diff options
Diffstat (limited to 'source4/setup')
-rw-r--r-- | source4/setup/provision.ldif | 38 | ||||
-rw-r--r-- | source4/setup/provision_templates.ldif | 36 | ||||
-rw-r--r-- | source4/setup/provision_users.ldif | 84 |
3 files changed, 80 insertions, 78 deletions
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif index ee62115435..f59d92e769 100644 --- a/source4/setup/provision.ldif +++ b/source4/setup/provision.ldif @@ -9,7 +9,7 @@ dnsDomain: ${DNSDOMAIN} dc: ${RDN_DC} objectGUID: ${DOMAINGUID} creationTime: ${NTTIME} -forceLogoff: 0x8000000000000000 +forceLogoff: 9223372036854775808 lockoutDuration: -18000000000 lockOutObservationWindow: -18000000000 lockoutThreshold: 0 @@ -40,7 +40,7 @@ cn: Users description: Default container for upgraded user accounts instanceType: 4 showInAdvancedViewOnly: FALSE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE allowedChildClassesEffective: user @@ -53,7 +53,7 @@ cn: Computers description: Default container for upgraded computer accounts instanceType: 4 showInAdvancedViewOnly: FALSE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -64,7 +64,7 @@ ou: Domain Controllers description: Default container for domain controllers instanceType: 4 showInAdvancedViewOnly: FALSE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -75,7 +75,7 @@ cn: ForeignSecurityPrincipals description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains instanceType: 4 showInAdvancedViewOnly: FALSE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -86,7 +86,7 @@ cn: System description: Builtin system settings instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -96,7 +96,7 @@ objectclass: rIDManager cn: RID Manager$ instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} @@ -125,7 +125,7 @@ objectclass: infrastructureUpdate cn: Infrastructure instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} @@ -136,7 +136,7 @@ objectClass: builtinDomain cn: Builtin instanceType: 4 showInAdvancedViewOnly: FALSE -forceLogoff: 0x8000000000000000 +forceLogoff: 9223372036854775808 lockoutDuration: -18000000000 lockOutObservationWindow: -18000000000 lockoutThreshold: 0 @@ -174,7 +174,7 @@ objectClass: crossRefContainer cn: Partitions instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x80000000 +systemFlags: 2147483648 objectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,${BASEDN} msDS-Behavior-Version: 0 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} @@ -185,7 +185,7 @@ objectClass: crossRef cn: Enterprise Configuration instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x00000001 +systemFlags: 1 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN} nCName: CN=Configuration,${BASEDN} dnsRoot: ${DNSDOMAIN} @@ -196,7 +196,7 @@ objectClass: crossRef cn: Enterprise Schema instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x00000001 +systemFlags: 1 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN} nCName: CN=Schema,CN=Configuration,${BASEDN} dnsRoot: ${DNSDOMAIN} @@ -207,7 +207,7 @@ objectClass: crossRef cn: ${DOMAIN} instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x00000003 +systemFlags: 3 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN} nCName: ${BASEDN} nETBIOSName: ${DOMAIN} @@ -219,7 +219,7 @@ objectClass: sitesContainer cn: Sites instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x82000000 +systemFlags: 2181038080 objectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,${BASEDN} dn: CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} @@ -228,7 +228,7 @@ objectClass: site cn: ${DEFAULTSITE} instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x82000000 +systemFlags: 2181038080 objectCategory: CN=Site,CN=Schema,CN=Configuration,${BASEDN} dn: CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} @@ -237,7 +237,7 @@ objectClass: serversContainer cn: Servers instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x82000000 +systemFlags: 2181038080 objectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,${BASEDN} dn: CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN} @@ -246,7 +246,7 @@ objectClass: server cn: ${NETBIOSNAME} instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x52000000 +systemFlags: 1375731712 objectCategory: CN=Server,CN=Schema,CN=Configuration,${BASEDN} dNSHostName: ${DNSNAME} serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN} @@ -258,7 +258,7 @@ objectClass: nTDSDSA cn: NTDS Settings instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x02000000 +systemFlags: 33554432 objectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,${BASEDN} dMDLocation: CN=Schema,CN=Configuration,${BASEDN} objectGUID: ${INVOCATIONID} @@ -271,7 +271,7 @@ objectClass: container cn: Services instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x80000000 +systemFlags: 2147483648 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} dn: CN=Windows NT,CN=Services,CN=Configuration,${BASEDN} diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif index 9aa94c9d8c..11501a5b42 100644 --- a/source4/setup/provision_templates.ldif +++ b/source4/setup/provision_templates.ldif @@ -5,7 +5,7 @@ cn: Templates description: Container for SAM account templates instanceType: 4 showInAdvancedViewOnly: TRUE -systemFlags: 0x8c000000 +systemFlags: 2348810240 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -22,7 +22,7 @@ objectClass: Template objectClass: userTemplate cn: TemplateUser instanceType: 4 -userAccountControl: 0x202 +userAccountControl: 514 badPwdCount: 0 codePage: 0 countryCode: 0 @@ -33,7 +33,7 @@ pwdLastSet: 0 primaryGroupID: 513 accountExpires: -1 logonCount: 0 -sAMAccountType: 0x30000000 +sAMAccountType: 805306368 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN} dn: CN=TemplateComputer,CN=Templates,${BASEDN} @@ -44,7 +44,7 @@ objectClass: Template objectClass: userTemplate cn: TemplateComputer instanceType: 4 -userAccountControl: 0x1002 +userAccountControl: 4098 badPwdCount: 0 codePage: 0 countryCode: 0 @@ -55,7 +55,7 @@ pwdLastSet: 0 primaryGroupID: 513 accountExpires: -1 logonCount: 0 -sAMAccountType: 0x30000001 +sAMAccountType: 805306369 objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN} dn: CN=TemplateTrustingDomain,CN=Templates,${BASEDN} @@ -64,7 +64,7 @@ objectClass: Template objectClass: userTemplate cn: TemplateTrustingDomain instanceType: 4 -userAccountControl: 0x820 +userAccountControl: 2080 badPwdCount: 0 codePage: 0 countryCode: 0 @@ -75,7 +75,7 @@ pwdLastSet: 0 primaryGroupID: 513 accountExpires: -1 logonCount: 0 -sAMAccountType: 0x30000002 +sAMAccountType: 805306370 dn: CN=TemplateGroup,CN=Templates,${BASEDN} objectClass: top @@ -83,18 +83,20 @@ objectClass: Template objectClass: groupTemplate cn: TemplateGroup instanceType: 4 -groupType: 0x80000002 -sAMAccountType: 0x10000000 +groupType: -2147483646 +sAMAccountType: 268435456 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} -dn: CN=TemplateAlias,CN=Templates,${BASEDN} -objectClass: top -objectClass: Template -objectClass: aliasTemplate -cn: TemplateAlias -instanceType: 4 -groupType: 0x80000004 -sAMAccountType: 0x10000000 +# Currently this isn't used, we don't have a way to detect it different from an incoming alias +# +# dn: CN=TemplateAlias,CN=Templates,${BASEDN} +# objectClass: top +# objectClass: Template +# objectClass: aliasTemplate +# cn: TemplateAlias +# instanceType: 4 +# groupType: -2147483644 +# sAMAccountType: 268435456 dn: CN=TemplateForeignSecurityPrincipal,CN=Templates,${BASEDN} objectClass: top diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index 652c0b6494..dc7bc016d5 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -7,7 +7,7 @@ memberOf: CN=Domain Admins,CN=Users,${BASEDN} memberOf: CN=Enterprise Admins,CN=Users,${BASEDN} memberOf: CN=Schema Admins,CN=Users,${BASEDN} memberOf: CN=Administrators,CN=Builtin,${BASEDN} -userAccountControl: 0x10200 +userAccountControl: 66048 objectSid: ${DOMAINSID}-500 adminCount: 1 accountExpires: -1 @@ -20,7 +20,7 @@ objectClass: user cn: Guest description: Built-in account for guest access to the computer/domain memberOf: CN=Guests,CN=Builtin,${BASEDN} -userAccountControl: 0x10222 +userAccountControl: 66082 primaryGroupID: 514 objectSid: ${DOMAINSID}-501 sAMAccountName: Guest @@ -37,9 +37,9 @@ member: CN=Administrator,CN=Users,${BASEDN} objectSid: S-1-5-32-544 adminCount: 1 sAMAccountName: Administrators -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE privilege: SeSecurityPrivilege @@ -99,9 +99,9 @@ description: Users are prevented from making accidental or intentional system-wi member: CN=Domain Users,CN=Users,${BASEDN} objectSid: S-1-5-32-545 sAMAccountName: Users -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -114,9 +114,9 @@ member: CN=Domain Guests,CN=Users,${BASEDN} member: CN=Guest,CN=Users,${BASEDN} objectSid: S-1-5-32-546 sAMAccountName: Guests -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -128,9 +128,9 @@ description: Members can administer domain printers objectSid: S-1-5-32-550 adminCount: 1 sAMAccountName: Print Operators -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE privilege: SeLoadDriverPrivilege @@ -145,9 +145,9 @@ description: Backup Operators can override security restrictions for the sole pu objectSid: S-1-5-32-551 adminCount: 1 sAMAccountName: Backup Operators -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE privilege: SeBackupPrivilege @@ -163,9 +163,9 @@ description: Supports file replication in a domain objectSid: S-1-5-32-552 adminCount: 1 sAMAccountName: Replicator -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -176,9 +176,9 @@ cn: Remote Desktop Users description: Members in this group are granted the right to logon remotely objectSid: S-1-5-32-555 sAMAccountName: Remote Desktop Users -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -189,9 +189,9 @@ cn: Network Configuration Operators description: Members in this group can have some administrative privileges to manage configuration of networking features objectSid: S-1-5-32-556 sAMAccountName: Network Configuration Operators -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -202,9 +202,9 @@ cn: Performance Monitor Users description: Members of this group have remote access to monitor this computer objectSid: S-1-5-32-558 sAMAccountName: Performance Monitor Users -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -215,9 +215,9 @@ cn: Performance Log Users description: Members of this group have remote access to schedule logging of performance counters on this computer objectSid: S-1-5-32-559 sAMAccountName: Performance Log Users -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -287,8 +287,8 @@ objectClass: top objectClass: group cn: Cert Publishers description: Members of this group are permitted to publish certificates to the Active Directory -groupType: 0x80000004 -sAMAccountType: 0x20000000 +groupType: 2147483652 +sAMAccountType: 536870912 objectSid: ${DOMAINSID}-517 sAMAccountName: Cert Publishers objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} @@ -345,8 +345,8 @@ description: Servers in this group can access remote access properties of users instanceType: 4 objectSid: ${DOMAINSID}-553 sAMAccountName: RAS and IAS Servers -sAMAccountType: 0x20000000 -groupType: 0x80000004 +sAMAccountType: 536870912 +groupType: 2147483652 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE @@ -359,9 +359,9 @@ instanceType: 4 objectSid: S-1-5-32-549 adminCount: 1 sAMAccountName: Server Operators -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE privilege: SeBackupPrivilege @@ -380,9 +380,9 @@ instanceType: 4 objectSid: S-1-5-32-548 adminCount: 1 sAMAccountName: Account Operators -sAMAccountType: 0x20000000 -systemFlags: 0x8c000000 -groupType: 0x80000005 +sAMAccountType: 536870912 +systemFlags: 2348810240 +groupType: 2147483653 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN} isCriticalSystemObject: TRUE privilege: SeInteractiveLogonRight |