0c9085-c1f2-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Code-Page,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.16 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 65535 +showInAdvancedViewOnly: TRUE +adminDisplayName: Code-Page +adminDescription: Code-Page +oMSyntax: 2 +searchFlags: 16 +lDAPDisplayName: codePage +schemaIDGUID: bf967938-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Admin-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.150 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Admin-Count +adminDescription: Admin-Count +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: adminCount +schemaIDGUID: bf967918-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Schema-Update,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.481 +attributeSyntax: 2.5.5.11 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Schema-Update +adminDescription: Schema-Update +oMSyntax: 24 +searchFlags: 0 +lDAPDisplayName: schemaUpdate +schemaIDGUID: 1e2d06b4-ac8f-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Trust-Direction,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.132 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Direction +adminDescription: Trust-Direction +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: trustDirection +schemaIDGUID: bf967a5c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Enabled,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.557 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +mAPIID: 35873 +showInAdvancedViewOnly: TRUE +adminDisplayName: Enabled +adminDescription: Enabled +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: Enabled +schemaIDGUID: a8df73f2-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Locality-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.7 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 14887 +showInAdvancedViewOnly: TRUE +adminDisplayName: Locality-Name +adminDescription: Locality-Name +oMSyntax: 64 +searchFlags: 17 +lDAPDisplayName: l +schemaIDGUID: bf9679a2-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=EFSPolicy,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.268 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: EFSPolicy +adminDescription: EFSPolicy +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: eFSPolicy +schemaIDGUID: 8e4eb2ec-4712-11d0-a1a0-00c04fd930c9 +attributeSecurityGUID: a29b89fd-c7e8-11d0-9bae-00c04fd92ef5 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Builtin-Modified-Count,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.14 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Builtin-Modified-Count +adminDescription: Builtin-Modified-Count +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: builtinModifiedCount +schemaIDGUID: bf967930-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-Office-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.18 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14875 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Office-Other +adminDescription: Phone-Office-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: otherTelephone +schemaIDGUID: f0f8ffa5-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Phone-ISDN-Primary,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.649 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-ISDN-Primary +adminDescription: Phone-ISDN-Primary +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: primaryInternationalISDNNumber +schemaIDGUID: 0296c11f-40da-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Employee-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.35 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Employee-ID +adminDescription: Employee-ID +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: employeeID +schemaIDGUID: bf967962-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Tombstone-Lifetime,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.54 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +mAPIID: 33093 +showInAdvancedViewOnly: TRUE +adminDisplayName: Tombstone-Lifetime +adminDescription: Tombstone-Lifetime +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: tombstoneLifetime +schemaIDGUID: 16c3a860-1273-11d0-a060-00aa006c33ed +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Operating-System-Service-Pack,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.365 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Operating-System-Service-Pack +adminDescription: Operating-System-Service-Pack +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: operatingSystemServicePack +schemaIDGUID: 3e978927-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Netboot-Initialization,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.358 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Netboot-Initialization +adminDescription: Netboot-Initialization +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: netbootInitialization +schemaIDGUID: 3e978920-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=User-Principal-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.656 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeUpper: 1024 +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Principal-Name +adminDescription: User-Principal-Name +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: userPrincipalName +schemaIDGUID: 28630ebb-41d5-11d1-a9c1-0000f80367c1 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Service-Principal-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.771 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Service-Principal-Name +adminDescription: Service-Principal-Name +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: servicePrincipalName +schemaIDGUID: f3a64788-5306-11d1-a9c5-0000f80367c1 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Other-Login-Workstations,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.91 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 0 +rangeUpper: 1024 +showInAdvancedViewOnly: TRUE +adminDisplayName: Other-Login-Workstations +adminDescription: Other-Login-Workstations +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: otherLoginWorkstations +schemaIDGUID: bf9679f1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-IIS-FTP-Dir,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1786 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 256 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-IIS-FTP-Dir +adminDescription: Relative user directory on an FTP Root share. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msIIS-FTPDir +schemaIDGUID: 8a5c99e9-2230-46eb-b8e8-e59d712eb9ee +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Site-Affinity,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1443 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Site-Affinity +adminDescription: ms-DS-Site-Affinity +oMSyntax: 4 +searchFlags: 1 +lDAPDisplayName: msDS-Site-Affinity +schemaIDGUID: c17c5602-bcb7-46f0-9656-6370ca884b72 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Max-Storage,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.76 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Max-Storage +adminDescription: Max-Storage +oMSyntax: 65 +searchFlags: 16 +lDAPDisplayName: maxStorage +schemaIDGUID: bf9679bd-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=NT-Security-Descriptor,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.281 +attributeSyntax: 2.5.5.15 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 132096 +mAPIID: 32787 +showInAdvancedViewOnly: TRUE +adminDisplayName: NT-Security-Descriptor +adminDescription: NT-Security-Descriptor +oMSyntax: 66 +searchFlags: 8 +lDAPDisplayName: nTSecurityDescriptor +schemaIDGUID: bf9679e3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 26 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Site-Object-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.513 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 47 +showInAdvancedViewOnly: TRUE +adminDisplayName: Site-Object-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Site-Object-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: siteObjectBL +schemaIDGUID: 3e10944d-c354-11d0-aff8-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Query-Policy-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.608 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 69 +showInAdvancedViewOnly: TRUE +adminDisplayName: Query-Policy-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Query-Policy-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: queryPolicyBL +schemaIDGUID: e1aea404-cd5b-11d0-afff-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Partial-Attribute-Set,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.640 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Partial-Attribute-Set +adminDescription: Partial-Attribute-Set +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: partialAttributeSet +schemaIDGUID: 19405b9e-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Obj-Dist-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.49 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +mAPIID: 32828 +showInAdvancedViewOnly: TRUE +adminDisplayName: Obj-Dist-Name +oMObjectClass:: KwwCh3McAIVK +adminDescription: Obj-Dist-Name +oMSyntax: 127 +searchFlags: 8 +lDAPDisplayName: distinguishedName +schemaIDGUID: bf9679e4-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Description,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.13 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 0 +rangeUpper: 1024 +mAPIID: 32879 +showInAdvancedViewOnly: TRUE +adminDisplayName: Description +adminDescription: Description +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: description +schemaIDGUID: bf967950-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-Az-Class-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1816 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 40 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Class-ID +adminDescription: A class ID required by the AzRoles UI on the AzApplication object +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AzClassId +schemaIDGUID: 013a7277-5c2d-49ef-a7de-b765b36a3f6f +systemOnly: FALSE +systemFlags: 16 + +dn: CN=RID-Available-Pool,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.370 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: RID-Available-Pool +adminDescription: RID-Available-Pool +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: rIDAvailablePool +schemaIDGUID: 66171888-8f3c-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Shell-Property-Pages,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.563 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Shell-Property-Pages +adminDescription: Shell-Property-Pages +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: shellPropertyPages +schemaIDGUID: 52458039-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-SPN-Suffixes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1715 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeUpper: 255 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-SPN-Suffixes +adminDescription: ms-DS-SPN-Suffixes +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-SPNSuffixes +schemaIDGUID: 789ee1eb-8c8e-4e4c-8cec-79b31b7617b5 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Private-Key,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.101 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Private-Key +adminDescription: Private-Key +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: privateKey +schemaIDGUID: bf967a03-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Facsimile-Telephone-Number,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.23 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14883 +showInAdvancedViewOnly: TRUE +adminDisplayName: Facsimile-Telephone-Number +adminDescription: Facsimile-Telephone-Number +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: facsimileTelephoneNumber +schemaIDGUID: bf967974-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Search-Flags,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.334 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +mAPIID: 33069 +showInAdvancedViewOnly: TRUE +adminDisplayName: Search-Flags +adminDescription: Search-Flags +oMSyntax: 10 +searchFlags: 0 +lDAPDisplayName: searchFlags +schemaIDGUID: bf967a2d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Schema-Flags-Ex,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.120 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Schema-Flags-Ex +adminDescription: Schema-Flags-Ex +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: schemaFlagsEx +schemaIDGUID: bf967a2b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Is-Ephemeral,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1212 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Is-Ephemeral +adminDescription: Is-Ephemeral +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: isEphemeral +schemaIDGUID: f4c453f0-c5f1-11d1-bbcb-0080c76670c0 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=MSMQ-Nt4-Stub,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.960 +attributeSyntax: 2.5.5.9 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Nt4-Stub +adminDescription: MSMQ-Nt4-Stub +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: mSMQNt4Stub +schemaIDGUID: 6f914be6-d57e-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-IIS-FTP-Root,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1785 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 256 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-IIS-FTP-Root +adminDescription: Virtual FTP Root where user home directory resides. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msIIS-FTPRoot +schemaIDGUID: 2a7827a4-1483-49a5-9d84-52e3812156b4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Group-Priority,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.345 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Group-Priority +adminDescription: Group-Priority +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: groupPriority +schemaIDGUID: eea65905-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Bridgehead-Transport-List,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.819 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 98 +showInAdvancedViewOnly: TRUE +adminDisplayName: Bridgehead-Transport-List +oMObjectClass:: KwwCh3McAIVK +adminDescription: Bridgehead-Transport-List +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: bridgeheadTransportList +schemaIDGUID: d50c2cda-8951-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Extended-Class-Info,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.908 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Extended-Class-Info +adminDescription: Extended-Class-Info +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: extendedClassInfo +schemaIDGUID: 9a7ad948-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Flat-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.511 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Flat-Name +adminDescription: Flat-Name +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: flatName +schemaIDGUID: b7b13117-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Wbem-Path,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.301 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Wbem-Path +adminDescription: Wbem-Path +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: wbemPath +schemaIDGUID: 244b2970-5abd-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-NC-Repl-Outbound-Neighbors,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1706 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-NC-Repl-Outbound-Neighbors +adminDescription: ms-DS-NC-Repl-Outbound-Neighbors +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-NCReplOutboundNeighbors +schemaIDGUID: 855f2ef5-a1c5-4cc4-ba6d-32522848b61f +systemOnly: FALSE +systemFlags: 20 + +dn: CN=ms-DS-Operations-For-Az-Task-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1809 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2019 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Operations-For-Az-Task-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Back-link from Az-Operation to Az-Task object(s) linking to it +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-OperationsForAzTaskBL +schemaIDGUID: a637d211-5739-4ed1-89b2-88974548bc59 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Show-In-Advanced-View-Only,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.169 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Show-In-Advanced-View-Only +adminDescription: Show-In-Advanced-View-Only +oMSyntax: 1 +searchFlags: 17 +lDAPDisplayName: showInAdvancedViewOnly +schemaIDGUID: bf967984-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Behavior-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1459 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Behavior-Version +adminDescription: ms-DS-Behavior-Version +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-Behavior-Version +schemaIDGUID: d31a8757-2447-4545-8081-3bb610cacbf2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=ms-DS-Has-Master-NCs,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1836 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2036 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Has-Master-NCs +oMObjectClass:: KwwCh3McAIVK +adminDescription: A list of the naming contexts contained by a DC. Deprecates hasMasterNCs. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-hasMasterNCs +schemaIDGUID: ae2de0e2-59d7-4d47-8d47-ed4dfe4357ad +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Pwd-History-Length,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.95 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 0 +rangeUpper: 65535 +showInAdvancedViewOnly: TRUE +adminDisplayName: Pwd-History-Length +adminDescription: Pwd-History-Length +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: pwdHistoryLength +schemaIDGUID: bf967a09-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Pek-List,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.865 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Pek-List +adminDescription: Pek-List +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: pekList +schemaIDGUID: 07383083-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Postal-Code,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.17 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 40 +mAPIID: 14890 +showInAdvancedViewOnly: TRUE +adminDisplayName: Postal-Code +adminDescription: Postal-Code +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: postalCode +schemaIDGUID: bf9679fd-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Netboot-Mirror-Data-File,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1241 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Netboot-Mirror-Data-File +adminDescription: Netboot-Mirror-Data-File +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: netbootMirrorDataFile +schemaIDGUID: 2df90d85-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Default-Class-Store,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.213 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Default-Class-Store +oMObjectClass:: KwwCh3McAIVK +adminDescription: Default-Class-Store +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: defaultClassStore +schemaIDGUID: bf967948-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MSMQ-Site-ID,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.953 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Site-ID +adminDescription: MSMQ-Site-ID +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: mSMQSiteID +schemaIDGUID: 9a0dc340-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Show-In-Address-Book,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.644 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Show-In-Address-Book +oMObjectClass:: KwwCh3McAIVK +adminDescription: Show-In-Address-Book +oMSyntax: 127 +searchFlags: 16 +lDAPDisplayName: showInAddressBook +schemaIDGUID: 3e74f60e-3e73-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=When-Created,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.2 +attributeSyntax: 2.5.5.11 +isSingleValued: TRUE +mAPIID: 12295 +showInAdvancedViewOnly: TRUE +adminDisplayName: When-Created +adminDescription: When-Created +oMSyntax: 24 +searchFlags: 0 +lDAPDisplayName: whenCreated +schemaIDGUID: bf967a78-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=DS-Core-Propagation-Data,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1357 +attributeSyntax: 2.5.5.11 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: DS-Core-Propagation-Data +adminDescription: DS-Core-Propagation-Data +oMSyntax: 24 +searchFlags: 0 +lDAPDisplayName: dSCorePropagationData +schemaIDGUID: d167aa4b-8b08-11d2-9939-0000f87a57d4 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Display-Name-Printable,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.353 +attributeSyntax: 2.5.5.5 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 256 +mAPIID: 14847 +showInAdvancedViewOnly: TRUE +adminDisplayName: Display-Name-Printable +adminDescription: Display-Name-Printable +oMSyntax: 19 +searchFlags: 0 +lDAPDisplayName: displayNamePrintable +schemaIDGUID: bf967954-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Ipsec-Owners-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.624 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Owners-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: Ipsec-Owners-Reference +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: ipsecOwnersReference +schemaIDGUID: b40ff824-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=State-Or-Province-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.8 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 14888 +showInAdvancedViewOnly: TRUE +adminDisplayName: State-Or-Province-Name +adminDescription: State-Or-Province-Name +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: st +schemaIDGUID: bf967a39-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Server-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.515 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +linkID: 94 +showInAdvancedViewOnly: TRUE +adminDisplayName: Server-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: Server-Reference +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: serverReference +schemaIDGUID: 26d9736d-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Has-Domain-NCs,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1820 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +rangeLower: 4 +rangeUpper: 4 +linkID: 2026 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Has-Domain-NCs +oMObjectClass:: KwwCh3McAIVK +adminDescription: DS replication information detailing the domain NCs present on a particular server. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-HasDomainNCs +schemaIDGUID: 6f17e347-a842-4498-b8b3-15e007da4fed +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Invocation-Id,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.115 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +mAPIID: 32959 +showInAdvancedViewOnly: TRUE +adminDisplayName: Invocation-Id +adminDescription: Invocation-Id +oMSyntax: 4 +searchFlags: 1 +lDAPDisplayName: invocationId +schemaIDGUID: bf96798e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Replica-Source,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.109 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Replica-Source +adminDescription: Replica-Source +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: replicaSource +schemaIDGUID: bf967a18-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Phone-Ip-Primary,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.721 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Ip-Primary +adminDescription: Phone-Ip-Primary +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: ipPhone +schemaIDGUID: 4d146e4a-48d4-11d1-a9c3-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Phone-Home-Other,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.277 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14895 +showInAdvancedViewOnly: TRUE +adminDisplayName: Phone-Home-Other +adminDescription: Phone-Home-Other +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: otherHomePhone +schemaIDGUID: f0f8ffa2-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Organization-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.10 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 33025 +showInAdvancedViewOnly: TRUE +adminDisplayName: Organization-Name +adminDescription: Organization-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: o +schemaIDGUID: bf9679ef-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Extended-Chars-Allowed,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.380 +attributeSyntax: 2.5.5.8 +isSingleValued: TRUE +mAPIID: 32935 +showInAdvancedViewOnly: TRUE +adminDisplayName: Extended-Chars-Allowed +adminDescription: Extended-Chars-Allowed +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: extendedCharsAllowed +schemaIDGUID: bf967966-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Operating-System,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.363 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Operating-System +adminDescription: Operating-System +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: operatingSystem +schemaIDGUID: 3e978925-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Object-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1840 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2038 +showInAdvancedViewOnly: FALSE +adminDisplayName: ms-DS-Object-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: A link to the object that uses the data stored in the object that contains this attribute. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-ObjectReference +schemaIDGUID: 638ec2e8-22e7-409c-85d2-11b21bee72de +systemOnly: FALSE + +dn: CN=MSMQ-Interval1,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1308 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Interval1 +adminDescription: MSMQ-Interval1 +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: mSMQInterval1 +schemaIDGUID: 8ea825aa-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Rid,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.153 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Rid +adminDescription: Rid +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: rid +schemaIDGUID: bf967a22-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Profile-Path,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.139 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Profile-Path +adminDescription: Profile-Path +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: profilePath +schemaIDGUID: bf967a05-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msRADIUSCallbackNumber,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1145 +attributeSyntax: 2.5.5.5 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: msRADIUSCallbackNumber +adminDescription: msRADIUSCallbackNumber +oMSyntax: 22 +searchFlags: 0 +lDAPDisplayName: msRADIUSCallbackNumber +schemaIDGUID: db0c909c-c1f2-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ACS-Policy-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.772 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ACS-Policy-Name +adminDescription: ACS-Policy-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: aCSPolicyName +schemaIDGUID: 1cb3559a-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Comment,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.81 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 1024 +mAPIID: 12292 +showInAdvancedViewOnly: TRUE +adminDisplayName: Comment +adminDescription: Comment +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: info +schemaIDGUID: bf96793e-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Object-Reference-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1841 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2039 +showInAdvancedViewOnly: FALSE +adminDisplayName: ms-DS-Object-Reference-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: Back link for ms-DS-Object-Reference. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDS-ObjectReferenceBL +schemaIDGUID: 2b702515-c1f7-4b3b-b148-c0e4c6ceecb4 +systemOnly: TRUE +systemFlags: 1 + +dn: CN=When-Changed,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.3 +attributeSyntax: 2.5.5.11 +isSingleValued: TRUE +mAPIID: 12296 +showInAdvancedViewOnly: TRUE +adminDisplayName: When-Changed +adminDescription: When-Changed +oMSyntax: 24 +searchFlags: 0 +lDAPDisplayName: whenChanged +schemaIDGUID: bf967a77-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=USN-Last-Obj-Rem,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.121 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +mAPIID: 33110 +showInAdvancedViewOnly: TRUE +adminDisplayName: USN-Last-Obj-Rem +adminDescription: USN-Last-Obj-Rem +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: uSNLastObjRem +schemaIDGUID: bf967a73-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Reps-To,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.83 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Reps-To +oMObjectClass:: KoZIhvcUAQEBBg== +adminDescription: Reps-To +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: repsTo +schemaIDGUID: bf967a1e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Repl-UpToDate-Vector,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.4 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Repl-UpToDate-Vector +adminDescription: Repl-UpToDate-Vector +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: replUpToDateVector +schemaIDGUID: bf967a16-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=netboot-SCP-BL,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.864 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 101 +showInAdvancedViewOnly: TRUE +adminDisplayName: netboot-SCP-BL +oMObjectClass:: KwwCh3McAIVK +adminDescription: netboot-SCP-BL +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: netbootSCPBL +schemaIDGUID: 07383082-91df-11d1-aebc-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-DS-Mastered-By,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1837 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 2037 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Mastered-By +oMObjectClass:: KwwCh3McAIVK +adminDescription: Back link for msDS-hasMasterNCs. +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msDs-masteredBy +schemaIDGUID: 60234769-4819-4615-a1b2-49d2f119acb5 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-COM-PartitionSetLink,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1424 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +linkID: 1041 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-COM-PartitionSetLink +oMObjectClass:: KwwCh3McAIVK +adminDescription: Link from a Partition to a PartitionSet. Default = adminDisplayName +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: msCOM-PartitionSetLink +schemaIDGUID: 67f121dc-7d02-4c7d-82f5-9ad4c950ac34 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Common-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.3 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +mAPIID: 14863 +showInAdvancedViewOnly: TRUE +adminDisplayName: Common-Name +adminDescription: Common-Name +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: cn +schemaIDGUID: bf96793f-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=MS-DS-All-Users-Trust-Quota,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1789 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-All-Users-Trust-Quota +adminDescription: Used to enforce a combined users quota on the total number of Trusted-Domain objects created by using the control access right, "Create inbound Forest trust". +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-AllUsersTrustQuota +schemaIDGUID: d3aa4a5c-4e03-4810-97aa-2b339e7a434b +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Default-Group,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.480 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Default-Group +oMObjectClass:: KwwCh3McAIVK +adminDescription: Default-Group +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: defaultGroup +schemaIDGUID: 720bc4e2-a54a-11d0-afdf-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Ipsec-Filter-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.629 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Filter-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: Ipsec-Filter-Reference +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: ipsecFilterReference +schemaIDGUID: b40ff823-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=User-Comment,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.156 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: User-Comment +adminDescription: User-Comment +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: comment +schemaIDGUID: bf967a6a-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-ds-Schema-Extensions,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1440 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-ds-Schema-Extensions +adminDescription: ms-ds-Schema-Extensions +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: msDs-Schema-Extensions +schemaIDGUID: b39a61be-ed07-4cab-9a4a-4963ed0141e1 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Local-Policy-Flags,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.56 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Local-Policy-Flags +adminDescription: Local-Policy-Flags +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: localPolicyFlags +schemaIDGUID: bf96799e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MSMQ-Interval2,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1309 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Interval2 +adminDescription: MSMQ-Interval2 +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: mSMQInterval2 +schemaIDGUID: 