diff options
Diffstat (limited to 'source4/setup')
| -rw-r--r-- | source4/setup/provision.reg | 39 | ||||
| -rw-r--r-- | source4/setup/provision_self_join.ldif | 2 | ||||
| -rw-r--r-- | source4/setup/provision_templates.ldif | 26 | ||||
| -rw-r--r-- | source4/setup/provision_users.ldif | 20 |
4 files changed, 25 insertions, 62 deletions
diff --git a/source4/setup/provision.reg b/source4/setup/provision.reg index 892b5ec50c..b80db09c09 100644 --- a/source4/setup/provision.reg +++ b/source4/setup/provision.reg @@ -2,37 +2,46 @@ REGEDIT4 [HKEY_LOCAL_MACHINE] -[HKEY_LOCAL_MACHINE\System] +[HKEY_LOCAL_MACHINE\SOFTWARE] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet] +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control] +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ProductOptions] +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion] +CurrentVersion=5.2 + +[HKEY_LOCAL_MACHINE\SYSTEM] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control] + +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions] ProductType=LanmanNT -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server] -[HKEY_LOCAL_MACHINE\System] +[HKEY_LOCAL_MACHINE\SYSTEM] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] RefusePasswordChange=REG_DWORD:0 -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\REPLICATOR] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\REPLICATOR] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\REPLICATOR\Parameters] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\REPLICATOR\Parameters] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Alerter] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter] -[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Alerter\Parameters] +[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Alerter\Parameters] [HKEY_USERS] diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif index 58669660f4..503656a9bf 100644 --- a/source4/setup/provision_self_join.ldif +++ b/source4/setup/provision_self_join.ldif @@ -8,7 +8,6 @@ localPolicyFlags: 0 primaryGroupID: 516 accountExpires: 9223372036854775807 sAMAccountName: ${NETBIOSNAME}$ -sAMAccountType: 805306369 operatingSystem: Samba operatingSystemVersion: 4.0 dNSHostName: ${DNSNAME} @@ -33,7 +32,6 @@ description: DNS Service Account userAccountControl: 514 accountExpires: 9223372036854775807 sAMAccountName: dns -sAMAccountType: 805306368 servicePrincipalName: DNS/${DNSDOMAIN} isCriticalSystemObject: TRUE sambaPassword:: ${DNSPASS_B64} diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif index fafedc6966..cc0ab212cd 100644 --- a/source4/setup/provision_templates.ldif +++ b/source4/setup/provision_templates.ldif @@ -18,7 +18,7 @@ objectClass: container description: Container for SAM account templates dn: CN=TemplateUser,CN=Templates -userAccountControl: 514 +userAccountControl: 546 badPwdCount: 0 codePage: 0 countryCode: 0 @@ -29,21 +29,6 @@ pwdLastSet: 0 primaryGroupID: 513 accountExpires: -1 logonCount: 0 -sAMAccountType: 805306368 - -dn: CN=TemplateComputer,CN=Templates -userAccountControl: 4098 -badPwdCount: 0 -codePage: 0 -countryCode: 0 -badPasswordTime: 0 -lastLogoff: 0 -lastLogon: 0 -pwdLastSet: 0 -primaryGroupID: 513 -accountExpires: -1 -logonCount: 0 -sAMAccountType: 805306369 dn: CN=TemplateTrustingDomain,CN=Templates userAccountControl: 2080 @@ -56,18 +41,9 @@ lastLogon: 0 primaryGroupID: 513 accountExpires: -1 logonCount: 0 -sAMAccountType: 805306370 dn: CN=TemplateGroup,CN=Templates groupType: -2147483646 -sAMAccountType: 268435456 - -# Currently this isn't used, we don't have a way to detect it different from an incoming alias -# -# dn: CN=TemplateAlias,CN=Templates -# cn: TemplateAlias -# groupType: -2147483644 -# sAMAccountType: 268435456 dn: CN=TemplateForeignSecurityPrincipal,CN=Templates diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index 05fde15974..4b053d9166 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -44,7 +44,6 @@ objectSid: ${DOMAINSID}-502 adminCount: 1 accountExpires: 9223372036854775807 sAMAccountName: krbtgt -sAMAccountType: 805306368 servicePrincipalName: kadmin/changepw isCriticalSystemObject: TRUE sambaPassword:: ${KRBTGTPASS_B64} @@ -85,7 +84,6 @@ objectClass: group cn: Cert Publishers description: Members of this group are permitted to publish certificates to the Active Directory groupType: 2147483652 -sAMAccountType: 536870912 objectSid: ${DOMAINSID}-517 