diff options
Diffstat (limited to 'source4/setup')
| -rw-r--r-- | source4/setup/mmr_serverids.conf | 2 | ||||
| -rw-r--r-- | source4/setup/mmr_syncrepl.conf | 12 | ||||
| -rwxr-xr-x | source4/setup/provision-backend | 7 | ||||
| -rw-r--r-- | source4/setup/provision_index.ldif | 19 | ||||
| -rw-r--r-- | source4/setup/provision_init.ldif | 7 | ||||
| -rw-r--r-- | source4/setup/provision_templates.ldif | 10 | ||||
| -rw-r--r-- | source4/setup/provision_templates_init.ldif | 10 | ||||
| -rw-r--r-- | source4/setup/provision_users.ldif | 38 | ||||
| -rw-r--r-- | source4/setup/schema-map-openldap-2.3 | 3 | ||||
| -rw-r--r-- | source4/setup/schema.ldif | 549 | ||||
| -rw-r--r-- | source4/setup/slapd.conf | 36 | ||||
| -rwxr-xr-x | source4/setup/tests/blackbox_provision-backend.sh | 1 |
12 files changed, 92 insertions, 602 deletions
diff --git a/source4/setup/mmr_serverids.conf b/source4/setup/mmr_serverids.conf new file mode 100644 index 0000000000..c6d14010b4 --- /dev/null +++ b/source4/setup/mmr_serverids.conf @@ -0,0 +1,2 @@ +# Generated from template mmr_serverids.conf +ServerID ${SERVERID} "${LDAPSERVER}" diff --git a/source4/setup/mmr_syncrepl.conf b/source4/setup/mmr_syncrepl.conf new file mode 100644 index 0000000000..5fa8b8f8a0 --- /dev/null +++ b/source4/setup/mmr_syncrepl.conf @@ -0,0 +1,12 @@ +# Generated from template mmr_syncrepl.conf + +syncrepl rid=${RID} + provider="${LDAPSERVER}" + searchbase="${MMRDN}" + type=refreshAndPersist + retry="10 +" + bindmethod=simple + binddn="CN=Manager,${MMRDN}" + credentials="${MMR_PASSWORD}" + + diff --git a/source4/setup/provision-backend b/source4/setup/provision-backend index 845dc8679a..0943da29b6 100755 --- a/source4/setup/provision-backend +++ b/source4/setup/provision-backend @@ -64,6 +64,9 @@ parser.add_option("--server-role", type="choice", metavar="ROLE", help="Set server role to provision for (default standalone)") parser.add_option("--targetdir", type="string", metavar="DIR", help="Set target directory") +parser.add_option("--ol-mmr-urls", type="string", metavar="LDAPSERVER", + help="List of LDAP-URLS [ ldap://<FQDN>:port/ (where port != 389) ] separated with whitespaces for use with OpenLDAP-MMR") + opts = parser.parse_args()[0] @@ -99,4 +102,6 @@ provision_backend(setup_dir=setup_dir, message=message, smbconf=smbconf, targetd adminpass=opts.ldap_admin_pass, root=opts.root, serverrole=server_role, ldap_backend_type=opts.ldap_backend_type, - ldap_backend_port=opts.ldap_backend_port) + ldap_backend_port=opts.ldap_backend_port, + ol_mmr_urls=opts.ol_mmr_urls) + diff --git a/source4/setup/provision_index.ldif b/source4/setup/provision_index.ldif deleted file mode 100644 index 95970817f3..0000000000 --- a/source4/setup/provision_index.ldif +++ /dev/null @@ -1,19 +0,0 @@ -dn: @INDEXLIST -@IDXATTR: name -@IDXATTR: cn -@IDXATTR: userPrincipalName -@IDXATTR: servicePrincipalName -@IDXATTR: sAMAccountName -@IDXATTR: objectSid -@IDXATTR: objectCategory -@IDXATTR: member -@IDXATTR: uidNumber -@IDXATTR: gidNumber -@IDXATTR: unixName -@IDXATTR: privilege -@IDXATTR: nCName -@IDXATTR: lDAPDisplayName -@IDXATTR: subClassOf -@IDXATTR: dnsRoot -@IDXATTR: nETBIOSName -@IDXATTR: objectGUID diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif index 65a12f1afa..a6c591dd51 100644 --- a/source4/setup/provision_init.ldif +++ b/source4/setup/provision_init.ldif @@ -1,3 +1,8 @@ +#These attributes are only used as far as the bootstrapping of the +# schema. After that, the attributes from the schema are used. +# +# Therefore, they must strictly match the schema + dn: @ATTRIBUTES userPrincipalName: CASE_INSENSITIVE servicePrincipalName: CASE_INSENSITIVE @@ -7,6 +12,8 @@ nETBIOSName: CASE_INSENSITIVE cn: CASE_INSENSITIVE dc: CASE_INSENSITIVE name: CASE_INSENSITIVE +lDAPDisplayName: CASE_INSENSITIVE +subClassOf: CASE_INSENSITIVE dn: CASE_INSENSITIVE sAMAccountName: CASE_INSENSITIVE objectClass: CASE_INSENSITIVE diff --git a/source4/setup/provision_templates.ldif b/source4/setup/provision_templates.ldif index 8f4ed08252..04257549d5 100644 --- a/source4/setup/provision_templates.ldif +++ b/source4/setup/provision_templates.ldif @@ -2,16 +2,6 @@ # Templates to be put in templates.ldb. Not part of main samdb any more. ### -dn: @OPTIONS -checkBaseOnSearch: TRUE - -dn: @INDEXLIST -@IDXATTR: cn - -dn: @ATTRIBUTES -cn: CASE_INSENSITIVE -dn: CASE_INSENSITIVE - dn: CN=Templates objectClass: top objectClass: container diff --git a/source4/setup/provision_templates_init.ldif b/source4/setup/provision_templates_init.ldif new file mode 100644 index 0000000000..6d6a3c228c --- /dev/null +++ b/source4/setup/provision_templates_init.ldif @@ -0,0 +1,10 @@ +dn: @OPTIONS +checkBaseOnSearch: TRUE + +dn: @INDEXLIST +@IDXATTR: cn + +dn: @ATTRIBUTES +cn: CASE_INSENSITIVE +dn: CASE_INSENSITIVE + diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index 641247cf22..854c42d07c 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -83,7 +83,7 @@ objectClass: top objectClass: group cn: Cert Publishers description: Members of this group are permitted to publish certificates to the Active Directory -groupType: 2147483652 +groupType: -2147483644 objectSid: ${DOMAINSID}-517 sAMAccountName: Cert Publishers isCriticalSystemObject: TRUE @@ -134,7 +134,7 @@ cn: RAS and IAS Servers description: Servers in this group can access remote access properties of users objectSid: ${DOMAINSID}-553 sAMAccountName: RAS and IAS Servers -groupType: 2147483652 +groupType: -2147483644 isCriticalSystemObject: TRUE dn: CN=Administrators,CN=Builtin,${DOMAINDN} @@ -149,7 +149,7 @@ objectSid: S-1-5-32-544 adminCount: 1 sAMAccountName: Administrators systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE privilege: SeSecurityPrivilege privilege: SeBackupPrivilege @@ -185,7 +185,7 @@ member: CN=Domain Users,CN=Users,${DOMAINDN} objectSid: S-1-5-32-545 sAMAccountName: Users systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Guests,CN=Builtin,${DOMAINDN} @@ -198,7 +198,7 @@ member: CN=Guest,CN=Users,${DOMAINDN} objectSid: S-1-5-32-546 sAMAccountName: Guests systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Print Operators,CN=Builtin,${DOMAINDN} @@ -210,7 +210,7 @@ objectSid: S-1-5-32-550 adminCount: 1 sAMAccountName: Print Operators systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE privilege: SeLoadDriverPrivilege privilege: SeShutdownPrivilege @@ -225,7 +225,7 @@ objectSid: S-1-5-32-551 adminCount: 1 sAMAccountName: Backup Operators systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE privilege: SeBackupPrivilege privilege: SeRestorePrivilege @@ -241,7 +241,7 @@ objectSid: S-1-5-32-552 adminCount: 1 sAMAccountName: Replicator systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Remote Desktop Users,CN=Builtin,${DOMAINDN} @@ -252,7 +252,7 @@ description: Members in this group are granted the right to logon remotely objectSid: S-1-5-32-555 sAMAccountName: Remote Desktop Users systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Network Configuration Operators,CN=Builtin,${DOMAINDN} @@ -263,7 +263,7 @@ description: Members in this group can have some administrative privileges to ma objectSid: S-1-5-32-556 sAMAccountName: Network Configuration Operators systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Performance Monitor Users,CN=Builtin,${DOMAINDN} @@ -274,7 +274,7 @@ description: Members of this group have remote access to monitor this computer objectSid: S-1-5-32-558 sAMAccountName: Performance Monitor Users systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Performance Log Users,CN=Builtin,${DOMAINDN} @@ -285,7 +285,7 @@ description: Members of this group have remote access to schedule logging of per objectSid: S-1-5-32-559 sAMAccountName: Performance Log Users systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Server Operators,CN=Builtin,${DOMAINDN} @@ -297,7 +297,7 @@ objectSid: S-1-5-32-549 adminCount: 1 sAMAccountName: Server Operators systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE privilege: SeBackupPrivilege privilege: SeSystemtimePrivilege @@ -315,7 +315,7 @@ objectSid: S-1-5-32-548 adminCount: 1 sAMAccountName: Account Operators systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE privilege: SeInteractiveLogonRight @@ -327,7 +327,7 @@ description: A backward compatibility group which allows read access on all user objectSid: S-1-5-32-554 sAMAccountName: Pre-Windows 2000 Compatible Access systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE privilege: SeRemoteInteractiveLogonRight privilege: SeChangeNotifyPrivilege @@ -340,7 +340,7 @@ description: Members of this group can create incoming, one-way trusts to this f objectSid: S-1-5-32-557 sAMAccountName: Incoming Forest Trust Builders systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Windows Authorization Access Group,CN=Builtin,${DOMAINDN} @@ -351,7 +351,7 @@ description: Members of this group have access to the computed tokenGroupsGlobal objectSid: S-1-5-32-560 sAMAccountName: Windows Authorization Access Group systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Terminal Server License Servers,CN=Builtin,${DOMAINDN} @@ -362,7 +362,7 @@ description: Terminal Server License Servers objectSid: S-1-5-32-561 sAMAccountName: Terminal Server License Servers systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=Distributed COM Users,CN=Builtin,${DOMAINDN} @@ -373,7 +373,7 @@ description: Members are allowed to launch, activate and use Distributed COM obj objectSid: S-1-5-32-562 sAMAccountName: Distributed COM Users systemFlags: 2348810240 -groupType: 2147483653 +groupType: -2147483643 isCriticalSystemObject: TRUE dn: CN=WellKnown Security Principals,${CONFIGDN} diff --git a/source4/setup/schema-map-openldap-2.3 b/source4/setup/schema-map-openldap-2.3 index f5279616d1..7de2e67b5e 100644 --- a/source4/setup/schema-map-openldap-2.3 +++ b/source4/setup/schema-map-openldap-2.3 @@ -39,3 +39,6 @@ modifyTimeStamp:samba4ModifyTimestamp 1.2.840.113556.1.4.903:1.3.6.1.4.1.1466.115.121.1.12 #Treat Security Descriptors as binary 1.2.840.113556.1.4.907:1.3.6.1.4.1.1466.115.121.1.40 +#Treat OIDs as case insensitive strings (as otherwise ldap class and +#attribute names, declared at OIDs fail +1.3.6.1.4.1.1466.115.121.1.38:1.3.6.1.4.1.1466.115.121.1.44 diff --git a/source4/setup/schema.ldif b/source4/setup/schema.ldif index e96cf5f5fc..40ef709ac3 100644 --- a/source4/setup/schema.ldif +++ b/source4/setup/schema.ldif @@ -10376,552 +10376,3 @@ defaultObjectCategory: CN=Group-Policy-Container,${SCHEMADN} dn: CN=Aggregate,${SCHEMADN} objectClass: top objectClass: subSchema -objectClasses: ( 2.5.6.0 NAME 'top' SUP top ABSTRACT MUST ( objectClass $ objectCategory $ nTSecurityDescriptor $ instanceType ) MAY ( url $ wWWHomePage $ whenCreated $ whenChanged $ wellKnownObjects $ wbemPath $ uSNSource $ uSNLastObjRem $ USNIntersite $ uSNDSALastObjRemoved $ uSNCreated $ uSNChanged $ systemFlags $ subSchemaSubEntry $ subRefs $ structuralObjectClass $ siteObjectBL $ serverReferenceBL $ sDRightsEffective $ revision $ repsTo $ repsFrom $ directReports $ replUpToDateVector $ replPropertyMetaData $ name $ queryPolicyBL $ proxyAddresses $ proxiedObjectName $ possibleInferiors $ partialAttributeSet $ partialAttributeDeletionList $ otherWellKnownObjects $ objectVersion $ objectGUID $ distinguishedName $ nonSecurityMemberBL $ netbootSCPBL $ ownerBL $ msDS-ReplValueMetaData $ msDS-ReplAttributeMetaData $ msDS-NonMembersBL $ msDS-NCReplOutboundNeighbors $ msDS-NCReplInboundNeighbors $ msDS-NCReplCursors $ msDS-TasksForAzRoleBL $ msDS-TasksForAzTaskBL $ msDS-OperationsForAzRoleBL $ msDS-OperationsForAzTaskBL $ msDS-MembersForAzRoleBL $ msDs-masteredBy $ mS-DS-ConsistencyGuid $ mS-DS-ConsistencyChildCount $ msDS-Approx-Immed-Subordinates $ msCOM-PartitionSetLink $ msCOM-UserLink $ modifyTimeStamp $ masteredBy $ managedObjects $ lastKnownParent $ isPrivilegeHolder $ memberOf $ isDeleted $ isCriticalSystemObject $ showInAdvancedViewOnly $ fSMORoleOwner $ fRSMemberReferenceBL $ frsComputerReferenceBL $ fromEntry $ flags $ extensionName $ dSASignature $ dSCorePropagationData $ displayNamePrintable $ displayName $ description $ createTimeStamp $ cn $ canonicalName $ bridgeheadServerListBL $ allowedChildClassesEffective $ allowedChildClasses $ allowedAttributesEffective $ allowedAttributes $ adminDisplayName $ adminDescription $ msDS-ObjectReferenceBL ) ) -objectClasses: ( 1.2.840.113556.1.5.120 NAME 'ipsecISAKMPPolicy' SUP ipsecBase STRUCTURAL ) -objectClasses: ( 1.2.840.113556.1.5.67 NAME 'domainDNS' SUP domain STRUCTURAL MAY ( msDS-Behavior-Version $ msDS-AllowedDNSSuffixes $ managedBy ) ) -objectClasses: ( 1.2.840.113556.1.5.235 NAME 'msDS-AzApplication' SUP top STRUCTURAL MAY ( msDS-AzApplicationData $ msDS-AzGenerateAudits $ msDS-AzApplicationVersion $ msDS-AzClassId $ msDS-AzApplicationName $ description ) ) -objectClasses: ( 1.2.840.113556.1.5.4 NAME 'builtinDomain' SUP top STRUCTURAL ) -objectClasses: ( 1.2.840.113556.1.5.175 NAME 'infrastructureUpdate' SUP top STRUCTURAL MAY ( dNReferenceUpdate ) ) -objectClasses: ( 1.2.840.113556.1.5.12 NAME 'configuration' SUP top STRUCTURAL MUST ( cn ) MAY ( gPOptions $ gPLink ) ) -objectClasses: ( 1.2.840.113556.1.3.11 NAME 'crossRef' SUP top STRUCTURAL MUST ( nCName $ dnsRoot $ cn ) MAY ( trustParent $ superiorDNSRoot $ rootTrust $ nTMixedDomain $ nETBIOSName $ Enabled $ msDS-SDReferenceDomain $ msDS-Replication-Notify-Subsequent-DSA-Delay $ msDS-Replication-Notify-First-DSA-Delay $ msDS-NC-Replica-Locations $ msDS-DnsRootAlias $ msDS-Behavior-Version ) ) -objectClasses: ( 1.2.840.113556.1.5.83 NAME 'rIDManager' SUP top STRUCTURAL MUST ( rIDAvailablePool ) ) -objectClasses: ( 1.2.840.113556.1.5.84 NAME 'displaySpecifier' SUP top STRUCTURAL MAY ( treatAsLeaf $ shellPropertyPages $ shellContextMenu $ scopeFlags $ queryFilter $ iconPath $ extraColumns $ creationWizard $ createWizardExt $ createDialog $ contextMenu $ classDisplayName $ attributeDisplayNames $ adminPropertyPages $ adminMultiselectPropertyPages $ adminContextMenu ) ) -objectClasses: ( 1.2.840.113556.1.5.7000.56 NAME 'ipsecBase' SUP top ABSTRACT MAY ( ipsecOwnersReference $ ipsecName $ ipsecID $ ipsecDataType $ ipsecData ) ) -objectClasses: ( 1.2.840.113556.1.5.237 NAME 'msDS-AzScope' SUP top STRUCTURAL MUST ( msDS-AzScopeName ) MAY ( msDS-AzApplicationData $ description ) ) -objectClasses: ( 2.5.6.3 NAME 'locality' SUP top STRUCTURAL MUST ( l ) MAY ( street $ st $ seeAlso $ searchGuide ) ) -objectClasses: ( 1.2.840.113556.1.5.7000.53 NAME 'crossRefContainer' SUP top STRUCTURAL MAY ( msDS-SPNSuffixes $ uPNSuffixes $ msDS-UpdateScript $ msDS-ExecuteScriptPassword $ msDS-Behavior-Version ) ) -objectClasses: ( 1.2.840.113556.1.5.106 NAME 'queryPolicy' SUP top STRUCTURAL MAY ( lDAPIPDenyList $ lDAPAdminLimits ) ) -objectClasses: ( 1.2.840.113556.1.5.95 NAME 'subnetContainer' SUP top STRUCTURAL ) -objectClasses: ( 1.2.840.113556.1.5.7000.47 NAME 'nTDSDSA' SUP applicationSettings STRUCTURAL MAY ( serverReference $ msDS-RetiredReplNCSignatures $ retiredReplDSASignatures $ queryPolicyObject $ options $ networkAddress $ msDS-ReplicationEpoch $ msDS-HasInstantiatedNCs $ msDS-hasMasterNCs $ msDS-HasDomainNCs $ msDS-Behavior-Version $ managedBy $ lastBackupRestorationTime $ invocationId $ hasPartialReplicaNCs $ hasMasterNCs $ fRSRootPath $ dMDLocation ) ) -objectClasses: ( 1.2.840.113556.1.5.3 NAME 'samDomain' SUP top AUXILIARY MAY ( treeName $ rIDManagerReference $ replicaSource $ pwdProperties $ pwdHistoryLength $ privateKey $ pekList $ pekKeyChangeInterval $ nTMixedDomain $ nextRid $ nETBIOSName $ msDS-PerUserTrustTombstonesQuota $ msDS-PerUserTrustQuota $ ms-DS-MachineAccountQuota $ msDS-LogonTimeSyncInterval $ msDS-AllUsersTrustQuota $ modifiedCountAtLastProm $ minPwdLength $ minPwdAge $ maxPwdAge $ lSAModifiedCount $ lSACreationTime $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ gPOptions $ gPLink $ eFSPolicy $ domainPolicyObject $ desktopProfile $ description $ defaultLocalPolicyObject $ creationTime $ controlAccessRights $ cACertificate $ builtinModifiedCount $ builtinCreationTime $ auditingPolicy ) ) -objectClasses: ( 1.2.840.113556.1.5.2 NAME 'samDomainBase' SUP top AUXILIARY MAY ( uASCompat $ serverState $ serverRole $ revision $ pwdProperties $ pwdHistoryLength $ oEMInformation $ objectSid $ nTSecurityDescriptor $ nextRid $ modifiedCountAtLastProm $ modifiedCount $ minPwdLength $ minPwdAge $ maxPwdAge $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ forceLogoff $ domainReplica $ creationTime ) ) -objectClasses: ( 2.5.6.2 NAME 'country' SUP top MUST ( c ) MAY ( co $ searchGuide ) ) -objectClasses: ( 2.5.6.5 NAME 'organizationalUnit' SUP top STRUCTURAL MUST ( ou ) MAY ( x121Address $ userPassword $ uPNSuffixes $ co $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ street $ st $ seeAlso $ searchGuide $ registeredAddress $ preferredDeliveryMethod $ postalCode $ postalAddress $ postOfficeBox $ physicalDeliveryOfficeName $ msCOM-UserPartitionSetLink $ managedBy $ thumbnailLogo $ l $ internationalISDNNumber $ gPOptions $ gPLink $ facsimileTelephoneNumber $ destinationIndicator $ desktopProfile $ defaultGroup $ countryCode $ c $ businessCategory ) ) -objectClasses: ( 1.2.840.113556.1.5.121 NAME 'ipsecNFA' SUP ipsecBase STRUCTURAL MAY ( ipsecNegotiationPolicyReference $ ipsecFilterReference ) ) -objectClasses: ( 1.2.840.113556.1.5.139 NAME 'lostAndFound' SUP top STRUCTURAL MAY ( moveTreeState ) ) -objectClasses: ( 2.5.6.7 NAME 'organizationalPerson' SUP person MAY ( x121Address $ comment $ title $ co $ primaryTelexNumber $ telexNumber $ teletexTerminalIdentifier $ street $ st $ registeredAddress $ preferredDeliveryMethod $ postalCode $ postalAddress $ postOfficeBox $ thumbnailPhoto $ physicalDeliveryOfficeName $ pager $ otherPager $ otherTelephone $ mobile $ otherMobile $ primaryInternationalISDNNumber $ ipPhone $ otherIpPhone $ otherHomePhone $ homePhone $ otherFacsimileTelephoneNumber $ personalTitle $ middleName $ otherMailbox $ ou $ o $ mhsORAddress $ msDS-AllowedToDelegateTo $ manager $ thumbnailLogo $ l $ internationalISDNNumber $ initials $ givenName $ generationQualifier $ facsimileTelephoneNumber $ employeeID $ mail $ division $ destinationIndicator $ department $ c $ countryCode $ company $ assistant $ streetAddress $ houseIdentifier $ msExchHouseIdentifier $ homePostalAddress ) ) -objectClasses: ( 1.2.840.113556.1.3.14 NAME 'attributeSchema' SUP top STRUCTURAL MUST ( schemaIDGUID $ oMSyntax $ lDAPDisplayName $ isSingleValued $ cn $ attributeSyntax $ attributeID ) MAY ( systemOnly $ searchFlags $ schemaFlagsEx $ rangeUpper $ rangeLower $ oMObjectClass $ msDs-Schema-Extensions $ msDS-IntId $ mAPIID $ linkID $ isMemberOfPartialAttributeSet $ isEphemeral $ isDefunct $ extendedCharsAllowed $ classDisplayName $ attributeSecurityGUID ) ) -objectClasses: ( 1.2.840.113556.1.5.72 NAME 'nTDSService' SUP top STRUCTURAL MAY ( tombstoneLifetime $ sPNMappings $ replTopologyStayOfExecution $ msDS-Other-Settings $ garbageCollPeriod $ dSHeuristics ) ) -objectClasses: ( 1.2.840.113556.1.5.7000.48 NAME 'serversContainer' SUP top STRUCTURAL ) -objectClasses: ( 1.2.840.113556.1.3.30 NAME 'computer' SUP user STRUCTURAL MAY ( volumeCount $ siteGUID $ rIDSetReferences $ policyReplicationFlags $ physicalLocationObject $ operatingSystemVersion $ operatingSystemServicePack $ operatingSystemHotfix $ operatingSystem $ networkAddress $ netbootSIFFile $ netbootMirrorDataFile $ netbootMachineFilePath $ netbootInitialization $ netbootGUID $ msDS-AdditionalSamAccountName $ msDS-AdditionalDnsHostName $ managedBy $ machineRole $ location $ localPolicyFlags $ dNSHostName $ defaultLocalPolicyObject $ cn $ catalogs ) ) -objectClasses: ( 2.5.6.6 NAME 'person' SUP top MUST ( cn ) MAY ( userPassword $ telephoneNumber $ sn $ serialNumber $ seeAlso $ attributeCertificateAttribute ) ) -objectClasses: ( 1.2.840.113556.1.5.98 NAME 'ipsecPolicy' SUP ipsecBase STRUCTURAL MAY ( ipsecNFAReference $ ipsecISAKMPReference ) ) -objectClasses: ( 1.2.840.113556.1.3.23 NAME 'container' SUP top STRUCTURAL MUST ( cn ) MAY ( schemaVersion $ defaultClassStore $ msDS-ObjectReference ) ) -objectClasses: ( 1.2.840.113556.1.5.31 NAME 'site' SUP top STRUCTURAL MAY ( notificationList $ mSMQSiteID $ mSMQSiteForeign $ mSMQNt4Stub $ mSMQInterval2 $ mSMQInterval1 $ managedBy $ location $ gPOptions $ gPLink ) ) -objectClasses: ( 2.5.6.4 NAME 'organization' SUP top STRUCTURAL MUST ( o ) MAY ( x121Address $ userPassword $ telexNumber $ teletexTerminalIdentifier $ telephoneNumber $ street $ st $ seeAlso $ searchGuide $ registeredAddress $ preferredDeliveryMethod $ postalCode $ postalAddress $ postOfficeBox $ physicalDeliveryOfficeName $ l $ internationalISDNNumber $ facsimileTelephoneNumber $ destinationIndicator $ businessCategory ) ) -objectClasses: ( 1.2.840.113556.1.5.234 NAME 'msDS-AzAdminManager' SUP top STRUCTURAL MAY ( msDS-AzMinorVersion $ msDS-AzMajorVersion $ msDS-AzApplicationData $ msDS-AzGenerateAudits $ msDS-AzScriptTimeout $ msDS-AzScriptEngineCacheMax $ msDS-AzDomainTimeout $ description ) ) -objectClasses: ( 1.2.840.113556.1.5.6 NAME 'securityPrincipal' SUP top AUXILIARY MUST ( sAMAccountName $ objectSid ) MAY ( supplementalCredentials $ sIDHistory $ securityIdentifier $ sAMAccountType $ rid $ tokenGroupsNoGCAcceptable $ tokenGroupsGlobalAndUniversal $ tokenGroups $ nTSecurityDescriptor $ msDS-KeyVersionNumber $ altSecurityIdentities $ accountNameHistory ) ) -objectClasses: ( 1.2.840.113556.1.5.7000.49 NAME 'applicationSettings' SUP top ABSTRACT MAY ( notificationList $ msDS-Settings $ applicationName ) ) -objectClasses: ( 1.2.840.113556.1.3.13 NAME 'classSchema' SUP top STRUCTURAL MUST ( subClassOf $ schemaIDGUID $ objectClassCategory $ governsID $ defaultObjectCategory $ cn ) MAY ( systemPossSuperiors $ systemOnly $ systemMustContain $ systemMayContain $ systemAuxiliaryClass $ schemaFlagsEx $ rDNAttID $ possSuperiors $ mustContain $ msDs-Schema-Extensions $ msDS-IntId $ mayContain $ lDAPDisplayName $ isDefunct $ defaultSecurityDescriptor $ defaultHidingValue $ classDisplayName $ auxiliaryClass ) ) -objectClasses: ( 1.2.840.113556.1.5.9 NAME 'user' SUP organizationalPerson STRUCTURAL MAY ( pager $ o $ mobile $ manager $ mail $ initials $ homePhone $ businessCategory $ userCertificate $ userWorkstations $ userSharedFolderOther $ userSharedFolder $ userPrincipalName $ userParameters $ userAccountControl $ unicodePwd $ terminalServer $ servicePrincipalName $ scriptPath $ pwdLastSet $ profilePath $ primaryGroupID $ preferredOU $ otherLoginWorkstations $ operatorCount $ ntPwdHistory $ networkAddress $ msRASSavedFramedRoute $ msRASSavedFramedIPAddress $ msRASSavedCallbackNumber $ msRADIUSServiceType $ msRADIUSFramedRoute $ msRADIUSFramedIPAddress $ msRADIUSCallbackNumber $ msNPSavedCallingStationID $ msNPCallingStationID $ msNPAllowDialin $ mSMQSignCertificatesMig $ mSMQSignCertificates $ mSMQDigestsMig $ mSMQDigests $ msIIS-FTPRoot $ msIIS-FTPDir $ msDS-User-Account-Control-Computed $ msDS-Site-Affinity $ mS-DS-CreatorSID $ msDS-Cached-Membership-Time-Stamp $ msDS-Cached-Membership $ msDRM-IdentityCertificate $ msCOM-UserPartitionSetLink $ maxStorage $ logonWorkstation $ logonHours $ logonCount $ lockoutTime $ localeID $ lmPwdHistory $ lastLogonTimestamp $ lastLogon $ lastLogoff $ homeDrive $ homeDirectory $ groupsToIgnore $ groupPriority $ groupMembershipSAM $ dynamicLDAPServer $ desktopProfile $ defaultClassStore $ dBCSPwd $ controlAccessRights $ codePage $ badPwdCount $ badPasswordTime $ adminCount $ aCSPolicyName $ accountExpires $ x500uniqueIdentifier $ userSMIMECertificate $ userPKCS12 $ uid $ secretary $ roomNumber $ preferredLanguage $ photo $ labeledURI $ jpegPhoto $ homePostalAddress $ givenName $ employeeType $ employeeNumber $ displayName $ departmentNumber $ carLicense $ audio ) ) -objectClasses: ( 1.2.840.113556.1.3.9 NAME 'dMD' SUP top STRUCTURAL MUST ( cn ) MAY ( schemaUpdate $ schemaInfo $ prefixMap $ msDs-Schema-Extensions $ msDS-IntId $ dmdName ) ) -objectClasses: ( 1.2.840.113556.1.5.20 NAME 'leaf' SUP top ABSTRACT ) -objectClasses: ( 1.2.840.113556.1.5.28 NAME 'secret' SUP leaf STRUCTURAL MAY ( priorValue $ priorSetTime $ lastSetTime $ currentValue ) ) -objectClasses: ( 1.2.840.113556.1.5.107 NAME 'sitesContainer' SUP top STRUCTURAL ) -objectClasses: ( 1.2.840.113556.1.5.17 NAME 'server' SUP top STRUCTURAL MAY ( mailAddress $ serverReference $ serialNumber $ managedBy $ dNSHostName $ bridgeheadTransportList ) ) -objectClasses: ( 2.5.20.1 NAME 'subSchema' SUP top STRUCTURAL MAY ( objectClasses $ modifyTimeStamp $ extendedClassInfo $ extendedAttributeInfo $ dITContentRules $ attributeTypes ) ) -objectClasses: ( 1.2.840.113556.1.5.34 NAME 'trustedDomain' SUP leaf STRUCTURAL MAY ( trustType $ trustPosixOffset $ trustPartner $ trustDirection $ trustAuthOutgoing $ trustAuthIncoming $ trustAttributes $ securityIdentifier $ msDS-TrustForestTrustInfo $ mS-DS-CreatorSID $ initialAuthOutgoing $ initialAuthIncoming $ flatName $ domainIdentifier $ domainCrossRef $ additionalTrustedServiceNames ) ) -objectClasses: ( 1.2.840.113556.1.5.66 NAME 'domain' SUP top ABSTRACT MUST ( dc ) ) -objectClasses: ( 1.2.840.113556.1.5.76 NAME 'foreignSecurityPrincipal' SUP top STRUCTURAL MUST ( objectSid ) MAY ( foreignIdentifier ) ) -objectClasses: ( 1.2.840.113556.1.5.96 NAME 'subnet' SUP top STRUCTURAL MAY ( siteObject $ physicalLocationObject $ location ) ) -objectClasses: ( 1.2.840.113556.1.3.46 NAME 'mailRecipient' SUP top AUXILIARY MUST ( cn ) MAY ( userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI ) ) -objectClasses: ( 1.2.840.113556.1.5.8 NAME 'group' SUP top STRUCTURAL MUST ( groupType ) MAY ( primaryGroupToken $ operatorCount $ nTGroupMembers $ nonSecurityMember $ msDS-NonMembers $ msDS-AzLDAPQuery $ member $ managedBy $ groupMembershipSAM $ groupAttributes $ mail $ desktopProfile $ controlAccessRights $ adminCount ) ) -objectClasses: ( 1.2.840.113556.1.5.157 NAME 'groupPolicyContainer' SUP container STRUCTURAL MAY ( versionNumber $ gPCWQLFilter $ gPCUserExtensionNames $ gPCMachineExtensionNames $ gPCFunctionalityVersion $ gPCFileSysPath $ flags ) ) -attributeTypes: ( 1.2.840.113556.1.4.1304 NAME 'sDRightsEffective' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.104 NAME 'ownerBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.102 NAME 'memberOf' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.4.14 NAME 'searchGuide' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.1720 NAME 'msDS-ReplicationEpoch' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.202 NAME 'auditingPolicy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.646 NAME 'otherFacsimileTelephoneNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.256 NAME 'streetAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.121 NAME 'securityIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1782 NAME 'msDS-KeyVersionNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1307 NAME 'accountNameHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.752 NAME 