99b88f52-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=SID-History,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.609 +attributeSyntax: 2.5.5.17 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: SID-History +adminDescription: SID-History +oMSyntax: 4 +searchFlags: 1 +lDAPDisplayName: sIDHistory +schemaIDGUID: 17eb4278-d167-11d0-b002-0000f80367c1 +attributeSecurityGUID: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemOnly: FALSE +systemFlags: 18 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Unicode-Pwd,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.90 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Unicode-Pwd +adminDescription: Unicode-Pwd +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: unicodePwd +schemaIDGUID: bf9679e1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=msRASSavedFramedIPAddress,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1190 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: msRASSavedFramedIPAddress +adminDescription: msRASSavedFramedIPAddress +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msRASSavedFramedIPAddress +schemaIDGUID: db0c90c6-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MS-DRM-Identity-Certificate,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1843 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 10240 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DRM-Identity-Certificate +adminDescription: The XrML digital rights management certificates for this user. +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: msDRM-IdentityCertificate +schemaIDGUID: e85e1204-3434-41ad-9b56-e2901228fff0 +systemFlags: 16 + +dn: CN=Last-Logoff,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.51 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Last-Logoff +adminDescription: Last-Logoff +oMSyntax: 65 +searchFlags: 0 +lDAPDisplayName: lastLogoff +schemaIDGUID: bf967996-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 17 + +dn: CN=DMD-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.598 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 1024 +mAPIID: 35926 +showInAdvancedViewOnly: TRUE +adminDisplayName: DMD-Name +adminDescription: DMD-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: dmdName +schemaIDGUID: 167757b9-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-Exch-LabeledURI,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.593 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 1024 +mAPIID: 35921 +adminDisplayName: ms-Exch-LabeledURI +adminDescription: ms-Exch-LabeledURI +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msExchLabeledURI +schemaIDGUID: 16775820-47f3-11d1-a9c3-0000f80367c1 + +dn: CN=Reports,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.436 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 32782 +linkID: 43 +showInAdvancedViewOnly: TRUE +adminDisplayName: Reports +oMObjectClass:: KwwCh3McAIVK +adminDescription: Reports +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: directReports +schemaIDGUID: bf967a1c-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=Repl-Property-Meta-Data,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.3 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Repl-Property-Meta-Data +adminDescription: Repl-Property-Meta-Data +oMSyntax: 4 +searchFlags: 8 +lDAPDisplayName: replPropertyMetaData +schemaIDGUID: 281416c0-1968-11d0-a28f-00aa003049e2 +systemOnly: TRUE +systemFlags: 27 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=From-Entry,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.910 +attributeSyntax: 2.5.5.8 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: From-Entry +adminDescription: From-Entry +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: fromEntry +schemaIDGUID: 9a7ad949-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=Trust-Parent,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.471 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Trust-Parent +oMObjectClass:: KwwCh3McAIVK +adminDescription: Trust-Parent +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: trustParent +schemaIDGUID: b000ea7a-a086-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Ipsec-Data-Type,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.622 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Data-Type +adminDescription: Ipsec-Data-Type +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: ipsecDataType +schemaIDGUID: b40ff81e-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Ipsec-Data,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.623 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Data +adminDescription: Ipsec-Data +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: ipsecData +schemaIDGUID: b40ff81f-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=RID-Manager-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.368 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: RID-Manager-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: RID-Manager-Reference +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: rIDManagerReference +schemaIDGUID: 66171886-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=Lockout-Threshold,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.73 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeUpper: 65535 +showInAdvancedViewOnly: TRUE +adminDisplayName: Lockout-Threshold +adminDescription: Lockout-Threshold +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: lockoutThreshold +schemaIDGUID: bf9679a6-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: c7407360-20bf-11d0-a768-00aa006e0529 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Desktop-Profile,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.346 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Desktop-Profile +adminDescription: Desktop-Profile +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: desktopProfile +schemaIDGUID: eea65906-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Text-Country,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.131 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 128 +mAPIID: 14886 +showInAdvancedViewOnly: TRUE +adminDisplayName: Text-Country +adminDescription: Text-Country +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: co +schemaIDGUID: f0f8ffa7-1191-11d0-a060-00aa006c33ed +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Teletex-Terminal-Identifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.22 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +mAPIID: 33091 +showInAdvancedViewOnly: TRUE +adminDisplayName: Teletex-Terminal-Identifier +adminDescription: Teletex-Terminal-Identifier +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: teletexTerminalIdentifier +schemaIDGUID: bf967a4a-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Telex-Primary,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.648 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 64 +showInAdvancedViewOnly: TRUE +adminDisplayName: Telex-Primary +adminDescription: Telex-Primary +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: primaryTelexNumber +schemaIDGUID: 0296c121-40da-11d1-a9c0-0000f80367c1 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Manager,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.10 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +mAPIID: 32773 +linkID: 42 +showInAdvancedViewOnly: TRUE +adminDisplayName: Manager +oMObjectClass:: KwwCh3McAIVK +adminDescription: Manager +oMSyntax: 127 +searchFlags: 16 +lDAPDisplayName: manager +schemaIDGUID: bf9679b5-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Physical-Location-Object,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.514 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Physical-Location-Object +oMObjectClass:: KwwCh3McAIVK +adminDescription: Physical-Location-Object +oMSyntax: 127 +searchFlags: 1 +lDAPDisplayName: physicalLocationObject +schemaIDGUID: b7b13119-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-Az-Major-Version,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1824 +attributeSyntax: 2.5.5.9 +isSingleValued: TRUE +rangeLower: 1 +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Major-Version +adminDescription: Major version number for AzRoles +oMSyntax: 2 +searchFlags: 0 +lDAPDisplayName: msDS-AzMajorVersion +schemaIDGUID: cfb9adb7-c4b7-4059-9568-1ed9db6b7248 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Sub-Class-Of,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.21 +attributeSyntax: 2.5.5.2 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Sub-Class-Of +adminDescription: Sub-Class-Of +oMSyntax: 6 +searchFlags: 8 +lDAPDisplayName: subClassOf +schemaIDGUID: bf967a3b-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=System-Must-Contain,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.197 +attributeSyntax: 2.5.5.2 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: System-Must-Contain +adminDescription: System-Must-Contain +oMSyntax: 6 +searchFlags: 0 +lDAPDisplayName: systemMustContain +schemaIDGUID: bf967a45-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=roomNumber,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.6 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: FALSE +adminDisplayName: roomNumber +adminDescription: The room number of an object. +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: roomNumber +schemaIDGUID: 81d7f8c2-e327-4a0d-91c6-b42d4009115f +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Employee-Type,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.613 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 256 +mAPIID: 35945 +showInAdvancedViewOnly: TRUE +adminDisplayName: Employee-Type +adminDescription: Employee-Type +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: employeeType +schemaIDGUID: a8df73f0-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Current-Value,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.27 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Current-Value +adminDescription: Current-Value +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: currentValue +schemaIDGUID: bf967947-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=DIT-Content-Rules,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.21.2 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: DIT-Content-Rules +adminDescription: DIT-Content-Rules +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: dITContentRules +schemaIDGUID: 9a7ad946-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +systemFlags: 134217748 + +dn: CN=GPC-Machine-Extension-Names,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1348 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: GPC-Machine-Extension-Names +adminDescription: GPC-Machine-Extension-Names +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: gPCMachineExtensionNames +schemaIDGUID: 32ff8ecc-783f-11d2-9916-0000f87a57d4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=USN-Created,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.19 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +mAPIID: 33108 +showInAdvancedViewOnly: TRUE +adminDisplayName: USN-Created +adminDescription: USN-Created +oMSyntax: 65 +searchFlags: 9 +lDAPDisplayName: uSNCreated +schemaIDGUID: bf967a70-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Sub-Refs,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.7 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 33083 +showInAdvancedViewOnly: TRUE +adminDisplayName: Sub-Refs +oMObjectClass:: KwwCh3McAIVK +adminDescription: Sub-Refs +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: subRefs +schemaIDGUID: bf967a3c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Proxy-Addresses,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.210 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 1123 +mAPIID: 32783 +showInAdvancedViewOnly: TRUE +adminDisplayName: Proxy-Addresses +adminDescription: Proxy-Addresses +oMSyntax: 64 +searchFlags: 5 +lDAPDisplayName: proxyAddresses +schemaIDGUID: bf967a06-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Superior-DNS-Root,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.532 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Superior-DNS-Root +adminDescription: Superior-DNS-Root +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: superiorDNSRoot +schemaIDGUID: 5245801d-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Root-Trust,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.674 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Root-Trust +oMObjectClass:: KwwCh3McAIVK +adminDescription: Root-Trust +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: rootTrust +schemaIDGUID: 7bfdcb80-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Shell-Context-Menu,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.615 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Shell-Context-Menu +adminDescription: Shell-Context-Menu +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: shellContextMenu +schemaIDGUID: 553fd039-f32e-11d0-b0bc-00c04fd8dca6 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Class-Display-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.610 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Class-Display-Name +adminDescription: Class-Display-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: classDisplayName +schemaIDGUID: 548e1c22-dea6-11d0-b010-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Ipsec-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.620 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Name +adminDescription: Ipsec-Name +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: ipsecName +schemaIDGUID: b40ff81c-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=CA-Certificate,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.37 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeLower: 1 +rangeUpper: 32768 +mAPIID: 32771 +showInAdvancedViewOnly: TRUE +adminDisplayName: CA-Certificate +adminDescription: CA-Certificate +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: cACertificate +schemaIDGUID: bf967932-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Ipsec-Negotiation-Policy-Reference,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.628 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Negotiation-Policy-Reference +oMObjectClass:: KwwCh3McAIVK +adminDescription: Ipsec-Negotiation-Policy-Reference +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: ipsecNegotiationPolicyReference +schemaIDGUID: b40ff822-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MHS-OR-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.650 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: MHS-OR-Address +adminDescription: MHS-OR-Address +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: mhsORAddress +schemaIDGUID: 0296c122-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Nt-Pwd-History,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.94 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Nt-Pwd-History +adminDescription: Nt-Pwd-History +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: ntPwdHistory +schemaIDGUID: bf9679e2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=SMTP-Mail-Address,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.786 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: SMTP-Mail-Address +adminDescription: SMTP-Mail-Address +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: mailAddress +schemaIDGUID: 26d9736f-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Foreign-Identifier,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.356 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Foreign-Identifier +adminDescription: Foreign-Identifier +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: foreignIdentifier +schemaIDGUID: 3e97891e-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=USN-Changed,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.120 +attributeSyntax: 2.5.5.16 +isSingleValued: TRUE +mAPIID: 32809 +showInAdvancedViewOnly: TRUE +adminDisplayName: USN-Changed +adminDescription: USN-Changed +oMSyntax: 65 +searchFlags: 9 +lDAPDisplayName: uSNChanged +schemaIDGUID: bf967a6f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Reps-From,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.91 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: Reps-From +oMObjectClass:: KoZIhvcUAQEBBg== +adminDescription: Reps-From +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: repsFrom +schemaIDGUID: bf967a1d-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 19 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=Other-Well-Known-Objects,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1359 +attributeSyntax: 2.5.5.7 +isSingleValued: FALSE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: Other-Well-Known-Objects +oMObjectClass:: KoZIhvcUAQEBCw== +adminDescription: Other-Well-Known-Objects +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: otherWellKnownObjects +schemaIDGUID: 1ea64e5d-ac0f-11d2-90df-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=ms-DS-NC-Repl-Cursors,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1704 