sAMAccountName: Cert Publishers isCriticalSystemObject: TRUE @@ -136,7 +134,6 @@ cn: RAS and IAS Servers description: Servers in this group can access remote access properties of users objectSid: ${DOMAINSID}-553 sAMAccountName: RAS and IAS Servers -sAMAccountType: 536870912 groupType: 2147483652 isCriticalSystemObject: TRUE @@ -151,7 +148,6 @@ member: CN=Administrator,CN=Users,${DOMAINDN} objectSid: S-1-5-32-544 adminCount: 1 sAMAccountName: Administrators -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -188,7 +184,6 @@ description: Users are prevented from making accidental or intentional system-wi member: CN=Domain Users,CN=Users,${DOMAINDN} objectSid: S-1-5-32-545 sAMAccountName: Users -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -202,7 +197,6 @@ member: CN=Domain Guests,CN=Users,${DOMAINDN} member: CN=Guest,CN=Users,${DOMAINDN} objectSid: S-1-5-32-546 sAMAccountName: Guests -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -215,7 +209,6 @@ description: Members can administer domain printers objectSid: S-1-5-32-550 adminCount: 1 sAMAccountName: Print Operators -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -231,7 +224,6 @@ description: Backup Operators can override security restrictions for the sole pu objectSid: S-1-5-32-551 adminCount: 1 sAMAccountName: Backup Operators -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -248,7 +240,6 @@ description: Supports file replication in a domain objectSid: S-1-5-32-552 adminCount: 1 sAMAccountName: Replicator -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -260,7 +251,6 @@ cn: Remote Desktop Users description: Members in this group are granted the right to logon remotely objectSid: S-1-5-32-555 sAMAccountName: Remote Desktop Users -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -272,7 +262,6 @@ cn: Network Configuration Operators description: Members in this group can have some administrative privileges to manage configuration of networking features objectSid: S-1-5-32-556 sAMAccountName: Network Configuration Operators -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -284,7 +273,6 @@ cn: Performance Monitor Users description: Members of this group have remote access to monitor this computer objectSid: S-1-5-32-558 sAMAccountName: Performance Monitor Users -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -296,7 +284,6 @@ cn: Performance Log Users description: Members of this group have remote access to schedule logging of performance counters on this computer objectSid: S-1-5-32-559 sAMAccountName: Performance Log Users -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -309,7 +296,6 @@ description: Members can administer domain servers objectSid: S-1-5-32-549 adminCount: 1 sAMAccountName: Server Operators -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -328,7 +314,6 @@ description: Members can administer domain user and group accounts objectSid: S-1-5-32-548 adminCount: 1 sAMAccountName: Account Operators -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -341,7 +326,6 @@ cn: Pre-Windows 2000 Compatible Access description: A backward compatibility group which allows read access on all users and groups in the domain objectSid: S-1-5-32-554 sAMAccountName: Pre-Windows 2000 Compatible Access -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -355,7 +339,6 @@ cn: Incoming Forest Trust Builders description: Members of this group can create incoming, one-way trusts to this forest objectSid: S-1-5-32-557 sAMAccountName: Incoming Forest Trust Builders -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -367,7 +350,6 @@ cn: Windows Authorization Access Group description: Members of this group have access to the computed tokenGroupsGlobalAndUniversal attribute on User objects objectSid: S-1-5-32-560 sAMAccountName: Windows Authorization Access Group -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -379,7 +361,6 @@ cn: Terminal Server License Servers description: Terminal Server License Servers objectSid: S-1-5-32-561 sAMAccountName: Terminal Server License Servers -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE @@ -391,7 +372,6 @@ cn: Distributed COM Users description: Members are allowed to launch, activate and use Distributed COM objects on this machine. objectSid: S-1-5-32-562 sAMAccountName: Distributed COM Users -sAMAccountType: 536870912 systemFlags: 2348810240 groupType: 2147483653 isCriticalSystemObject: TRUE |