'userSharedFolderOther' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.751 NAME 'userSharedFolder' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.966 NAME 'mSMQDigestsMig' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.755 NAME 'domainIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.655 NAME 'legacyExchangeDN' SYNTAX '1.2.840.113556.1.4.905' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.618 NAME 'wellKnownObjects' SYNTAX '1.2.840.113556.1.4.903' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1 NAME 'name' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.531 NAME 'nonSecurityMemberBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1707 NAME 'msDS-ReplAttributeMetaData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1242 NAME 'dNReferenceUpdate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.892 NAME 'gPOptions' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1790 NAME 'msDS-PerUserTrustTombstonesQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 0.9.2342.19200300.100.1.42 NAME 'pager' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.362 NAME 'siteGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1796 NAME 'msDS-AzScriptEngineCacheMax' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1303 NAME 'tokenGroupsNoGCAcceptable' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.1418 NAME 'tokenGroupsGlobalAndUniversal' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.867 NAME 'altSecurityIdentities' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.96 NAME 'pwdLastSet' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 2.5.21.6 NAME 'objectClasses' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.470 NAME 'trustAttributes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1702 NAME 'msDS-TrustForestTrustInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.512 NAME 'siteObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.638 NAME 'isPrivilegeHolder' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.28 NAME 'dnsRoot' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.168 NAME 'modifiedCount' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.25 NAME 'internationalISDNNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.36' ) -attributeTypes: ( 2.5.4.15 NAME 'businessCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.5.4.51 NAME 'houseIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.16.840.1.113730.3.1.34 NAME 'middleName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.30 NAME 'attributeID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.677 NAME 'replTopologyStayOfExecution' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.359 NAME 'netbootGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.26 NAME 'rDNAttID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.25 NAME 'mayContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' ) -attributeTypes: ( 1.2.840.113556.1.4.135 NAME 'trustAuthOutgoing' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1694 NAME 'gPCWQLFilter' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.516 NAME 'serverReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.18.1 NAME 'createTimeStamp' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.748 NAME 'attributeDisplayNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.614 NAME 'adminContextMenu' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.67 NAME 'lSAModifiedCount' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.66 NAME 'lSACreationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.154 NAME 'serverState' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.460 NAME 'lDAPDisplayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.125 NAME 'supplementalCredentials' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.1130 NAME 'msNPSavedCallingStationID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' ) -attributeTypes: ( 1.2.840.113556.1.4.38 NAME 'flags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.812 NAME 'createWizardExt' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.36 NAME 'dMDLocation' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.596 NAME 'msExchHouseIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.647 NAME 'otherMobile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.5.4.44 NAME 'generationQualifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.32 NAME 'attributeSyntax' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.149 NAME 'attributeSecurityGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.212 NAME 'dSHeuristics' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.5 NAME 'serialNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' ) -attributeTypes: ( 1.2.840.113556.1.4.1697 NAME 'msDS-Settings' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.144 NAME 'operatorCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1153 NAME 'msRADIUSFramedIPAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.45 NAME 'homeDrive' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.21.5 NAME 'attributeTypes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.540 NAME 'initialAuthOutgoing' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.141 NAME 'versionNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.0 NAME 'objectClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.915 NAME 'possibleInferiors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1669 NAME 'msDS-Approx-Immed-Subordinates' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1664 NAME 'msDS-Replication-Notify-Subsequent-DSA-Delay' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.810 NAME 'createDialog' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.607 NAME 'queryPolicyObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.487 NAME 'fRSRootPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.11 NAME 'ou' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.5.4.21 NAME 'telexNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.2.617 NAME 'homePostalAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.652 NAME 'assistant' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.361 NAME 'netbootMachineFilePath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.45 NAME 'x500uniqueIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.55 NAME 'dBCSPwd' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.538 NAME 'prefixMap' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1807 NAME 'msDS-MembersForAzRoleBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.781 NAME 'lastKnownParent' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.369 NAME 'fSMORoleOwner' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.673 NAME 'retiredReplDSASignatures' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.459 NAME 'networkAddress' SYNTAX '1.2.840.113556.1.4.905' ) -attributeTypes: ( 1.2.840.113556.1.2.471 NAME 'schemaVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' ) -attributeTypes: ( 1.2.840.113556.1.2.8 NAME 'possSuperiors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' ) -attributeTypes: ( 1.2.840.113556.1.4.224 NAME 'defaultSecurityDescriptor' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.16.840.1.113730.3.140 NAME 'userSMIMECertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.8 NAME 'userAccountControl' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.885 NAME 'terminalServer' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.159 NAME 'accountExpires' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.750 NAME 'groupType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.89 NAME 'nTGroupMembers' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.749 NAME 'url' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.145 NAME 'revision' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.76 NAME 'objectVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1705 NAME 'msDS-NCReplInboundNeighbors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1425 NAME 'msCOM-UserLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1409 NAME 'masteredBy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.916 NAME 'canonicalName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1661 NAME 'msDS-NC-Replica-Locations' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.1721 NAME 'msDS-UpdateScript' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.88 NAME 'nextRid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.24 NAME 'x121Address' SYNTAX '1.3.6.1.4.1.1466.115.121.1.36' ) -attributeTypes: ( 2.5.4.35 NAME 'userPassword' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 2.5.4.20 NAME 'telephoneNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.141 NAME 'department' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.639 NAME 'isMemberOfPartialAttributeSet' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.633 NAME 'policyReplicationFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.626 NAME 'ipsecISAKMPReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.218 