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-NC-Repl-Cursors +adminDescription: ms-DS-NC-Repl-Cursors +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-NCReplCursors +schemaIDGUID: 8a167ce4-f9e8-47eb-8d78-f7fe80abb2cc +systemOnly: FALSE +systemFlags: 20 + +dn: CN=Managed-Objects,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.654 +attributeSyntax: 2.5.5.1 +isSingleValued: FALSE +mAPIID: 32804 +linkID: 73 +showInAdvancedViewOnly: TRUE +adminDisplayName: Managed-Objects +oMObjectClass:: KwwCh3McAIVK +adminDescription: Managed-Objects +oMSyntax: 127 +searchFlags: 0 +lDAPDisplayName: managedObjects +schemaIDGUID: 0296c124-40da-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +systemFlags: 17 + +dn: CN=ms-DS-Allowed-DNS-Suffixes,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1710 +attributeSyntax: 2.5.5.12 +isSingleValued: FALSE +rangeLower: 0 +rangeUpper: 2048 +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Allowed-DNS-Suffixes +adminDescription: Allowed suffixes for dNSHostName on computer +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: msDS-AllowedDNSSuffixes +schemaIDGUID: 8469441b-9ac4-4e45-8205-bd219dbf672d +systemOnly: FALSE +systemFlags: 16 + +dn: CN=NC-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.2.16 +attributeSyntax: 2.5.5.1 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: NC-Name +oMObjectClass:: KwwCh3McAIVK +adminDescription: NC-Name +oMSyntax: 127 +searchFlags: 8 +lDAPDisplayName: nCName +schemaIDGUID: bf9679d6-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemFlags: 16 + +dn: CN=NETBIOS-Name,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.87 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +rangeLower: 1 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: NETBIOS-Name +adminDescription: NETBIOS-Name +oMSyntax: 64 +searchFlags: 1 +lDAPDisplayName: nETBIOSName +schemaIDGUID: bf9679d8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Query-Filter,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1355 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Query-Filter +adminDescription: Query-Filter +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: queryFilter +schemaIDGUID: cbf70a26-7e78-11d2-9921-0000f87a57d4 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Preferred-Delivery-Method,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 2.5.4.28 +attributeSyntax: 2.5.5.9 +isSingleValued: FALSE +mAPIID: 33037 +showInAdvancedViewOnly: TRUE +adminDisplayName: Preferred-Delivery-Method +adminDescription: Preferred-Delivery-Method +oMSyntax: 10 +searchFlags: 0 +lDAPDisplayName: preferredDeliveryMethod +schemaIDGUID: bf9679fe-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MSMQ-Site-Foreign,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.961 +attributeSyntax: 2.5.5.8 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Site-Foreign +adminDescription: MSMQ-Site-Foreign +oMSyntax: 1 +searchFlags: 0 +lDAPDisplayName: mSMQSiteForeign +schemaIDGUID: fd129d8a-d57e-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=audio,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 0.9.2342.19200300.100.1.55 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeUpper: 250000 +showInAdvancedViewOnly: FALSE +adminDisplayName: audio +adminDescription: The Audio attribute type allows the storing of sounds in the Directory. +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: audio +schemaIDGUID: d0e1d224-e1a0-42ce-a2da-793ba5244f35 +systemOnly: FALSE +systemFlags: 0 + +dn: CN=Script-Path,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.62 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Script-Path +adminDescription: Script-Path +oMSyntax: 64 +searchFlags: 16 +lDAPDisplayName: scriptPath +schemaIDGUID: bf9679a8-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=MSMQ-Digests,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.948 +attributeSyntax: 2.5.5.10 +isSingleValued: FALSE +rangeLower: 16 +rangeUpper: 16 +showInAdvancedViewOnly: TRUE +adminDisplayName: MSMQ-Digests +adminDescription: MSMQ-Digests +oMSyntax: 4 +searchFlags: 1 +lDAPDisplayName: mSMQDigests +schemaIDGUID: 9a0dc33c-c100-11d1-bbc5-0080c76670c0 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 +isMemberOfPartialAttributeSet: TRUE + +dn: CN=ms-DS-Cached-Membership,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.1441 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: ms-DS-Cached-Membership +adminDescription: ms-DS-Cached-Membership +oMSyntax: 4 +searchFlags: 0 +lDAPDisplayName: msDS-Cached-Membership +schemaIDGUID: 69cab008-cdd4-4bc9-bab8-0ff37efe1b20 +systemOnly: FALSE +systemFlags: 17 + +dn: CN=Logon-Hours,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.64 +attributeSyntax: 2.5.5.10 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: Logon-Hours +adminDescription: Logon-Hours +oMSyntax: 4 +searchFlags: 16 +lDAPDisplayName: logonHours +schemaIDGUID: bf9679ab-0de6-11d0-a285-00aa003049e2 +attributeSecurityGUID: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemOnly: FALSE +systemFlags: 16 + +dn: CN=GPC-File-Sys-Path,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +attributeID: 1.2.840.113556.1.4.894 +attributeSyntax: 2.5.5.12 +isSingleValued: TRUE +showInAdvancedViewOnly: TRUE +adminDisplayName: GPC-File-Sys-Path +adminDescription: GPC-File-Sys-Path +oMSyntax: 64 +searchFlags: 0 +lDAPDisplayName: gPCFileSysPath +schemaIDGUID: f30e3bc1-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +systemFlags: 16 + +dn: CN=Top,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 2.5.6.0 +mayContain: msDS-ObjectReferenceBL +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Top +adminDescription: Top +objectClassCategory: 2 +lDAPDisplayName: top +schemaIDGUID: bf967ab7-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemPossSuperiors: lostAndFound +systemMayContain: url +systemMayContain: wWWHomePage +systemMayContain: whenCreated +systemMayContain: whenChanged +systemMayContain: wellKnownObjects +systemMayContain: wbemPath +systemMayContain: uSNSource +systemMayContain: uSNLastObjRem +systemMayContain: USNIntersite +systemMayContain: uSNDSALastObjRemoved +systemMayContain: uSNCreated +systemMayContain: uSNChanged +systemMayContain: systemFlags +systemMayContain: subSchemaSubEntry +systemMayContain: subRefs +systemMayContain: structuralObjectClass +systemMayContain: siteObjectBL +systemMayContain: serverReferenceBL +systemMayContain: sDRightsEffective +systemMayContain: revision +systemMayContain: repsTo +systemMayContain: repsFrom +systemMayContain: directReports +systemMayContain: replUpToDateVector +systemMayContain: replPropertyMetaData +systemMayContain: name +systemMayContain: queryPolicyBL +systemMayContain: proxyAddresses +systemMayContain: proxiedObjectName +systemMayContain: possibleInferiors +systemMayContain: partialAttributeSet +systemMayContain: partialAttributeDeletionList +systemMayContain: otherWellKnownObjects +systemMayContain: objectVersion +systemMayContain: objectGUID +systemMayContain: distinguishedName +systemMayContain: nonSecurityMemberBL +systemMayContain: netbootSCPBL +systemMayContain: ownerBL +systemMayContain: msDS-ReplValueMetaData +systemMayContain: msDS-ReplAttributeMetaData +systemMayContain: msDS-NonMembersBL +systemMayContain: msDS-NCReplOutboundNeighbors +systemMayContain: msDS-NCReplInboundNeighbors +systemMayContain: msDS-NCReplCursors +systemMayContain: msDS-TasksForAzRoleBL +systemMayContain: msDS-TasksForAzTaskBL +systemMayContain: msDS-OperationsForAzRoleBL +systemMayContain: msDS-OperationsForAzTaskBL +systemMayContain: msDS-MembersForAzRoleBL +systemMayContain: msDs-masteredBy +systemMayContain: mS-DS-ConsistencyGuid +systemMayContain: mS-DS-ConsistencyChildCount +systemMayContain: msDS-Approx-Immed-Subordinates +systemMayContain: msCOM-PartitionSetLink +systemMayContain: msCOM-UserLink +systemMayContain: modifyTimeStamp +systemMayContain: masteredBy +systemMayContain: managedObjects +systemMayContain: lastKnownParent +systemMayContain: isPrivilegeHolder +systemMayContain: memberOf +systemMayContain: isDeleted +systemMayContain: isCriticalSystemObject +systemMayContain: showInAdvancedViewOnly +systemMayContain: fSMORoleOwner +systemMayContain: fRSMemberReferenceBL +systemMayContain: frsComputerReferenceBL +systemMayContain: fromEntry +systemMayContain: flags +systemMayContain: extensionName +systemMayContain: dSASignature +systemMayContain: dSCorePropagationData +systemMayContain: displayNamePrintable +systemMayContain: displayName +systemMayContain: description +systemMayContain: createTimeStamp +systemMayContain: cn +systemMayContain: canonicalName +systemMayContain: bridgeheadServerListBL +systemMayContain: allowedChildClassesEffective +systemMayContain: allowedChildClasses +systemMayContain: allowedAttributesEffective +systemMayContain: allowedAttributes +systemMayContain: adminDisplayName +systemMayContain: adminDescription +systemMustContain: objectClass +systemMustContain: objectCategory +systemMustContain: nTSecurityDescriptor +systemMustContain: instanceType +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Top,${SCHEMADN} + +dn: CN=Ipsec-ISAKMP-Policy,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: ipsecBase +governsID: 1.2.840.113556.1.5.120 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-ISAKMP-Policy +adminDescription: Ipsec-ISAKMP-Policy +objectClassCategory: 1 +lDAPDisplayName: ipsecISAKMPPolicy +schemaIDGUID: b40ff828-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: container +systemPossSuperiors: computer +systemPossSuperiors: organizationalUnit +defaultSecurityDescriptor: D: +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Ipsec-ISAKMP-Policy,${SCHEMADN} + +dn: CN=Domain-DNS,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: domain +governsID: 1.2.840.113556.1.5.67 +possibleInferiors: group +possibleInferiors: lostAndFound +possibleInferiors: builtinDomain +possibleInferiors: computer +possibleInferiors: user +possibleInferiors: container +possibleInferiors: groupPolicyContainer +possibleInferiors: organization +possibleInferiors: domainDNS +possibleInferiors: locality +possibleInferiors: msDS-AzAdminManager +possibleInferiors: country +possibleInferiors: organizationalUnit +rDNAttID: dc +showInAdvancedViewOnly: TRUE +adminDisplayName: Domain-DNS +adminDescription: Domain-DNS +objectClassCategory: 1 +lDAPDisplayName: domainDNS +schemaIDGUID: 19195a5b-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +systemPossSuperiors: domainDNS +systemMayContain: msDS-Behavior-Version +systemMayContain: msDS-AllowedDNSSuffixes +systemMayContain: managedBy +systemAuxiliaryClass: samDomain +defaultSecurityDescriptor: D:(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;;RP;c7407360-20bf-11d0-a768-00aa006e0529;;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RPRC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(A;;LCRPLORC;;;ED)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RPLCLORC;;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;AU)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;DD)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;CR;280f369c-67c7-438e-ae98-1d46f3c6f541;;AU)(OA;;CR;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;AU)(OA;;CR;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;AU)S:(AU;SA;WDWOWP;;;WD)(AU;SA;CR;;;BA)(AU;SA;CR;;;DU)(OU;CISA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Domain-DNS,${SCHEMADN} + +dn: CN=ms-DS-Az-Application,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.235 +possibleInferiors: group +possibleInferiors: container +possibleInferiors: msDS-AzScope +possibleInferiors: groupPolicyContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Application +adminDescription: Defines an installed instance of an application bound to a particular policy store. +objectClassCategory: 1 +lDAPDisplayName: msDS-AzApplication +schemaIDGUID: ddf8de9b-cba5-4e12-842e-28d8b66f75ec +systemOnly: FALSE +systemPossSuperiors: msDS-AzAdminManager +systemMayContain: msDS-AzApplicationData +systemMayContain: msDS-AzGenerateAudits +systemMayContain: msDS-AzApplicationVersion +systemMayContain: msDS-AzClassId +systemMayContain: msDS-AzApplicationName +systemMayContain: description +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=ms-DS-Az-Application,${SCHEMADN} + +dn: CN=Builtin-Domain,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.4 +possibleInferiors: group +possibleInferiors: computer +possibleInferiors: user +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Builtin-Domain +adminDescription: Builtin-Domain +objectClassCategory: 1 +lDAPDisplayName: builtinDomain +schemaIDGUID: bf967a81-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: domainDNS +systemAuxiliaryClass: samDomainBase +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Builtin-Domain,${SCHEMADN} + +dn: CN=Infrastructure-Update,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.175 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Infrastructure-Update +adminDescription: Infrastructure-Update +objectClassCategory: 1 +lDAPDisplayName: infrastructureUpdate +schemaIDGUID: 2df90d89-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +systemPossSuperiors: infrastructureUpdate +systemPossSuperiors: domain +systemMayContain: dNReferenceUpdate +defaultSecurityDescriptor: D:(A;;GA;;;SY) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Infrastructure-Update,${SCHEMADN} + +dn: CN=Configuration,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.12 +possibleInferiors: lostAndFound +possibleInferiors: sitesContainer +possibleInferiors: container +possibleInferiors: groupPolicyContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Configuration +adminDescription: Configuration +objectClassCategory: 1 +lDAPDisplayName: configuration +schemaIDGUID: bf967a87-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemPossSuperiors: domainDNS +systemMayContain: gPOptions +systemMayContain: gPLink +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Configuration,${SCHEMADN} + +dn: CN=Cross-Ref,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.3.11 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Cross-Ref +adminDescription: Cross-Ref +objectClassCategory: 1 +lDAPDisplayName: crossRef +schemaIDGUID: bf967a8d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: crossRefContainer +systemMayContain: trustParent +systemMayContain: superiorDNSRoot +systemMayContain: rootTrust +systemMayContain: nTMixedDomain +systemMayContain: nETBIOSName +systemMayContain: Enabled +systemMayContain: msDS-SDReferenceDomain +systemMayContain: msDS-Replication-Notify-Subsequent-DSA-Delay +systemMayContain: msDS-Replication-Notify-First-DSA-Delay +systemMayContain: msDS-NC-Replica-Locations +systemMayContain: msDS-DnsRootAlias +systemMayContain: msDS-Behavior-Version +systemMustContain: nCName +systemMustContain: dnsRoot +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Cross-Ref,${SCHEMADN} + +dn: CN=RID-Manager,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.83 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: RID-Manager +adminDescription: RID-Manager +objectClassCategory: 1 +lDAPDisplayName: rIDManager +schemaIDGUID: 6617188d-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +systemPossSuperiors: container +systemMustContain: rIDAvailablePool +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)S:(AU;SA;CRWP;;;WD) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=RID-Manager,${SCHEMADN} + +dn: CN=Display-Specifier,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.84 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Display-Specifier +adminDescription: Display-Specifier +objectClassCategory: 1 +lDAPDisplayName: displaySpecifier +schemaIDGUID: e0fa1e8a-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: treatAsLeaf +systemMayContain: shellPropertyPages +systemMayContain: shellContextMenu +systemMayContain: scopeFlags +systemMayContain: queryFilter +systemMayContain: iconPath +systemMayContain: extraColumns +systemMayContain: creationWizard +systemMayContain: createWizardExt +systemMayContain: createDialog +systemMayContain: contextMenu +systemMayContain: classDisplayName +systemMayContain: attributeDisplayNames +systemMayContain: adminPropertyPages +systemMayContain: adminMultiselectPropertyPages +systemMayContain: adminContextMenu +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Display-Specifier,${SCHEMADN} + +dn: CN=Ipsec-Base,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.7000.56 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Base +adminDescription: Ipsec-Base +objectClassCategory: 2 +lDAPDisplayName: ipsecBase +schemaIDGUID: b40ff825-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemMayContain: ipsecOwnersReference +systemMayContain: ipsecName +systemMayContain: ipsecID +systemMayContain: ipsecDataType +systemMayContain: ipsecData +defaultSecurityDescriptor: D: +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Ipsec-Base,${SCHEMADN} + +dn: CN=ms-DS-Az-Scope,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.237 +possibleInferiors: group +possibleInferiors: container +possibleInferiors: groupPolicyContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Scope +adminDescription: Describes a set of objects managed by an application +objectClassCategory: 1 +lDAPDisplayName: msDS-AzScope +schemaIDGUID: 4feae054-ce55-47bb-860e-5b12063a51de +systemOnly: FALSE +systemPossSuperiors: msDS-AzApplication +systemMayContain: msDS-AzApplicationData +systemMayContain: description +systemMustContain: msDS-AzScopeName +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=ms-DS-Az-Scope,${SCHEMADN} + +dn: CN=Locality,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 2.5.6.3 +possibleInferiors: organization +possibleInferiors: locality +rDNAttID: l +showInAdvancedViewOnly: TRUE +adminDisplayName: Locality +adminDescription: Locality +objectClassCategory: 1 +lDAPDisplayName: locality +schemaIDGUID: bf967aa0-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: domainDNS +systemPossSuperiors: country +systemPossSuperiors: organizationalUnit +systemPossSuperiors: organization +systemPossSuperiors: locality +systemMayContain: street +systemMayContain: st +systemMayContain: seeAlso +systemMayContain: searchGuide +systemMustContain: l +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Locality,${SCHEMADN} + +dn: CN=Cross-Ref-Container,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.7000.53 +possibleInferiors: crossRef +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Cross-Ref-Container +adminDescription: Cross-Ref-Container +objectClassCategory: 1 +lDAPDisplayName: crossRefContainer +schemaIDGUID: ef9e60e0-56f7-11d1-a9c6-0000f80367c1 +systemOnly: TRUE +systemPossSuperiors: configuration +systemMayContain: msDS-SPNSuffixes +systemMayContain: uPNSuffixes +systemMayContain: msDS-UpdateScript +systemMayContain: msDS-ExecuteScriptPassword +systemMayContain: msDS-Behavior-Version +defaultSecurityDescriptor: D:(A;;GA;;;SY) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Cross-Ref-Container,${SCHEMADN} + +dn: CN=Query-Policy,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.106 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Query-Policy +adminDescription: Query-Policy +objectClassCategory: 1 +lDAPDisplayName: queryPolicy +schemaIDGUID: 83cc7075-cca7-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: lDAPIPDenyList +systemMayContain: lDAPAdminLimits +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Query-Policy,${SCHEMADN} + +dn: CN=Subnet-Container,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.95 +possibleInferiors: subnet +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Subnet-Container +adminDescription: Subnet-Container +objectClassCategory: 1 +lDAPDisplayName: subnetContainer +schemaIDGUID: b7b13125-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: sitesContainer +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Subnet-Container,${SCHEMADN} + +dn: CN=NTDS-DSA,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: applicationSettings +governsID: 1.2.840.113556.1.5.7000.47 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: NTDS-DSA +adminDescription: NTDS-DSA +objectClassCategory: 1 +lDAPDisplayName: nTDSDSA +schemaIDGUID: f0f8ffab-1191-11d0-a060-00aa006c33ed +systemOnly: TRUE +systemPossSuperiors: organization +systemPossSuperiors: server +systemMayContain: serverReference +systemMayContain: msDS-RetiredReplNCSignatures +systemMayContain: retiredReplDSASignatures +systemMayContain: queryPolicyObject +systemMayContain: options +systemMayContain: networkAddress +systemMayContain: msDS-ReplicationEpoch +systemMayContain: msDS-HasInstantiatedNCs +systemMayContain: msDS-hasMasterNCs +systemMayContain: msDS-HasDomainNCs +systemMayContain: msDS-Behavior-Version +systemMayContain: managedBy +systemMayContain: lastBackupRestorationTime +systemMayContain: invocationId +systemMayContain: hasPartialReplicaNCs +systemMayContain: hasMasterNCs +systemMayContain: fRSRootPath +systemMayContain: dMDLocation +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=NTDS-DSA,${SCHEMADN} + +dn: CN=Sam-Domain,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.3 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Sam-Domain +adminDescription: Sam-Domain +objectClassCategory: 3 +lDAPDisplayName: samDomain +schemaIDGUID: bf967a90-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemMayContain: treeName +systemMayContain: rIDManagerReference +systemMayContain: replicaSource +systemMayContain: pwdProperties +systemMayContain: pwdHistoryLength +systemMayContain: privateKey +systemMayContain: pekList +systemMayContain: pekKeyChangeInterval +systemMayContain: nTMixedDomain +systemMayContain: nextRid +systemMayContain: nETBIOSName +systemMayContain: msDS-PerUserTrustTombstonesQuota +systemMayContain: msDS-PerUserTrustQuota +systemMayContain: ms-DS-MachineAccountQuota +systemMayContain: msDS-LogonTimeSyncInterval +systemMayContain: msDS-AllUsersTrustQuota +systemMayContain: modifiedCountAtLastProm +systemMayContain: minPwdLength +systemMayContain: minPwdAge +systemMayContain: maxPwdAge +systemMayContain: lSAModifiedCount +systemMayContain: lSACreationTime +systemMayContain: lockoutThreshold +systemMayContain: lockoutDuration +systemMayContain: lockOutObservationWindow +systemMayContain: gPOptions +systemMayContain: gPLink +systemMayContain: eFSPolicy +systemMayContain: domainPolicyObject +systemMayContain: desktopProfile +systemMayContain: description +systemMayContain: defaultLocalPolicyObject +systemMayContain: creationTime +systemMayContain: controlAccessRights +systemMayContain: cACertificate +systemMayContain: builtinModifiedCount +systemMayContain: builtinCreationTime +systemMayContain: auditingPolicy +systemAuxiliaryClass: samDomainBase +defaultSecurityDescriptor: D:(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;;RP;c7407360-20bf-11d0-a768-00aa006e0529;;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RPRC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(A;;LCRPLORC;;;ED)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RPLCLORC;;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;AU)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;DD)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;CR;280f369c-67c7-438e-ae98-1d46f3c6f541;;AU)(OA;;CR;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;AU)(OA;;CR;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;AU)S:(AU;SA;WDWOWP;;;WD)(AU;SA;CR;;;BA)(AU;SA;CR;;;DU)(OU;CISA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Sam-Domain,${SCHEMADN} + +dn: CN=Sam-Domain-Base,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.2 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Sam-Domain-Base +adminDescription: Sam-Domain-Base +objectClassCategory: 3 +lDAPDisplayName: samDomainBase +schemaIDGUID: bf967a91-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemMayContain: uASCompat +systemMayContain: serverState +systemMayContain: serverRole +systemMayContain: revision +systemMayContain: pwdProperties +systemMayContain: pwdHistoryLength +systemMayContain: oEMInformation +systemMayContain: objectSid +systemMayContain: nTSecurityDescriptor +systemMayContain: nextRid +systemMayContain: modifiedCountAtLastProm +systemMayContain: modifiedCount +systemMayContain: minPwdLength +systemMayContain: minPwdAge +systemMayContain: maxPwdAge +systemMayContain: lockoutThreshold +systemMayContain: lockoutDuration +systemMayContain: lockOutObservationWindow +systemMayContain: forceLogoff +systemMayContain: domainReplica +systemMayContain: creationTime +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Sam-Domain-Base,${SCHEMADN} + +dn: CN=Country,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 2.5.6.2 +possibleInferiors: organization +possibleInferiors: locality +possibleInferiors: organizationalUnit +rDNAttID: c +showInAdvancedViewOnly: TRUE +adminDisplayName: Country +adminDescription: Country +objectClassCategory: 0 +lDAPDisplayName: country +schemaIDGUID: bf967a8c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: domainDNS +systemPossSuperiors: organization +systemMayContain: co +systemMayContain: searchGuide +systemMustContain: c +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Country,${SCHEMADN} + +dn: CN=Organizational-Unit,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 2.5.6.5 +possibleInferiors: group +possibleInferiors: computer +possibleInferiors: user +possibleInferiors: container +possibleInferiors: groupPolicyContainer +possibleInferiors: person +possibleInferiors: ipsecNFA +possibleInferiors: locality +possibleInferiors: msDS-AzAdminManager +possibleInferiors: organizationalUnit +possibleInferiors: ipsecPolicy +possibleInferiors: organizationalPerson +possibleInferiors: ipsecISAKMPPolicy +rDNAttID: ou +showInAdvancedViewOnly: TRUE +adminDisplayName: Organizational-Unit +adminDescription: Organizational-Unit +objectClassCategory: 1 +lDAPDisplayName: organizationalUnit +schemaIDGUID: bf967aa5-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: country +systemPossSuperiors: organization +systemPossSuperiors: organizationalUnit +systemPossSuperiors: domainDNS +systemMayContain: x121Address +systemMayContain: userPassword +systemMayContain: uPNSuffixes +systemMayContain: co +systemMayContain: telexNumber +systemMayContain: teletexTerminalIdentifier +systemMayContain: telephoneNumber +systemMayContain: street +systemMayContain: st +systemMayContain: seeAlso +systemMayContain: searchGuide +systemMayContain: registeredAddress +systemMayContain: preferredDeliveryMethod +systemMayContain: postalCode +systemMayContain: postalAddress +systemMayContain: postOfficeBox +systemMayContain: physicalDeliveryOfficeName +systemMayContain: msCOM-UserPartitionSetLink +systemMayContain: managedBy +systemMayContain: thumbnailLogo +systemMayContain: l +systemMayContain: internationalISDNNumber +systemMayContain: gPOptions +systemMayContain: gPLink +systemMayContain: facsimileTelephoneNumber +systemMayContain: destinationIndicator +systemMayContain: desktopProfile +systemMayContain: defaultGroup +systemMayContain: countryCode +systemMayContain: c +systemMayContain: businessCategory +systemMustContain: ou +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(OA;;CCDC;bf967a86-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967aba-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967a9c-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967aa8-0de6-11d0-a285-00aa003049e2;;PO)(A;;RPLCLORC;;;AU)(A;;LCRPLORC;;;ED)(OA;;CCDC;4828CC14-1437-45bc-9B07-AD6F015E5F28;;AO) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Organizational-Unit,${SCHEMADN} + +dn: CN=Ipsec-NFA,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: ipsecBase +governsID: 1.2.840.113556.1.5.121 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-NFA +adminDescription: Ipsec-NFA +objectClassCategory: 1 +lDAPDisplayName: ipsecNFA +schemaIDGUID: b40ff829-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: container +systemPossSuperiors: computer +systemPossSuperiors: organizationalUnit +systemMayContain: ipsecNegotiationPolicyReference +systemMayContain: ipsecFilterReference +defaultSecurityDescriptor: D: +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Ipsec-NFA,${SCHEMADN} + +dn: CN=Lost-And-Found,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.139 +possibleInferiors: group +possibleInferiors: msDS-AzApplication +possibleInferiors: lostAndFound +possibleInferiors: trustedDomain +possibleInferiors: subnetContainer +possibleInferiors: builtinDomain +possibleInferiors: sitesContainer +possibleInferiors: serversContainer +possibleInferiors: attributeSchema +possibleInferiors: classSchema +possibleInferiors: computer +possibleInferiors: foreignSecurityPrincipal +possibleInferiors: user +possibleInferiors: container +possibleInferiors: msDS-AzScope +possibleInferiors: groupPolicyContainer +possibleInferiors: site +possibleInferiors: organization +possibleInferiors: domainDNS +possibleInferiors: person +possibleInferiors: ipsecNFA +possibleInferiors: queryPolicy +possibleInferiors: locality +possibleInferiors: subnet +possibleInferiors: msDS-AzAdminManager +possibleInferiors: crossRef +possibleInferiors: displaySpecifier +possibleInferiors: nTDSService +possibleInferiors: country +possibleInferiors: organizationalUnit +possibleInferiors: secret +possibleInferiors: ipsecPolicy +possibleInferiors: organizationalPerson +possibleInferiors: server +possibleInferiors: ipsecISAKMPPolicy +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Lost-And-Found +adminDescription: Lost-And-Found +objectClassCategory: 1 +lDAPDisplayName: lostAndFound +schemaIDGUID: 52ab8671-5709-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: configuration +systemPossSuperiors: domainDNS +systemPossSuperiors: dMD +systemMayContain: moveTreeState +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Lost-And-Found,${SCHEMADN} + +dn: CN=Organizational-Person,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: person +governsID: 2.5.6.7 +mayContain: houseIdentifier +mayContain: msExchHouseIdentifier +mayContain: homePostalAddress +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Organizational-Person +adminDescription: Organizational-Person +objectClassCategory: 0 +lDAPDisplayName: organizationalPerson +schemaIDGUID: bf967aa4-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: organizationalUnit +systemPossSuperiors: organization +systemPossSuperiors: container +systemMayContain: x121Address +systemMayContain: comment +systemMayContain: title +systemMayContain: co +systemMayContain: primaryTelexNumber +systemMayContain: telexNumber +systemMayContain: teletexTerminalIdentifier +systemMayContain: street +systemMayContain: st +systemMayContain: registeredAddress +systemMayContain: preferredDeliveryMethod +systemMayContain: postalCode +systemMayContain: postalAddress +systemMayContain: postOfficeBox +systemMayContain: thumbnailPhoto +systemMayContain: physicalDeliveryOfficeName +systemMayContain: pager +systemMayContain: otherPager +systemMayContain: otherTelephone +systemMayContain: mobile +systemMayContain: otherMobile +systemMayContain: primaryInternationalISDNNumber +systemMayContain: ipPhone +systemMayContain: otherIpPhone +systemMayContain: otherHomePhone +systemMayContain: homePhone +systemMayContain: otherFacsimileTelephoneNumber +systemMayContain: personalTitle +systemMayContain: middleName +systemMayContain: otherMailbox +systemMayContain: ou +systemMayContain: o +systemMayContain: mhsORAddress +systemMayContain: msDS-AllowedToDelegateTo +systemMayContain: manager +systemMayContain: thumbnailLogo +systemMayContain: l +systemMayContain: internationalISDNNumber +systemMayContain: initials +systemMayContain: givenName +systemMayContain: generationQualifier +systemMayContain: facsimileTelephoneNumber +systemMayContain: employeeID +systemMayContain: mail +systemMayContain: division +systemMayContain: destinationIndicator +systemMayContain: department +systemMayContain: c +systemMayContain: countryCode +systemMayContain: company +systemMayContain: assistant +systemMayContain: streetAddress +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Person,${SCHEMADN} + +dn: CN=Attribute-Schema,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.3.14 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Attribute-Schema +adminDescription: Attribute-Schema +objectClassCategory: 1 +lDAPDisplayName: attributeSchema +schemaIDGUID: bf967a80-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: dMD +systemMayContain: systemOnly +systemMayContain: searchFlags +systemMayContain: schemaFlagsEx +systemMayContain: rangeUpper +systemMayContain: rangeLower +systemMayContain: oMObjectClass +systemMayContain: msDs-Schema-Extensions +systemMayContain: msDS-IntId +systemMayContain: mAPIID +systemMayContain: linkID +systemMayContain: isMemberOfPartialAttributeSet +systemMayContain: isEphemeral +systemMayContain: isDefunct +systemMayContain: extendedCharsAllowed +systemMayContain: classDisplayName +systemMayContain: attributeSecurityGUID +systemMustContain: schemaIDGUID +systemMustContain: oMSyntax +systemMustContain: lDAPDisplayName +systemMustContain: isSingleValued +systemMustContain: cn +systemMustContain: attributeSyntax +systemMustContain: attributeID +defaultSecurityDescriptor: D:S: +systemFlags: 134217744 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Attribute-Schema,${SCHEMADN} + +dn: CN=NTDS-Service,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.72 +possibleInferiors: container +possibleInferiors: groupPolicyContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: NTDS-Service +adminDescription: NTDS-Service +objectClassCategory: 1 +lDAPDisplayName: nTDSService +schemaIDGUID: 19195a5f-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: tombstoneLifetime +systemMayContain: sPNMappings +systemMayContain: replTopologyStayOfExecution +systemMayContain: msDS-Other-Settings +systemMayContain: garbageCollPeriod +systemMayContain: dSHeuristics +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=NTDS-Service,${SCHEMADN} + +dn: CN=Servers-Container,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.7000.48 +possibleInferiors: server +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Servers-Container +adminDescription: Servers-Container +objectClassCategory: 1 +lDAPDisplayName: serversContainer +schemaIDGUID: f780acc0-56f0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: site +defaultSecurityDescriptor: D:(A;;CC;;;BA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Servers-Container,${SCHEMADN} + +dn: CN=Computer,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: user +governsID: 1.2.840.113556.1.3.30 +possibleInferiors: ipsecNFA +possibleInferiors: ipsecPolicy +possibleInferiors: ipsecISAKMPPolicy +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Computer +adminDescription: Computer +objectClassCategory: 1 +lDAPDisplayName: computer +schemaIDGUID: bf967a86-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: container +systemPossSuperiors: organizationalUnit +systemPossSuperiors: domainDNS +systemMayContain: volumeCount +systemMayContain: siteGUID +systemMayContain: rIDSetReferences +systemMayContain: policyReplicationFlags +systemMayContain: physicalLocationObject +systemMayContain: operatingSystemVersion +systemMayContain: operatingSystemServicePack +systemMayContain: operatingSystemHotfix +systemMayContain: operatingSystem +systemMayContain: networkAddress +systemMayContain: netbootSIFFile +systemMayContain: netbootMirrorDataFile +systemMayContain: netbootMachineFilePath +systemMayContain: netbootInitialization +systemMayContain: netbootGUID +systemMayContain: msDS-AdditionalSamAccountName +systemMayContain: msDS-AdditionalDnsHostName +systemMayContain: managedBy +systemMayContain: machineRole +systemMayContain: location +systemMayContain: localPolicyFlags +systemMayContain: dNSHostName +systemMayContain: defaultLocalPolicyObject +systemMayContain: cn +systemMayContain: catalogs +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCRLCLORCSDDT;;;CO)(OA;;WP;4c164200-20c0-11d0-a768-00aa006e0529;;CO)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(A;;CCDC;;;PS)(OA;;CCDC;bf967aa8-0de6-11d0-a285-00aa003049e2;;PO)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;CO)(OA;;WP;3e0abfd0-126a-11d0-a060-00aa006c33ed;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967950-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967953-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Computer,${SCHEMADN} + +dn: CN=Person,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 2.5.6.6 +mayContain: attributeCertificateAttribute +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Person +adminDescription: Person +objectClassCategory: 0 +lDAPDisplayName: person +schemaIDGUID: bf967aa7-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: organizationalUnit +systemPossSuperiors: container +systemMayContain: userPassword +systemMayContain: telephoneNumber +systemMayContain: sn +systemMayContain: serialNumber +systemMayContain: seeAlso +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Person,${SCHEMADN} + +dn: CN=Ipsec-Policy,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: ipsecBase +governsID: 1.2.840.113556.1.5.98 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Ipsec-Policy +adminDescription: Ipsec-Policy +objectClassCategory: 1 +lDAPDisplayName: ipsecPolicy +schemaIDGUID: b7b13121-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: organizationalUnit +systemPossSuperiors: computer +systemPossSuperiors: container +systemMayContain: ipsecNFAReference +systemMayContain: ipsecISAKMPReference +defaultSecurityDescriptor: D: +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Ipsec-Policy,${SCHEMADN} + +dn: CN=Container,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.3.23 +possibleInferiors: group +possibleInferiors: trustedDomain +possibleInferiors: computer +possibleInferiors: foreignSecurityPrincipal +possibleInferiors: user +possibleInferiors: container +possibleInferiors: groupPolicyContainer +possibleInferiors: person +possibleInferiors: ipsecNFA +possibleInferiors: queryPolicy +possibleInferiors: msDS-AzAdminManager +possibleInferiors: displaySpecifier +possibleInferiors: nTDSService +possibleInferiors: secret +possibleInferiors: ipsecPolicy +possibleInferiors: organizationalPerson +possibleInferiors: ipsecISAKMPPolicy +mayContain: msDS-ObjectReference +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Container +adminDescription: Container +objectClassCategory: 1 +lDAPDisplayName: container +schemaIDGUID: bf967a8b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: msDS-AzScope +systemPossSuperiors: msDS-AzApplication +systemPossSuperiors: msDS-AzAdminManager +systemPossSuperiors: subnet +systemPossSuperiors: server +systemPossSuperiors: nTDSService +systemPossSuperiors: domainDNS +systemPossSuperiors: organization +systemPossSuperiors: configuration +systemPossSuperiors: container +systemPossSuperiors: organizationalUnit +systemMayContain: schemaVersion +systemMayContain: defaultClassStore +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Container,${SCHEMADN} + +dn: CN=Site,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.31 +possibleInferiors: serversContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Site +adminDescription: Site +objectClassCategory: 1 +lDAPDisplayName: site +schemaIDGUID: bf967ab3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: sitesContainer +systemMayContain: notificationList +systemMayContain: mSMQSiteID +systemMayContain: mSMQSiteForeign +systemMayContain: mSMQNt4Stub +systemMayContain: mSMQInterval2 +systemMayContain: mSMQInterval1 +systemMayContain: managedBy +systemMayContain: location +systemMayContain: gPOptions +systemMayContain: gPLink +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;LCRPLORC;;;ED) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Site,${SCHEMADN} + +dn: CN=Organization,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 2.5.6.4 +possibleInferiors: computer +possibleInferiors: user +possibleInferiors: container +possibleInferiors: groupPolicyContainer +possibleInferiors: domainDNS +possibleInferiors: locality +possibleInferiors: country +possibleInferiors: organizationalUnit +possibleInferiors: organizationalPerson +rDNAttID: o +showInAdvancedViewOnly: TRUE +adminDisplayName: Organization +adminDescription: Organization +objectClassCategory: 1 +lDAPDisplayName: organization +schemaIDGUID: bf967aa3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: locality +systemPossSuperiors: country +systemPossSuperiors: domainDNS +systemMayContain: x121Address +systemMayContain: userPassword +systemMayContain: telexNumber +systemMayContain: teletexTerminalIdentifier +systemMayContain: telephoneNumber +systemMayContain: street +systemMayContain: st +systemMayContain: seeAlso +systemMayContain: searchGuide +systemMayContain: registeredAddress +systemMayContain: preferredDeliveryMethod +systemMayContain: postalCode +systemMayContain: postalAddress +systemMayContain: postOfficeBox +systemMayContain: physicalDeliveryOfficeName +systemMayContain: l +systemMayContain: internationalISDNNumber +systemMayContain: facsimileTelephoneNumber +systemMayContain: destinationIndicator +systemMayContain: businessCategory +systemMustContain: o +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Organization,${SCHEMADN} + +dn: CN=ms-DS-Az-Admin-Manager,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.234 +possibleInferiors: group +possibleInferiors: msDS-AzApplication +possibleInferiors: container +possibleInferiors: groupPolicyContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: MS-DS-Az-Admin-Manager +adminDescription: Root of Authorization Policy store instance +objectClassCategory: 1 +lDAPDisplayName: msDS-AzAdminManager +schemaIDGUID: cfee1051-5f28-4bae-a863-5d0cc18a8ed1 +systemOnly: FALSE +systemPossSuperiors: domainDNS +systemPossSuperiors: organizationalUnit +systemPossSuperiors: container +systemMayContain: msDS-AzMinorVersion +systemMayContain: msDS-AzMajorVersion +systemMayContain: msDS-AzApplicationData +systemMayContain: msDS-AzGenerateAudits +systemMayContain: msDS-AzScriptTimeout +systemMayContain: msDS-AzScriptEngineCacheMax +systemMayContain: msDS-AzDomainTimeout +systemMayContain: description +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=ms-DS-Az-Admin-Manager,${SCHEMADN} + +dn: CN=Security-Principal,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.6 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Security-Principal +adminDescription: Security-Principal +objectClassCategory: 3 +lDAPDisplayName: securityPrincipal +schemaIDGUID: bf967ab0-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemMayContain: supplementalCredentials +systemMayContain: sIDHistory +systemMayContain: securityIdentifier +systemMayContain: sAMAccountType +systemMayContain: rid +systemMayContain: tokenGroupsNoGCAcceptable +systemMayContain: tokenGroupsGlobalAndUniversal +systemMayContain: tokenGroups +systemMayContain: nTSecurityDescriptor +systemMayContain: msDS-KeyVersionNumber +systemMayContain: altSecurityIdentities +systemMayContain: accountNameHistory +systemMustContain: sAMAccountName +systemMustContain: objectSid +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Security-Principal,${SCHEMADN} + +dn: CN=Application-Settings,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.7000.49 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Application-Settings +adminDescription: Application-Settings +objectClassCategory: 2 +lDAPDisplayName: applicationSettings +schemaIDGUID: f780acc1-56f0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: server +systemMayContain: notificationList +systemMayContain: msDS-Settings +systemMayContain: applicationName +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Application-Settings,${SCHEMADN} + +dn: CN=Class-Schema,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.3.13 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Class-Schema +adminDescription: Class-Schema +objectClassCategory: 1 +lDAPDisplayName: classSchema +schemaIDGUID: bf967a83-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: dMD +systemMayContain: systemPossSuperiors +systemMayContain: systemOnly +systemMayContain: systemMustContain +systemMayContain: systemMayContain +systemMayContain: systemAuxiliaryClass +systemMayContain: schemaFlagsEx +systemMayContain: rDNAttID +systemMayContain: possSuperiors +systemMayContain: mustContain +systemMayContain: msDs-Schema-Extensions +systemMayContain: msDS-IntId +systemMayContain: mayContain +systemMayContain: lDAPDisplayName +systemMayContain: isDefunct +systemMayContain: defaultSecurityDescriptor +systemMayContain: defaultHidingValue +systemMayContain: classDisplayName +systemMayContain: auxiliaryClass +systemMustContain: subClassOf +systemMustContain: schemaIDGUID +systemMustContain: objectClassCategory +systemMustContain: governsID +systemMustContain: defaultObjectCategory +systemMustContain: cn +defaultSecurityDescriptor: D:S: +systemFlags: 134217744 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Class-Schema,${SCHEMADN} + +dn: CN=User,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: organizationalPerson +governsID: 1.2.840.113556.1.5.9 +mayContain: x500uniqueIdentifier +mayContain: userSMIMECertificate +mayContain: userPKCS12 +mayContain: uid +mayContain: secretary +mayContain: roomNumber +mayContain: preferredLanguage +mayContain: photo +mayContain: labeledURI +mayContain: jpegPhoto +mayContain: homePostalAddress +mayContain: givenName +mayContain: employeeType +mayContain: employeeNumber +mayContain: displayName +mayContain: departmentNumber +mayContain: carLicense +mayContain: audio +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: User +adminDescription: User +objectClassCategory: 1 +lDAPDisplayName: user +schemaIDGUID: bf967aba-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: builtinDomain +systemPossSuperiors: organizationalUnit +systemPossSuperiors: domainDNS +systemMayContain: pager +systemMayContain: o +systemMayContain: mobile +systemMayContain: manager +systemMayContain: mail +systemMayContain: initials +systemMayContain: homePhone +systemMayContain: businessCategory +systemMayContain: userCertificate +systemMayContain: userWorkstations +systemMayContain: userSharedFolderOther +systemMayContain: userSharedFolder +systemMayContain: userPrincipalName +systemMayContain: userParameters +systemMayContain: userAccountControl +systemMayContain: unicodePwd +systemMayContain: terminalServer +systemMayContain: servicePrincipalName +systemMayContain: scriptPath +systemMayContain: pwdLastSet +systemMayContain: profilePath +systemMayContain: primaryGroupID +systemMayContain: preferredOU +systemMayContain: otherLoginWorkstations +systemMayContain: operatorCount +systemMayContain: ntPwdHistory +systemMayContain: networkAddress +systemMayContain: msRASSavedFramedRoute +systemMayContain: msRASSavedFramedIPAddress +systemMayContain: msRASSavedCallbackNumber +systemMayContain: msRADIUSServiceType +systemMayContain: msRADIUSFramedRoute +systemMayContain: msRADIUSFramedIPAddress +systemMayContain: msRADIUSCallbackNumber +systemMayContain: msNPSavedCallingStationID +systemMayContain: msNPCallingStationID +systemMayContain: msNPAllowDialin +systemMayContain: mSMQSignCertificatesMig +systemMayContain: mSMQSignCertificates +systemMayContain: mSMQDigestsMig +systemMayContain: mSMQDigests +systemMayContain: msIIS-FTPRoot +systemMayContain: msIIS-FTPDir +systemMayContain: msDS-User-Account-Control-Computed +systemMayContain: msDS-Site-Affinity +systemMayContain: mS-DS-CreatorSID +systemMayContain: msDS-Cached-Membership-Time-Stamp +systemMayContain: msDS-Cached-Membership +systemMayContain: msDRM-IdentityCertificate +systemMayContain: msCOM-UserPartitionSetLink +systemMayContain: maxStorage +systemMayContain: logonWorkstation +systemMayContain: logonHours +systemMayContain: logonCount +systemMayContain: lockoutTime +systemMayContain: localeID +systemMayContain: lmPwdHistory +systemMayContain: lastLogonTimestamp +systemMayContain: lastLogon +systemMayContain: lastLogoff +systemMayContain: homeDrive +systemMayContain: homeDirectory +systemMayContain: groupsToIgnore +systemMayContain: groupPriority +systemMayContain: groupMembershipSAM +systemMayContain: dynamicLDAPServer +systemMayContain: desktopProfile +systemMayContain: defaultClassStore +systemMayContain: dBCSPwd +systemMayContain: controlAccessRights +systemMayContain: codePage +systemMayContain: badPwdCount +systemMayContain: badPasswordTime +systemMayContain: adminCount +systemMayContain: aCSPolicyName +systemMayContain: accountExpires +systemAuxiliaryClass: securityPrincipal +systemAuxiliaryClass: mailRecipient +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Person,${SCHEMADN} + +dn: CN=DMD,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.3.9 +possibleInferiors: lostAndFound +possibleInferiors: attributeSchema +possibleInferiors: classSchema +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: DMD +adminDescription: DMD +objectClassCategory: 1 +lDAPDisplayName: dMD +schemaIDGUID: bf967a8f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +systemPossSuperiors: configuration +systemMayContain: schemaUpdate +systemMayContain: schemaInfo +systemMayContain: prefixMap +systemMayContain: msDs-Schema-Extensions +systemMayContain: msDS-IntId +systemMayContain: dmdName +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=DMD,${SCHEMADN} + +dn: CN=Leaf,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.20 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Leaf +adminDescription: Leaf +objectClassCategory: 2 +lDAPDisplayName: leaf +schemaIDGUID: bf967a9e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Leaf,${SCHEMADN} + +dn: CN=Secret,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: leaf +governsID: 1.2.840.113556.1.5.28 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Secret +adminDescription: Secret +objectClassCategory: 1 +lDAPDisplayName: secret +schemaIDGUID: bf967aae-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: priorValue +systemMayContain: priorSetTime +systemMayContain: lastSetTime +systemMayContain: currentValue +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Secret,${SCHEMADN} + +dn: CN=Sites-Container,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.107 +possibleInferiors: subnetContainer +possibleInferiors: site +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Sites-Container +adminDescription: Sites-Container +objectClassCategory: 1 +lDAPDisplayName: sitesContainer +schemaIDGUID: 7a4117da-cd67-11d0-afff-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: configuration +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Sites-Container,${SCHEMADN} + +dn: CN=Server,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.17 +possibleInferiors: container +possibleInferiors: groupPolicyContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Server +adminDescription: Server +objectClassCategory: 1 +lDAPDisplayName: server +schemaIDGUID: bf967a92-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: serversContainer +systemMayContain: mailAddress +systemMayContain: serverReference +systemMayContain: serialNumber +systemMayContain: managedBy +systemMayContain: dNSHostName +systemMayContain: bridgeheadTransportList +defaultSecurityDescriptor: D:(A;CI;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Server,${SCHEMADN} + +dn: CN=SubSchema,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 2.5.20.1 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: SubSchema +adminDescription: SubSchema +objectClassCategory: 1 +lDAPDisplayName: subSchema +schemaIDGUID: 5a8b3261-c38d-11d1-bbc9-0080c76670c0 +systemOnly: TRUE +systemPossSuperiors: dMD +systemMayContain: objectClasses +systemMayContain: modifyTimeStamp +systemMayContain: extendedClassInfo +systemMayContain: extendedAttributeInfo +systemMayContain: dITContentRules +systemMayContain: attributeTypes +defaultSecurityDescriptor: D:S: +systemFlags: 134217744 +defaultHidingValue: TRUE +defaultObjectCategory: CN=SubSchema,${SCHEMADN} + +dn: CN=Trusted-Domain,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: leaf +governsID: 1.2.840.113556.1.5.34 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Trusted-Domain +adminDescription: Trusted-Domain +objectClassCategory: 1 +lDAPDisplayName: trustedDomain +schemaIDGUID: bf967ab8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: trustType +systemMayContain: trustPosixOffset +systemMayContain: trustPartner +systemMayContain: trustDirection +systemMayContain: trustAuthOutgoing +systemMayContain: trustAuthIncoming +systemMayContain: trustAttributes +systemMayContain: securityIdentifier +systemMayContain: msDS-TrustForestTrustInfo +systemMayContain: mS-DS-CreatorSID +systemMayContain: initialAuthOutgoing +systemMayContain: initialAuthIncoming +systemMayContain: flatName +systemMayContain: domainIdentifier +systemMayContain: domainCrossRef +systemMayContain: additionalTrustedServiceNames +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(OA;;WP;736e4812-af31-11d2-b7df-00805f48caeb;bf967ab8-0de6-11d0-a285-00aa003049e2;CO)(A;;SD;;;CO) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Trusted-Domain,${SCHEMADN} + +dn: CN=Domain,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.66 +possibleInferiors: domainDNS +rDNAttID: dc +showInAdvancedViewOnly: TRUE +adminDisplayName: Domain +adminDescription: Domain +objectClassCategory: 2 +lDAPDisplayName: domain +schemaIDGUID: 19195a5a-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +systemPossSuperiors: domain +systemPossSuperiors: organization +systemMustContain: dc +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Domain-DNS,${SCHEMADN} + +dn: CN=Foreign-Security-Principal,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.76 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Foreign-Security-Principal +adminDescription: Foreign-Security-Principal +objectClassCategory: 1 +lDAPDisplayName: foreignSecurityPrincipal +schemaIDGUID: 89e31c12-8530-11d0-afda-00c04fd930c9 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: foreignIdentifier +systemMustContain: objectSid +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Foreign-Security-Principal,${SCHEMADN} + +dn: CN=Subnet,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.96 +possibleInferiors: container +possibleInferiors: groupPolicyContainer +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Subnet +adminDescription: Subnet +objectClassCategory: 1 +lDAPDisplayName: subnet +schemaIDGUID: b7b13124-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +systemPossSuperiors: subnetContainer +systemMayContain: siteObject +systemMayContain: physicalLocationObject +systemMayContain: location +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Subnet,${SCHEMADN} + +dn: CN=Mail-Recipient,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.3.46 +mayContain: userSMIMECertificate +mayContain: secretary +mayContain: msExchLabeledURI +mayContain: msExchAssistantName +mayContain: labeledURI +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Mail-Recipient +adminDescription: Mail-Recipient +objectClassCategory: 3 +lDAPDisplayName: mailRecipient +schemaIDGUID: bf967aa1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: container +systemMayContain: userCertificate +systemMayContain: userCert +systemMayContain: textEncodedORAddress +systemMayContain: telephoneNumber +systemMayContain: showInAddressBook +systemMayContain: legacyExchangeDN +systemMayContain: garbageCollPeriod +systemMayContain: info +systemMustContain: cn +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Mail-Recipient,${SCHEMADN} + +dn: CN=Group,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.2.840.113556.1.5.8 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Group +adminDescription: Group +objectClassCategory: 1 +lDAPDisplayName: group +schemaIDGUID: bf967a9c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +systemPossSuperiors: msDS-AzScope +systemPossSuperiors: msDS-AzApplication +systemPossSuperiors: msDS-AzAdminManager +systemPossSuperiors: container +systemPossSuperiors: builtinDomain +systemPossSuperiors: organizationalUnit +systemPossSuperiors: domainDNS +systemMayContain: primaryGroupToken +systemMayContain: operatorCount +systemMayContain: nTGroupMembers +systemMayContain: nonSecurityMember +systemMayContain: msDS-NonMembers +systemMayContain: msDS-AzLDAPQuery +systemMayContain: member +systemMayContain: managedBy +systemMayContain: groupMembershipSAM +systemMayContain: groupAttributes +systemMayContain: mail +systemMayContain: desktopProfile +systemMayContain: controlAccessRights +systemMayContain: adminCount +systemMustContain: groupType +systemAuxiliaryClass: mailRecipient +systemAuxiliaryClass: securityPrincipal +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560) +systemFlags: 16 +defaultHidingValue: FALSE +defaultObjectCategory: CN=Group,${SCHEMADN} + +dn: CN=Group-Policy-Container,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: container +governsID: 1.2.840.113556.1.5.157 +possibleInferiors: group +possibleInferiors: trustedDomain +possibleInferiors: computer +possibleInferiors: foreignSecurityPrincipal +possibleInferiors: user +possibleInferiors: container +possibleInferiors: groupPolicyContainer +possibleInferiors: person +possibleInferiors: ipsecNFA +possibleInferiors: queryPolicy +possibleInferiors: msDS-AzAdminManager +possibleInferiors: displaySpecifier +possibleInferiors: nTDSService +possibleInferiors: secret +possibleInferiors: ipsecPolicy +possibleInferiors: organizationalPerson +possibleInferiors: ipsecISAKMPPolicy +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Group-Policy-Container +adminDescription: Group-Policy-Container +objectClassCategory: 1 +lDAPDisplayName: groupPolicyContainer +schemaIDGUID: f30e3bc2-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +systemMayContain: versionNumber +systemMayContain: gPCWQLFilter +systemMayContain: gPCUserExtensionNames +systemMayContain: gPCMachineExtensionNames +systemMayContain: gPCFunctionalityVersion +systemMayContain: gPCFileSysPath +systemMayContain: flags +defaultSecurityDescriptor: D:P(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;DA)(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;EA)(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;LCRPLORC;;;ED) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Group-Policy-Container,${SCHEMADN} + +dn: CN=Aggregate,${SCHEMADN} +objectClass: top +objectClass: subSchema diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif new file mode 100644 index 0000000000..3e129e4f6b --- /dev/null +++ b/source4/setup/schema_samba4.ldif @@ -0,0 +1,367 @@ +# +# Schema elements which do not exist in AD, but which we use in Samba4 +# +## Samba4 OID allocation from Samba3's examples/LDAP/samba.schema +## 1.3.6.1.4.1.7165.4.1.x - attributetypes + +## 1.3.6.1.4.1.7165.4.2.x - objectclasses + +## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls +### see dsdb/samdb/samdb.h + +## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations +### see dsdb/samdb/samdb.h + +## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track +# +# + + +# +# Not used anymore +# +#dn: cn=ntpwdHash,${SCHEMADN} +#cn: ntpwdHash +#name: NTPWDHash +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: ntpwdhash +#isSingleValued: TRUE +#systemFlags: 17 +#systemOnly: TRUE +#schemaIDGUID: E961130F-5084-458C-9E9C-DEC16DA08592 +#adminDisplayName: NT-PWD-Hash +#attributeID: 1.3.6.1.4.1.7165.4.1.1 +#attributeSyntax: 2.5.5.10 +#oMSyntax: 4 + +# +# Not used anymore +# +#dn: cn=lmpwdHash,${SCHEMADN} +#cn: lmpwdHash +#name: lmpwdHash +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: lmpwdhash +#isSingleValued: TRUE +#systemFlags: 17 +#systemOnly: TRUE +#schemaIDGUID: CBD0D18C-9C54-4A77-87C4-5CEEAF781253 +#adminDisplayName: LM-PWD-Hash +#attributeID: 1.3.6.1.4.1.7165.4.1.2 +#attributeSyntax: 2.5.5.10 +#oMSyntax: 4 + +# +# Not used anymore +# +#dn: cn=sambaNtPwdHistory,${SCHEMADN} +#cn: sambaNtPwdHistory +#name: sambaNtPwdHistory +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: sambaNtPwdHistory +#isSingleValued: TRUE +#systemFlags: 17 +#systemOnly: TRUE +#schemaIDGUID: 8CCD7658-C574-4435-A38C-99572E349E6B +#adminDisplayName: SAMBA-NT-PWD-History +#attributeID: 1.3.6.1.4.1.7165.4.1.3 +#attributeSyntax: 2.5.5.10 +#oMSyntax: 4 + +# +# Not used anymore +# +#dn: cn=sambaLmPwdHistory,${SCHEMADN} +#cn: sambaLmPwdHistory +#name: sambaLmPwdHistory +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: sambaLmPwdHistory +#isSingleValued: FALSE +#systemFlags: 17 +#systemOnly: TRUE +#schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4 +#adminDisplayName: SAMBA-LM-PWDHistory +#attributeID: 1.3.6.1.4.1.7165.4.1.4 +#attributeSyntax: 2.5.5.10 +#oMSyntax: 4 + +# +# Not used anymore +# +#dn: CN=sambaPassword,${SCHEMADN} +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: sambaPassword +#isSingleValued: FALSE +#systemFlags: 17 +#systemOnly: TRUE +#schemaIDGUID: 87F10301-229A-4E69-B63A-998339ADA37A +#adminDisplayName: SAMBA-Password +#attributeID: 1.3.6.1.4.1.7165.4.1.5 +#attributeSyntax: 2.5.5.5 +#oMSyntax: 22 + +# +# Not used anymore +# +#dn: cn=dnsDomain,${SCHEMADN} +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: dnsDomain +#isSingleValued: FALSE +#systemFlags: 17 +#systemOnly: TRUE +#schemaIDGUID: A40165E6-5E45-44A7-A8FA-186C94333018 +#adminDisplayName: DNS-Domain +#attributeID: 1.3.6.1.4.1.7165.4.1.6 +#attributeSyntax: 2.5.5.4 +#oMSyntax: 20 + +dn: cn=privilege,${SCHEMADN} +objectClass: top +objectClass: attributeSchema +lDAPDisplayName: privilege +isSingleValued: FALSE +systemFlags: 17 +systemOnly: TRUE +schemaIDGUID: 7429BC94-CC6A-4481-8B2C-A97E316EB182 +adminDisplayName: Privilege +attributeID: 1.3.6.1.4.1.7165.4.1.7 +attributeSyntax: 2.5.5.4 +oMSyntax: 20 + +# +# Not used anymore +# +#dn: CN=unixName,${SCHEMADN} +#cn: unixName +#name: unixName +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: unixName +#isSingleValued: TRUE +#systemFlags: 16 +#systemOnly: FALSE +#schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2 +#adminDisplayName: Unix-Name +#attributeID: 1.3.6.1.4.1.7165.4.1.9 +#attributeSyntax: 2.5.5.4 +#oMSyntax: 20 + +# +# Not used anymore +# +#dn: cn=krb5Key,${SCHEMADN} +#cn: krb5Key +#name: krb5Key +#objectClass: top +#objectClass: attributeSchema +#lDAPDisplayName: krb5Key +#isSingleValued: FALSE +#systemFlags: 17 +#systemOnly: TRUE +#schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4 +#adminDisplayName: krb5-Key +#attributeID: 1.3.6.1.4.1.5322.10.1.10 +#attributeSyntax: 2.5.5.10 +#oMSyntax: 4 + +#Allocated: (not used anymore) DSDB_CONTROL_REPLICATED_OBJECT_OID 1.3.6.1.4.1.7165.4.3.1 + +#Allocated: DSDB_CONTROL_CURRENT_PARTITION_OID 1.3.6.1.4.1.7165.4.3.2 + +#Allocated: DSDB_EXTENDED_REPLICATED_OBJECTS_OID 1.3.6.1.4.1.7165.4.4.1 + +#Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1 + +#Allocated: (defaultGroup) attributeID: 1.3.6.1.4.1.7165.4.255.2 + +#Allocated: (modifyTimestamp) samba4ModifyTimestamp: 1.3.6.1.4.1.7165.4.255.3 +#Allocated: (subSchema) samba4SubSchema: 1.3.6.1.4.1.7165.4.255.4 +#Allocated: (objectClasses) samba4ObjectClasses: 1.3.6.1.4.1.7165.4.255.5 +#Allocated: (ditContentRules) samba4DitContentRules: 1.3.6.1.4.1.7165.4.255.6 +#Allocated: (attributeTypes) samba4AttributeTypes: 1.3.6.1.4.1.7165.4.255.7 + +# +# Fedora DS uses this attribute, and we need to set it via our module stack +# +dn: CN=aci,${SCHEMADN} +cn: aci +name: aci +objectClass: top +objectClass: attributeSchema +lDAPDisplayName: aci +isSingleValued: TRUE +systemFlags: 16 +systemOnly: FALSE +schemaIDGUID: d8e6c1fa-db08-4f26-a53b-23c414aac92d +adminDisplayName: aci +attributeID: 1.3.6.1.4.1.7165.4.1.11 +attributeSyntax: 2.5.5.4 +oMSyntax: 20 + +# +# Based on domainDNS, but without the DNS bits. +# + +dn: CN=Samba4-Local-Domain,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.3.6.1.4.1.7165.4.2.2 +possibleInferiors: group +possibleInferiors: lostAndFound +possibleInferiors: builtinDomain +possibleInferiors: computer +possibleInferiors: user +possibleInferiors: container +possibleInferiors: groupPolicyContainer +possibleInferiors: organization +possibleInferiors: domainDNS +possibleInferiors: locality +possibleInferiors: msDS-AzAdminManager +possibleInferiors: country +possibleInferiors: organizationalUnit +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Samba4-Local-Domain +adminDescription: Samba4-Local-Domain +systemMayContain: msDS-Behavior-Version +systemMayContain: managedBy +objectClassCategory: 1 +lDAPDisplayName: samba4LocalDomain +schemaIDGUID: 07be1647-8310-4fba-91ae-34e55d5a8293 +systemOnly: FALSE +systemAuxiliaryClass: samDomain +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +defaultObjectCategory: CN=Builtin-Domain,${SCHEMADN} + + +dn: CN=Samba4Top,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.3.6.1.4.1.7165.4.2.1 +mayContain: msDS-ObjectReferenceBL +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Samba4TopTop +adminDescription: Attributes used in top in Samba4 that OpenLDAP does not +objectClassCategory: 3 +lDAPDisplayName: samba4Top +schemaIDGUID: 073598d0-635b-4685-a929-da731b98d84e +systemOnly: TRUE +systemPossSuperiors: lostAndFound +systemMayContain: url +systemMayContain: wWWHomePage +systemMayContain: wellKnownObjects +systemMayContain: wbemPath +systemMayContain: uSNSource +systemMayContain: uSNLastObjRem +systemMayContain: USNIntersite +systemMayContain: uSNDSALastObjRemoved +systemMayContain: systemFlags +systemMayContain: subRefs +systemMayContain: siteObjectBL +systemMayContain: serverReferenceBL +systemMayContain: sDRightsEffective +systemMayContain: revision +systemMayContain: repsTo +systemMayContain: repsFrom +systemMayContain: directReports +systemMayContain: replUpToDateVector +systemMayContain: replPropertyMetaData +systemMayContain: name +systemMayContain: queryPolicyBL +systemMayContain: proxyAddresses +systemMayContain: proxiedObjectName +systemMayContain: possibleInferiors +systemMayContain: partialAttributeSet +systemMayContain: partialAttributeDeletionList +systemMayContain: otherWellKnownObjects +systemMayContain: objectVersion +systemMayContain: nonSecurityMemberBL +systemMayContain: netbootSCPBL +systemMayContain: ownerBL +systemMayContain: msDS-ReplValueMetaData +systemMayContain: msDS-ReplAttributeMetaData +systemMayContain: msDS-NonMembersBL +systemMayContain: msDS-NCReplOutboundNeighbors +systemMayContain: msDS-NCReplInboundNeighbors +systemMayContain: msDS-NCReplCursors +systemMayContain: msDS-TasksForAzRoleBL +systemMayContain: msDS-TasksForAzTaskBL +systemMayContain: msDS-OperationsForAzRoleBL +systemMayContain: msDS-OperationsForAzTaskBL +systemMayContain: msDS-MembersForAzRoleBL +systemMayContain: msDs-masteredBy +systemMayContain: mS-DS-ConsistencyGuid +systemMayContain: mS-DS-ConsistencyChildCount +systemMayContain: msDS-Approx-Immed-Subordinates +systemMayContain: msCOM-PartitionSetLink +systemMayContain: msCOM-UserLink +systemMayContain: masteredBy +systemMayContain: managedObjects +systemMayContain: lastKnownParent +systemMayContain: isPrivilegeHolder +systemMayContain: isDeleted +systemMayContain: isCriticalSystemObject +systemMayContain: showInAdvancedViewOnly +systemMayContain: fSMORoleOwner +systemMayContain: fRSMemberReferenceBL +systemMayContain: frsComputerReferenceBL +systemMayContain: fromEntry +systemMayContain: flags +systemMayContain: extensionName +systemMayContain: dSASignature +systemMayContain: dSCorePropagationData +systemMayContain: displayNamePrintable +systemMayContain: displayName +systemMayContain: description +systemMayContain: cn +systemMayContain: canonicalName +systemMayContain: bridgeheadServerListBL +systemMayContain: allowedChildClassesEffective +systemMayContain: allowedChildClasses +systemMayContain: allowedAttributesEffective +systemMayContain: allowedAttributes +systemMayContain: adminDisplayName +systemMayContain: adminDescription +systemMustContain: objectCategory +systemMustContain: nTSecurityDescriptor +systemMustContain: instanceType +systemAuxiliaryClass: samba4TopExtra +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,${SCHEMADN} +defaultObjectCategory: CN=Samba4Top,${SCHEMADN} + + +dn: CN=Samba4TopExtra,${SCHEMADN} +objectClass: top +objectClass: classSchema +subClassOf: top +governsID: 1.3.6.1.4.1.7165.4.2.3 +rDNAttID: cn +showInAdvancedViewOnly: TRUE +adminDisplayName: Samba4TopExtra +adminDescription: Attributes used in top in Samba4 that OpenLDAP does not +objectClassCategory: 2 +lDAPDisplayName: samba4TopExtra +schemaIDGUID: 073598d0-635b-4685-a929-da731b98d84e +systemOnly: TRUE +mayContain: privilege +systemPossSuperiors: lostAndFound +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +systemFlags: 16 +defaultHidingValue: TRUE +objectCategory: CN=Class-Schema,${SCHEMADN} +defaultObjectCategory: CN=Samba4TopExtra,${SCHEMADN} + diff --git a/source4/setup/secrets.ldif b/source4/setup/secrets.ldif new file mode 100644 index 0000000000..95cbe20e5f --- /dev/null +++ b/source4/setup/secrets.ldif @@ -0,0 +1,10 @@ +dn: CN=LSA Secrets +objectClass: top +objectClass: container +cn: LSA Secrets + +dn: CN=Primary Domains +objectClass: top +objectClass: container +cn: Primary Domains + diff --git a/source4/setup/secrets_dc.ldif b/source4/setup/secrets_dc.ldif new file mode 100644 index 0000000000..abc5860cf7 --- /dev/null +++ b/source4/setup/secrets_dc.ldif @@ -0,0 +1,39 @@ +dn: flatname=${DOMAIN},CN=Primary Domains +objectClass: top +objectClass: primaryDomain +objectClass: kerberosSecret +flatname: ${DOMAIN} +realm: ${REALM} +secret:: ${MACHINEPASS_B64} +secureChannelType: 6 +sAMAccountName: ${NETBIOSNAME}$ +msDS-KeyVersionNumber: 1 +objectSid: ${DOMAINSID} +privateKeytab: ${SECRETS_KEYTAB} + +# A hook from our credentials system into HDB, as we must be on a KDC, +# we can look directly into the database. +dn: samAccountName=krbtgt,flatname=${DOMAIN},CN=Principals +objectClass: top +objectClass: secret +objectClass: kerberosSecret +flatname: ${DOMAIN} +realm: ${REALM} +sAMAccountName: krbtgt +objectSid: ${DOMAINSID} +servicePrincipalName: kadmin/changepw +krb5Keytab: HDB:ldb:${SAM_LDB}: +#The trailing : here is a HACK, but it matches the Heimdal format. + +# A hook from our credentials system into HDB, as we must be on a KDC, +# we can look directly into the database. +dn: servicePrincipalName=DNS/${DNSDOMAIN},CN=Principals +objectClass: top +objectClass: secret +objectClass: kerberosSecret +realm: ${REALM} +servicePrincipalName: DNS/${DNSDOMAIN} +msDS-KeyVersionNumber: 1 +privateKeytab: ${DNS_KEYTAB} +secret:: ${DNSPASS_B64} + diff --git a/source4/setup/secrets_init.ldif b/source4/setup/secrets_init.ldif new file mode 100644 index 0000000000..eb423a5122 --- /dev/null +++ b/source4/setup/secrets_init.ldif @@ -0,0 +1,15 @@ +dn: @INDEXLIST +@IDXATTR: cn +@IDXATTR: flatname +@IDXATTR: realm + +dn: @ATTRIBUTES +realm: CASE_INSENSITIVE +flatname: CASE_INSENSITIVE +sAMAccountName: CASE_INSENSITIVE + +#Add modules to the list to activate them by default +#beware often order is important +dn: @MODULES +@LIST: update_keytab,operational,objectguid,rdn_name + diff --git a/source4/setup/secrets_sasl_ldap.ldif b/source4/setup/secrets_sasl_ldap.ldif new file mode 100644 index 0000000000..81ccfee209 --- /dev/null +++ b/source4/setup/secrets_sasl_ldap.ldif @@ -0,0 +1,9 @@ +dn: CN=SAMDB Credentials +objectClass: top +objectClass: ldapSecret +cn: SAMDB Credentials +secret:: ${LDAPADMINPASS_B64} +samAccountName: ${LDAPADMINUSER} +realm: ${LDAPADMINREALM} + + diff --git a/source4/setup/secrets_simple_ldap.ldif b/source4/setup/secrets_simple_ldap.ldif new file mode 100644 index 0000000000..3f5ccd2df1 --- /dev/null +++ b/source4/setup/secrets_simple_ldap.ldif @@ -0,0 +1,6 @@ +dn: CN=SAMDB Credentials +objectClass: top +objectClass: ldapSecret +cn: SAMDB Credentials +secret:: ${LDAPMANAGERPASS_B64} +ldapBindDn: ${LDAPMANAGERDN} diff --git a/source4/setup/setexpiry b/source4/setup/setexpiry new file mode 100755 index 0000000000..e47330510c --- /dev/null +++ b/source4/setup/setexpiry @@ -0,0 +1,44 @@ +#!/usr/bin/python +# +# set the password expiry for a user +# Copyright Andrew Tridgell 2005 +# Copyright Jelmer Vernooij 2008 +# Released under the GNU GPL version 3 or later +# + +import sys + +# Find right directory when running from source tree +sys.path.insert(0, "bin/python") + +import samba.getopt as options +import optparse +from getpass import getpass +from samba.auth import system_session + +parser = optparse.OptionParser("setexpiry [options] <username>") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--days", help="Days to expiry", type=int) +parser.add_option("--noexpiry", help="Never expire", action="store_true") + +opts, args = parser.parse_args() + +if len(args) == 0: + parser.print_usage() + sys.exit(1) + +username = args[0] + +lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + +samdb = sambaopts.get_hostconfig().get_samdb(session_info=system_session(), + credentials=creds) +days = opts.days +if days is None: + days = 0 +samdb.setexpiry(username, days*24*3600, opts.noexpiry) diff --git a/source4/setup/setpassword b/source4/setup/setpassword new file mode 100755 index 0000000000..65770e1f4d --- /dev/null +++ b/source4/setup/setpassword @@ -0,0 +1,63 @@ +#!/usr/bin/python +# +# add a new user to a Samba4 server +# Copyright Andrew Tridgell 2005 +# Copyright Jelmer Vernooij 2008 +# Released under the GNU GPL version 3 or later +# + +import os, sys + +# Find right directory when running from source tree +sys.path.insert(0, "bin/python") + +import samba.getopt as options +import optparse +import pwd +import sys +from getpass import getpass +from samba.auth import system_session +from samba.samdb import SamDB + +parser = optparse.OptionParser("setpassword [username] [options]") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--filter", help="LDAP Filter to set password on", type=str) +parser.add_option("--newpassword", help="Set password", type=str) + +opts, args = parser.parse_args() + +# +# print a message if quiet is not set +# +def message(text): + if not opts.quiet: + print text + +if len(args) == 0: + parser.print_usage() + sys.exit(1) + +password = opts.newpassword; +if password is None: + password = getpass("New Password: ") + +filter = opts.filter + +if filter is None: + username = args[0] + if username is None: + print "Either username or --filter must be specified" + + filter = "(&(objectclass=user)(samAccountName=%s))" % (username) + + +lp = sambaopts.get_loadparm() +creds = credopts.get_credentials(lp) + +samdb = SamDB(url=lp.get("sam database"), session_info=system_session(), + credentials=creds, lp=lp) +samdb.setpassword(filter, password) diff --git a/source4/setup/share.ldif b/source4/setup/share.ldif new file mode 100644 index 0000000000..750a070c8a --- /dev/null +++ b/source4/setup/share.ldif @@ -0,0 +1,46 @@ +dn: @INDEXLIST +@IDXATTR: name + +dn: @ATTRIBUTES +cn: CASE_INSENSITIVE +dc: CASE_INSENSITIVE +name: CASE_INSENSITIVE +dn: CASE_INSENSITIVE +objectClass: CASE_INSENSITIVE + +### Shares basedn +dn: CN=Shares +objectClass: top +objectClass: organizationalUnit +cn: Shares + +### Default IPC$ Share +dn: CN=IPC$,CN=Shares +objectClass: top +objectClass: share +cn: IPC$ +name: IPC$ +type: IPC +path: /tmp +comment: Remote IPC +max-connections: -1 +available: True +readonly: True +browseable: False +ntvfs-handler: default + +### Default ADMIN$ Share +dn: CN=ADMIN$,CN=Shares +objectClass: top +objectClass: share +cn: ADMIN$ +name: ADMIN$ +type: DISK +path: /tmp +comment: Remote Admin +max-connections: -1 +available: True +readonly: True +browseable: False +ntvfs-handler: default + diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf new file mode 100644 index 0000000000..b64d581e0d --- /dev/null +++ b/source4/setup/slapd.conf @@ -0,0 +1,147 @@ +loglevel 0 + +### needed for initial content load ### +sizelimit unlimited + +### Multimaster-ServerIDs and URLs ### + +${MMR_SERVERIDS_CONFIG} + + +include ${LDAPDIR}/backend-schema.schema + +pidfile ${LDAPDIR}/slapd.pid +argsfile ${LDAPDIR}/slapd.args +sasl-realm ${DNSDOMAIN} + +#authz-regexp +# uid=([^,]*),cn=${DNSDOMAIN},cn=digest-md5,cn=auth +# ldap:///${DOMAINDN}??sub?(samAccountName=\$1) + +#authz-regexp +# uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth +# ldap:///${DOMAINDN}??sub?(samAccountName=\$1) + +authz-regexp + uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth + ldap:///cn=samba??one?(cn=\$1) + +authz-regexp + uid=([^,]*),cn=([^,]*),cn=ntlm,cn=auth + ldap:///cn=samba??one?(cn=\$1) + +access to dn.base="" + by dn=cn=samba-admin,cn=samba manage + by anonymous read + by * read + +access to dn.subtree="cn=samba" + by anonymous auth + +access to dn.subtree="${DOMAINDN}" + by dn=cn=samba-admin,cn=samba manage${REPLICATOR_ACL} + by dn=cn=manager manage + by * none + +password-hash {CLEARTEXT} + +include ${LDAPDIR}/modules.conf + +defaultsearchbase ${DOMAINDN} + +rootdn cn=Manager + +${REFINT_CONFIG} + +${MEMBEROF_CONFIG} + +database ldif +suffix cn=Samba +directory ${LDAPDIR}/db/samba +rootdn cn=Manager,cn=Samba + +######################################## +### cn=schema ### +database hdb +suffix ${SCHEMADN} +rootdn cn=Manager,${SCHEMADN} +directory ${LDAPDIR}/db/schema +index objectClass eq +index samAccountName eq +index name eq +index objectCategory eq +index lDAPDisplayName eq +index subClassOf eq +index cn eq +index entryUUID,entryCSN eq + +#syncprov is stable in OpenLDAP 2.3, and available in 2.2. +#We only need this for the contextCSN attribute anyway.... +overlay syncprov +syncprov-sessionlog 100 +# syncprov-checkpoint 100 10 + + +### Multimaster-Replication of cn=schema Subcontext ### +${MMR_SYNCREPL_SCHEMA_CONFIG} +${MIRRORMODE} + +######################################### +### cn=config ### +database hdb +suffix ${CONFIGDN} +rootdn cn=Manager,${CONFIGDN} +directory ${LDAPDIR}/db/config +index objectClass eq +index samAccountName eq +index name eq +index objectSid eq +index objectCategory eq +index nCName eq +index subClassOf eq +index dnsRoot eq +index nETBIOSName eq +index cn eq +index entryUUID,entryCSN eq + +#syncprov is stable in OpenLDAP 2.3, and available in 2.2. +#We only need this for the contextCSN attribute anyway.... +overlay syncprov +syncprov-sessionlog 100 +# syncprov-checkpoint 100 10 + +### Multimaster-Replication of cn=config Subcontext ### +${MMR_SYNCREPL_CONFIG_CONFIG} +${MIRRORMODE} + +######################################## +### cn=users /base-dn ### +database hdb +suffix ${DOMAINDN} +rootdn cn=Manager,${DOMAINDN} +directory ${LDAPDIR}/db/user +index objectClass eq +index samAccountName eq +index name eq +index objectSid eq +index objectCategory eq +index member eq +index uidNumber eq +index gidNumber eq +index nCName eq +index lDAPDisplayName eq +index subClassOf eq +index dnsRoot eq +index nETBIOSName eq +index cn eq +index entryUUID,entryCSN eq + +#syncprov is stable in OpenLDAP 2.3, and available in 2.2. +#We only need this for the contextCSN attribute anyway.... +overlay syncprov +syncprov-sessionlog 100 +# syncprov-checkpoint 100 10 + +### Multimaster-Replication of cn=user/base-dn context ### +${MMR_SYNCREPL_USER_CONFIG} +${MIRRORMODE} diff --git a/source4/setup/tests/blackbox_newuser.sh b/source4/setup/tests/blackbox_newuser.sh new file mode 100755 index 0000000000..d25c70669b --- /dev/null +++ b/source4/setup/tests/blackbox_newuser.sh @@ -0,0 +1,32 @@ +#!/bin/sh + +if [ $# -lt 1 ]; then +cat <<EOF +Usage: blackbox_newuser.sh PREFIX +EOF +exit 1; +fi + +PREFIX="$1" +shift 1 + +. `dirname $0`/../../../testprogs/blackbox/subunit.sh + + +testit "simple-dc" $PYTHON ./setup/provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc + +CONFIG="--configfile=$PREFIX/simple-dc/etc/smb.conf" + +testit "newuser" $PYTHON ./setup/newuser $CONFIG testuser testpass + +# check the enable account script +testit "enableaccount" $PYTHON ./setup/enableaccount $CONFIG testuser + +# check the enable account script +testit "setpassword" $PYTHON ./setup/setpassword $CONFIG testuser --newpassword=testpass2 + +# check the setexpiry script +testit "noexpiry" $PYTHON ./setup/setexpiry $CONFIG testuser --noexpiry +testit "expiry" $PYTHON ./setup/setexpiry $CONFIG testuser --days=7 + +exit $failed diff --git a/source4/setup/tests/blackbox_provision-backend.sh b/source4/setup/tests/blackbox_provision-backend.sh new file mode 100755 index 0000000000..04f22dbf1d --- /dev/null +++ b/source4/setup/tests/blackbox_provision-backend.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +if [ $# -lt 1 ]; then +cat <<EOF +Usage: blackbox_provision.sh PREFIX +EOF +exit 1; +fi + +PREFIX="$1" +shift 1 + +. `dirname $0`/../../../testprogs/blackbox/subunit.sh + +testit "openldap-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend +testit "openldap-mmr-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls='ldap://localdc1:9000,ldap://localdc2:9000,ldap://localdc3:9000' +testit "fedora-ds-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=fedora-ds --targetdir=$PREFIX/fedora-ds-backend + +reprovision() { + $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision + $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend-reprovision +} + +testit "reprovision-backend" reprovision + +exit $failed diff --git a/source4/setup/tests/blackbox_provision.sh b/source4/setup/tests/blackbox_provision.sh new file mode 100755 index 0000000000..1a915aff79 --- /dev/null +++ b/source4/setup/tests/blackbox_provision.sh @@ -0,0 +1,29 @@ +#!/bin/sh + +if [ $# -lt 1 ]; then +cat <<EOF +Usage: blackbox_provision.sh PREFIX +EOF +exit 1; +fi + +PREFIX="$1" +shift 1 + +. `dirname $0`/../../../testprogs/blackbox/subunit.sh + +testit "simple-default" $PYTHON ./setup/provision --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-default +testit "simple-dc" $PYTHON ./setup/provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc +testit "simple-member" $PYTHON ./setup/provision --server-role="member" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-member +testit "simple-standalone" $PYTHON ./setup/provision --server-role="standalone" --domain=FOO --realm=foo.example.com --targetdir=$PREFIX/simple-standalone +testit "blank-dc" $PYTHON ./setup/provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/blank-dc --blank +testit "partitions-only-dc" $PYTHON ./setup/provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/partitions-only-dc --partitions-only + +reprovision() { + $PYTHON ./setup/provision --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision" + $PYTHON ./setup/provision --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/reprovision" +} + +testit "reprovision" reprovision + +exit $failed diff --git a/source4/setup/tests/blackbox_setpassword.sh b/source4/setup/tests/blackbox_setpassword.sh new file mode 100755 index 0000000000..89f1aa5858 --- /dev/null +++ b/source4/setup/tests/blackbox_setpassword.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +if [ $# -lt 1 ]; then +cat <<EOF +Usage: blackbox_setpassword.sh PREFIX +EOF +exit 1; +fi + +PREFIX="$1" +shift 1 + +. `dirname $0`/../../../testprogs/blackbox/subunit.sh + +testit "simple-dc" $PYTHON ./setup/provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc + +testit "newuser" $PYTHON ./setup/newuser --configfile=$PREFIX/simple-dc/etc/smb.conf testuser testpass + +testit "setpassword" $PYTHON ./setup/setpassword --configfile=$PREFIX/simple-dc/etc/smb.conf testuser --newpassword=testpass + +exit $failed diff --git a/source4/setup/upgrade b/source4/setup/upgrade new file mode 100755 index 0000000000..03c6747d4e --- /dev/null +++ b/source4/setup/upgrade @@ -0,0 +1,69 @@ +#!/usr/bin/python +# +# Upgrade from Samba3 +# Copyright Jelmer Vernooij 2005-2007 +# Released under the GNU GPL v3 or later +# +import getopt +import optparse +import os, sys + +# Find right directory when running from source tree +sys.path.insert(0, "bin/python") + +import samba +import samba.getopt as options +from samba import param +from samba.auth import system_session + +parser = optparse.OptionParser("upgrade [options] <libdir> <smbconf>") +sambaopts = options.SambaOptions(parser) +parser.add_option_group(sambaopts) +parser.add_option_group(options.VersionOptions(parser)) +credopts = options.CredentialsOptions(parser) +parser.add_option_group(credopts) +parser.add_option("--setupdir", type="string", metavar="DIR", + help="directory with setup files") +parser.add_option("--realm", type="string", metavar="REALM", help="set realm") +parser.add_option("--quiet", help="Be quiet") +parser.add_option("--blank", + help="do not add users or groups, just the structure") +parser.add_option("--targetdir", type="string", metavar="DIR", + help="Set target directory") + +opts, args = parser.parse_args() + +def message(text): + """Print a message if quiet is not set.""" + if opts.quiet: + print text + +if len(args) < 1: + parser.print_usage() + sys.exit(1) +from samba.samba3 import Samba3 +message("Reading Samba3 databases and smb.conf\n") +libdir = args[0] +if not os.path.isdir(libdir): + print "error: %s is not a directory" + sys.exit(1) +if len(args) > 1: + smbconf = args[1] +else: + smbconf = os.path.join(libdir, "smb.conf") +samba3 = Samba3(libdir, smbconf) + +from samba.upgrade import upgrade_provision + +message("Provisioning\n") + +setup_dir = opts.setupdir +if setup_dir is None: + setup_dir = "setup" + +lp = sambaopts.get_loadparm() +smbconf = lp.configfile() +creds = credopts.get_credentials(lp) + +upgrade_provision(samba3, setup_dir, message, credentials=creds, session_info=system_session(), + smbconf=smbconf, targetdir=opts.targetdir) |