NAME 'applicationName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.196 NAME 'systemMayContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1191 NAME 'msRASSavedFramedRoute' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' ) -attributeTypes: ( 1.2.840.113556.1.4.1189 NAME 'msRASSavedCallbackNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.136 NAME 'trustType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.158 NAME 'domainReplica' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.615 NAME 'personalTitle' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.651 NAME 'otherMailbox' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 0.9.2342.19200300.100.1.3 NAME 'mail' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.231 NAME 'oMSyntax' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.661 NAME 'isDefunct' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1621 NAME 'msDS-Other-Settings' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.71 NAME 'machineRole' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1795 NAME 'msDS-AzDomainTimeout' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.198 NAME 'systemAuxiliaryClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.98 NAME 'primaryGroupID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.160 NAME 'lmPwdHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.166 NAME 'groupMembershipSAM' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.133 NAME 'trustPartner' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.1 NAME 'instanceType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.806 NAME 'treatAsLeaf' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.562 NAME 'adminPropertyPages' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1799 NAME 'msDS-AzScopeName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.34 NAME 'seeAlso' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.844 NAME 'lDAPIPDenyList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.1826 NAME 'msDS-RetiredReplNCSignatures' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.14 NAME 'hasMasterNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.81 NAME 'modifiedCountAtLastProm' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.78 NAME 'minPwdAge' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.39 NAME 'forceLogoff' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1305 NAME 'moveTreeState' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.1787 NAME 'msDS-AllowedToDelegateTo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.170 NAME 'systemOnly' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1716 NAME 'msDS-IntId' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.619 NAME 'dNSHostName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1825 NAME 'msDS-AzMinorVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.49 NAME 'badPasswordTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1412 NAME 'primaryGroupToken' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.469 NAME 'USNIntersite' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.876 NAME 'fRSMemberReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1711 NAME 'msDS-SDReferenceDomain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.621 NAME 'ipsecID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.843 NAME 'lDAPAdminLimits' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.519 NAME 'lastBackupRestorationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.660 NAME 'treeName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.151 NAME 'oEMInformation' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.42 NAME 'givenName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1347 NAME 'sPNMappings' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.364 NAME 'operatingSystemVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.303 NAME 'notificationList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1301 NAME 'tokenGroups' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.97 NAME 'preferredOU' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1410 NAME 'mS-DS-CreatorSID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1793 NAME 'msDS-NonMembers' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.1815 NAME 'msDS-TasksForAzRoleBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.227 NAME 'extensionName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1663 NAME 'msDS-Replication-Notify-First-DSA-Delay' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.74 NAME 'maxPwdAge' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.722 NAME 'otherIpPhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.627 NAME 'ipsecNFAReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 0.9.2342.19200300.100.1.21 NAME 'secretary' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.138 NAME 'userParameters' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.134 NAME 'trustPosixOffset' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.820 NAME 'bridgeheadServerListBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1819 NAME 'msDS-AzApplicationData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.866 NAME 'pekKeyChangeInterval' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.6 NAME 'c' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.27 NAME 'destinationIndicator' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' ) -attributeTypes: ( 1.2.840.113556.1.4.25 NAME 'countryCode' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 0.9.2342.19200300.100.1.41 NAME 'mobile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.148 NAME 'schemaIDGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.669 NAME 'rIDSetReferences' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.351 NAME 'auxiliaryClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' ) -attributeTypes: ( 0.9.2342.19200300.100.1.1 NAME 'uid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.889 NAME 'additionalTrustedServiceNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.464 NAME 'wWWHomePage' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.896 NAME 'uSNSource' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1360 NAME 'mS-DS-ConsistencyGuid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.870 NAME 'frsComputerReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.913 NAME 'allowedAttributes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1798 NAME 'msDS-AzApplicationName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.890 NAME 'uPNSuffixes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1788 NAME 'msDS-PerUserTrustQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1411 NAME 'ms-DS-MachineAccountQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.157 NAME 'serverRole' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 0.9.2342.19200300.100.1.20 NAME 'homePhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.34 NAME 'rangeLower' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.415 NAME 'operatingSystemHotfix' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1717 NAME 'msDS-AdditionalDnsHostName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1797 NAME 'msDS-AzScriptTimeout' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.24 NAME 'mustContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' ) -attributeTypes: ( 2.5.4.36 NAME 'userCertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.1124 NAME 'msNPCallingStationID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' ) -attributeTypes: ( 1.2.840.113556.1.4.1460 NAME 'msDS-User-Account-Control-Computed' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.44 NAME 'homeDirectory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1792 NAME 'msDS-AzLDAPQuery' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.663 NAME 'partialAttributeDeletionList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.868 NAME 'isCriticalSystemObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.891 NAME 'gPLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1354 NAME 'scopeFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.60 NAME 'lockoutDuration' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1426 NAME 'msCOM-UserPartitionSetLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 2.16.840.1.113730.3.1.36 NAME 'thumbnailLogo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 2.16.840.1.113730.3.1.35 NAME 'thumbnailPhoto' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.222 NAME 'location' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.86 NAME 'userWorkstations' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.65 NAME 'logonWorkstation' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1696 NAME 'lastLogonTimestamp' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.100 NAME 'priorValue' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.53 NAME 'lastSetTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.2 NAME 'objectGUID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1811 NAME 'msDS-TasksForAzTaskBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.653 NAME 'managedBy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.93 NAME 'pwdProperties' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.13 NAME 'builtinCreationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.18 NAME 'postOfficeBox' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.146 NAME 'company' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.675 NAME 'catalogs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.783 NAME 'defaultObjectCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1158 NAME 'msRADIUSFramedRoute' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' ) -attributeTypes: ( 1.2.840.113556.1.4.99 NAME 'priorSetTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.645 NAME 'userCert' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.530 NAME 'nonSecurityMember' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 2.5.4.31 NAME 'member' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.152 NAME 'groupAttributes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.375 NAME 'systemFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1249 NAME 'proxiedObjectName' SYNTAX '1.2.840.113556.1.4.903' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1708 NAME 'msDS-ReplValueMetaData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.912 NAME 'allowedChildClassesEffective' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1805 NAME 'msDS-AzGenerateAudits' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1817 NAME 'msDS-AzApplicationVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.219 NAME 'iconPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.5.4.9 NAME 'street' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1783 NAME 'msDS-ExecuteScriptPassword' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1784 NAME 'msDS-LogonTimeSyncInterval' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.301 NAME 'garbageCollPeriod' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.967 NAME 'mSMQSignCertificatesMig' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1442 NAME 'msDS-Cached-Membership-Time-Stamp' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.169 NAME 'logonCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.58 NAME 'localeID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' ) -attributeTypes: ( 1.2.840.113556.1.4.12 NAME 'badPwdCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.129 NAME 'trustAuthIncoming' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 2.5.18.10 NAME 'subSchemaSubEntry' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.21.9 NAME 'structuralObjectClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' ) -attributeTypes: ( 1.2.840.113556.1.2.48 NAME 'isDeleted' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1687 NAME 'extraColumns' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1690 NAME 'adminMultiselectPropertyPages' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.307 NAME 'options' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.61 NAME 'lockOutObservationWindow' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.57 NAME 'defaultLocalPolicyObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.26 NAME 'creationTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.26 NAME 'registeredAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 2.5.4.16 NAME 'postalAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.5.4.43 NAME 'initials' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.33 NAME 'isSingleValued' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1240 NAME 'netbootSIFFile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1718 NAME 'msDS-AdditionalSamAccountName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.195 NAME 'systemPossSuperiors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 0.9.2342.19200300.100.1.7 NAME 'photo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.2.610 NAME 'employeeNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.662 NAME 'lockoutTime' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.537 NAME 'dynamicLDAPServer' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.909 NAME 'extendedAttributeInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.444 NAME 'msExchAssistantName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1349 NAME 'gPCUserExtensionNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1794 NAME 'msDS-NonMembersBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.194 NAME 'adminDisplayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.499 NAME 'contextMenu' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.50 NAME 'linkID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.4.58 NAME 'attributeCertificateAttribute' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 2.5.4.4 NAME 'sn' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.221 NAME 'sAMAccountName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.22 NAME 'governsID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.947 NAME 'mSMQSignCertificates' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.539 NAME 'initialAuthIncoming' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.472 NAME 'domainCrossRef' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 0.9.2342.19200300.100.1.2 NAME 'textEncodedORAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.893 NAME 'gPCFunctionalityVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.267 NAME 'uSNDSALastObjRemoved' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1813 NAME 'msDS-OperationsForAzRoleBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1361 NAME 'mS-DS-ConsistencyChildCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.74 NAME 'dSASignature' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.911 NAME 'allowedChildClasses' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.914 NAME 'allowedAttributesEffective' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.357 NAME 'nTMixedDomain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1709 NAME 'msDS-HasInstantiatedNCs' SYNTAX '1.2.840.113556.1.4.903' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.79 NAME 'minPwdLength' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.32 NAME 'domainPolicyObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.19 NAME 'physicalDeliveryOfficeName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.507 NAME 'volumeCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1171 NAME 'msRADIUSServiceType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.52 NAME 'lastLogon' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.344 NAME 'groupsToIgnore' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1358 NAME 'schemaInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION ) -attributeTypes: ( 0.9.2342.19200300.100.1.25 NAME 'dc' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.782 NAME 'objectCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 2.5.18.2 NAME 'modifyTimeStamp' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.13 NAME 'displayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.226 NAME 'adminDescription' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1719 NAME 'msDS-DnsRootAlias' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.498 NAME 'creationWizard' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.15 NAME 'hasPartialReplicaNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.200 NAME 'controlAccessRights' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.155 NAME 'uASCompat' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.146 NAME 'objectSid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.4.12 NAME 'title' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.118 NAME 'otherPager' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.261 NAME 'division' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.35 NAME 'rangeUpper' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.218 NAME 'oMObjectClass' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.49 NAME 'mAPIID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.302 NAME 'sAMAccountType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.370 NAME 'objectClassCategory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.518 NAME 'defaultHidingValue' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1119 NAME 'msNPAllowDialin' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.16 NAME 'codePage' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.150 NAME 'adminCount' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.481 NAME 'schemaUpdate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.132 NAME 'trustDirection' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.557 NAME 'Enabled' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.7 NAME 'l' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.268 NAME 'eFSPolicy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.14 NAME 'builtinModifiedCount' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.18 NAME 'otherTelephone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.649 NAME 'primaryInternationalISDNNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.35 NAME 'employeeID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.54 NAME 'tombstoneLifetime' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.365 NAME 'operatingSystemServicePack' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.358 NAME 'netbootInitialization' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.656 NAME 'userPrincipalName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.771 NAME 'servicePrincipalName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.91 NAME 'otherLoginWorkstations' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1786 NAME 'msIIS-FTPDir' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1443 NAME 'msDS-Site-Affinity' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.76 NAME 'maxStorage' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.281 NAME 'nTSecurityDescriptor' SYNTAX '1.2.840.113556.1.4.907' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.513 NAME 'siteObjectBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.608 NAME 'queryPolicyBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.640 NAME 'partialAttributeSet' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.4.49 NAME 'distinguishedName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.4.13 NAME 'description' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1816 NAME 'msDS-AzClassId' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.370 NAME 'rIDAvailablePool' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.563 NAME 'shellPropertyPages' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1715 NAME 'msDS-SPNSuffixes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.101 NAME 'privateKey' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.23 NAME 'facsimileTelephoneNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.334 NAME 'searchFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.120 NAME 'schemaFlagsEx' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1212 NAME 'isEphemeral' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.960 NAME 'mSMQNt4Stub' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' ) -attributeTypes: ( 1.2.840.113556.1.4.1785 NAME 'msIIS-FTPRoot' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.345 NAME 'groupPriority' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.819 NAME 'bridgeheadTransportList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.908 NAME 'extendedClassInfo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.511 NAME 'flatName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.301 NAME 'wbemPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1706 NAME 'msDS-NCReplOutboundNeighbors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.1809 NAME 'msDS-OperationsForAzTaskBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.169 NAME 'showInAdvancedViewOnly' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1459 NAME 'msDS-Behavior-Version' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1836 NAME 'msDS-hasMasterNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.95 NAME 'pwdHistoryLength' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.865 NAME 'pekList' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.17 NAME 'postalCode' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1241 NAME 'netbootMirrorDataFile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.213 NAME 'defaultClassStore' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.953 NAME 'mSMQSiteID' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.644 NAME 'showInAddressBook' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.2.2 NAME 'whenCreated' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1357 NAME 'dSCorePropagationData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.353 NAME 'displayNamePrintable' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.624 NAME 'ipsecOwnersReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 2.5.4.8 NAME 'st' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.515 NAME 'serverReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1820 NAME 'msDS-HasDomainNCs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.115 NAME 'invocationId' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.109 NAME 'replicaSource' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.721 NAME 'ipPhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.277 NAME 'otherHomePhone' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 2.5.4.10 NAME 'o' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.380 NAME 'extendedCharsAllowed' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.363 NAME 'operatingSystem' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1840 NAME 'msDS-ObjectReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.1308 NAME 'mSMQInterval1' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.153 NAME 'rid' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.139 NAME 'profilePath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1145 NAME 'msRADIUSCallbackNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.26' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.772 NAME 'aCSPolicyName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.81 NAME 'info' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1841 NAME 'msDS-ObjectReferenceBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.3 NAME 'whenChanged' SYNTAX '1.3.6.1.4.1.1466.115.121.1.24' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.121 NAME 'uSNLastObjRem' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.83 NAME 'repsTo' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.4 NAME 'replUpToDateVector' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.864 NAME 'netbootSCPBL' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1837 NAME 'msDs-masteredBy' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1424 NAME 'msCOM-PartitionSetLink' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 2.5.4.3 NAME 'cn' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1789 NAME 'msDS-AllUsersTrustQuota' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.480 NAME 'defaultGroup' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.629 NAME 'ipsecFilterReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.156 NAME 'comment' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1440 NAME 'msDs-Schema-Extensions' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.56 NAME 'localPolicyFlags' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1309 NAME 'mSMQInterval2' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.609 NAME 'sIDHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.90 NAME 'unicodePwd' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1190 NAME 'msRASSavedFramedIPAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1843 NAME 'msDRM-IdentityCertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.51 NAME 'lastLogoff' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.598 NAME 'dmdName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.593 NAME 'msExchLabeledURI' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.436 NAME 'directReports' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.3 NAME 'replPropertyMetaData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.910 NAME 'fromEntry' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.471 NAME 'trustParent' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.622 NAME 'ipsecDataType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.623 NAME 'ipsecData' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.368 NAME 'rIDManagerReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.73 NAME 'lockoutThreshold' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.346 NAME 'desktopProfile' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.131 NAME 'co' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.22 NAME 'teletexTerminalIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.648 NAME 'primaryTelexNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 0.9.2342.19200300.100.1.10 NAME 'manager' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.514 NAME 'physicalLocationObject' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1824 NAME 'msDS-AzMajorVersion' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.21 NAME 'subClassOf' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.197 NAME 'systemMustContain' SYNTAX '1.3.6.1.4.1.1466.115.121.1.38' NO-USER-MODIFICATION ) -attributeTypes: ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.613 NAME 'employeeType' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.27 NAME 'currentValue' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 2.5.21.2 NAME 'dITContentRules' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1348 NAME 'gPCMachineExtensionNames' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.19 NAME 'uSNCreated' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.7 NAME 'subRefs' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.210 NAME 'proxyAddresses' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.532 NAME 'superiorDNSRoot' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.674 NAME 'rootTrust' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' ) -attributeTypes: ( 1.2.840.113556.1.4.615 NAME 'shellContextMenu' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.610 NAME 'classDisplayName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.620 NAME 'ipsecName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.37 NAME 'cACertificate' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.628 NAME 'ipsecNegotiationPolicyReference' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.650 NAME 'mhsORAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.94 NAME 'ntPwdHistory' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.786 NAME 'mailAddress' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.356 NAME 'foreignIdentifier' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.2.120 NAME 'uSNChanged' SYNTAX '1.2.840.113556.1.4.906' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.2.91 NAME 'repsFrom' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1359 NAME 'otherWellKnownObjects' SYNTAX '1.2.840.113556.1.4.903' ) -attributeTypes: ( 1.2.840.113556.1.4.1704 NAME 'msDS-NCReplCursors' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.4.654 NAME 'managedObjects' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.1710 NAME 'msDS-AllowedDNSSuffixes' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' ) -attributeTypes: ( 1.2.840.113556.1.2.16 NAME 'nCName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' SINGLE-VALUE NO-USER-MODIFICATION ) -attributeTypes: ( 1.2.840.113556.1.4.87 NAME 'nETBIOSName' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.1355 NAME 'queryFilter' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 2.5.4.28 NAME 'preferredDeliveryMethod' SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' ) -attributeTypes: ( 1.2.840.113556.1.4.961 NAME 'mSMQSiteForeign' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' ) -attributeTypes: ( 0.9.2342.19200300.100.1.55 NAME 'audio' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.62 NAME 'scriptPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.948 NAME 'mSMQDigests' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' ) -attributeTypes: ( 1.2.840.113556.1.4.1441 NAME 'msDS-Cached-Membership' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.64 NAME 'logonHours' SYNTAX '1.3.6.1.4.1.1466.115.121.1.40' SINGLE-VALUE ) -attributeTypes: ( 1.2.840.113556.1.4.894 NAME 'gPCFileSysPath' SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE ) -dITContentRules: ( 1.2.840.113556.1.5.67 NAME 'domainDNS' AUX ( samDomain ) MAY ( treeName $ rIDManagerReference $ replicaSource $ pwdProperties $ pwdHistoryLength $ privateKey $ pekList $ pekKeyChangeInterval $ nTMixedDomain $ nextRid $ nETBIOSName $ msDS-PerUserTrustTombstonesQuota $ msDS-PerUserTrustQuota $ ms-DS-MachineAccountQuota $ msDS-LogonTimeSyncInterval $ msDS-AllUsersTrustQuota $ modifiedCountAtLastProm $ minPwdLength $ minPwdAge $ maxPwdAge $ lSAModifiedCount $ lSACreationTime $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ gPOptions $ gPLink $ eFSPolicy $ domainPolicyObject $ desktopProfile $ description $ defaultLocalPolicyObject $ creationTime $ controlAccessRights $ cACertificate $ builtinModifiedCount $ builtinCreationTime $ auditingPolicy ) ) -dITContentRules: ( 1.2.840.113556.1.5.4 NAME 'builtinDomain' AUX ( samDomainBase ) MAY ( uASCompat $ serverState $ serverRole $ revision $ pwdProperties $ pwdHistoryLength $ oEMInformation $ objectSid $ nTSecurityDescriptor $ nextRid $ modifiedCountAtLastProm $ modifiedCount $ minPwdLength $ minPwdAge $ maxPwdAge $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ forceLogoff $ domainReplica $ creationTime ) ) -dITContentRules: ( 1.2.840.113556.1.5.3 NAME 'samDomain' AUX ( samDomainBase ) MAY ( uASCompat $ serverState $ serverRole $ revision $ pwdProperties $ pwdHistoryLength $ oEMInformation $ objectSid $ nTSecurityDescriptor $ nextRid $ modifiedCountAtLastProm $ modifiedCount $ minPwdLength $ minPwdAge $ maxPwdAge $ lockoutThreshold $ lockoutDuration $ lockOutObservationWindow $ forceLogoff $ domainReplica $ creationTime ) ) -dITContentRules: ( 1.2.840.113556.1.5.9 NAME 'user' AUX ( securityPrincipal $ mailRecipient ) MUST ( sAMAccountName $ objectSid $ cn ) MAY ( supplementalCredentials $ sIDHistory $ securityIdentifier $ sAMAccountType $ rid $ tokenGroupsNoGCAcceptable $ tokenGroupsGlobalAndUniversal $ tokenGroups $ nTSecurityDescriptor $ msDS-KeyVersionNumber $ altSecurityIdentities $ accountNameHistory $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI ) ) -dITContentRules: ( 1.2.840.113556.1.5.8 NAME 'group' AUX ( mailRecipient $ securityPrincipal ) MUST ( cn $ sAMAccountName $ objectSid $ cn ) MAY ( userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ supplementalCredentials $ sIDHistory $ securityIdentifier $ sAMAccountType $ rid $ tokenGroupsNoGCAcceptable $ tokenGroupsGlobalAndUniversal $ tokenGroups $ nTSecurityDescriptor $ msDS-KeyVersionNumber $ altSecurityIdentities $ accountNameHistory $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI $ userCertificate $ userCert $ textEncodedORAddress $ telephoneNumber $ showInAddressBook $ legacyExchangeDN $ garbageCollPeriod $ info $ userSMIMECertificate $ secretary $ msExchLabeledURI $ msExchAssistantName $ labeledURI ) ) diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf index 4dcfd2aba7..141c0cd27a 100644 --- a/source4/setup/slapd.conf +++ b/source4/setup/slapd.conf @@ -1,5 +1,10 @@ loglevel 0 +### Multimaster-ServerIDs and URLs ### + +${MMR_SERVERIDS_CONFIG} + + include ${LDAPDIR}/backend-schema.schema pidfile ${LDAPDIR}/slapd.pid @@ -52,10 +57,12 @@ suffix cn=Samba directory ${LDAPDIR}/db/samba rootdn cn=Manager,cn=Samba - +######################################## +### cn=schema ### database hdb suffix ${SCHEMADN} rootdn cn=Manager,${SCHEMADN} +rootpw "${MMR_PASSWORD}" directory ${LDAPDIR}/db/schema index objectClass eq index samAccountName eq @@ -64,16 +71,25 @@ index objectCategory eq index lDAPDisplayName eq index subClassOf eq index cn eq +index entryUUID,entryCSN eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We only need this for the contextCSN attribute anyway.... overlay syncprov -syncprov-checkpoint 100 10 syncprov-sessionlog 100 +# syncprov-checkpoint 100 10 + +### Multimaster-Replication of cn=schema Subcontext ### +${MMR_SYNCREPL_SCHEMA_CONFIG} +${MIRRORMODE} + +######################################### +### cn=config ### database hdb suffix ${CONFIGDN} rootdn cn=Manager,${CONFIGDN} +rootpw "${MMR_PASSWORD}" directory ${LDAPDIR}/db/config index objectClass eq index samAccountName eq @@ -85,16 +101,24 @@ index subClassOf eq index dnsRoot eq index nETBIOSName eq index cn eq +index entryUUID,entryCSN eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We only need this for the contextCSN attribute anyway.... overlay syncprov -syncprov-checkpoint 100 10 syncprov-sessionlog 100 +# syncprov-checkpoint 100 10 + +### Multimaster-Replication of cn=config Subcontext ### +${MMR_SYNCREPL_CONFIG_CONFIG} +${MIRRORMODE} +######################################## +### cn=users /base-dn ### database hdb suffix ${DOMAINDN} rootdn cn=Manager,${DOMAINDN} +rootpw "${MMR_PASSWORD}" directory ${LDAPDIR}/db/user index objectClass eq index samAccountName eq @@ -110,10 +134,14 @@ index subClassOf eq index dnsRoot eq index nETBIOSName eq index cn eq +index entryUUID,entryCSN eq #syncprov is stable in OpenLDAP 2.3, and available in 2.2. #We only need this for the contextCSN attribute anyway.... overlay syncprov -syncprov-checkpoint 100 10 syncprov-sessionlog 100 +# syncprov-checkpoint 100 10 +### Multimaster-Replication of cn=user/base-dn context ### +${MMR_SYNCREPL_USER_CONFIG} +${MIRRORMODE} diff --git a/source4/setup/tests/blackbox_provision-backend.sh b/source4/setup/tests/blackbox_provision-backend.sh index 312ca5c70e..04f22dbf1d 100755 --- a/source4/setup/tests/blackbox_provision-backend.sh +++ b/source4/setup/tests/blackbox_provision-backend.sh @@ -13,6 +13,7 @@ shift 1 . `dirname $0`/../../../testprogs/blackbox/subunit.sh testit "openldap-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-backend +testit "openldap-mmr-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=openldap --targetdir=$PREFIX/openldap-mmr-backend --ol-mmr-urls='ldap://localdc1:9000,ldap://localdc2:9000,ldap://localdc3:9000' testit "fedora-ds-backend" $PYTHON ./setup/provision-backend --domain=FOO --realm=foo.example.com --host-name=samba --ldap-backend-type=fedora-ds --targetdir=$PREFIX/fedora-ds-backend reprovision() { |