summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/scripting/libjs/provision.js28
-rw-r--r--source4/setup/provision.ldif16
-rw-r--r--source4/setup/provision_basedn.ldif2
-rw-r--r--source4/setup/provision_basedn_modify.ldif4
-rw-r--r--source4/setup/provision_computers_add.ldif2
-rw-r--r--source4/setup/provision_computers_modify.ldif2
-rw-r--r--source4/setup/provision_configuration.ldif4
-rw-r--r--source4/setup/provision_init.ldif2
-rw-r--r--source4/setup/provision_partitions.ldif4
-rw-r--r--source4/setup/provision_users.ldif92
-rw-r--r--source4/setup/provision_users_add.ldif2
-rw-r--r--source4/setup/provision_users_modify.ldif2
12 files changed, 80 insertions, 80 deletions
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index c3204587d0..39810e1f94 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -57,7 +57,7 @@ objectClass: top
objectClass: foreignSecurityPrincipal
description: %s
",
- sid, subobj.BASEDN, desc);
+ sid, subobj.DOMAINDN, desc);
/* deliberately ignore errors from this, as the records may
already exist */
ldb.add(add);
@@ -71,7 +71,7 @@ function setup_name_mapping(info, ldb, sid, unixname)
{
var attrs = new Array("dn");
var res = ldb.search(sprintf("objectSid=%s", sid),
- info.subobj.BASEDN, ldb.SCOPE_SUBTREE, attrs);
+ info.subobj.DOMAINDN, ldb.SCOPE_SUBTREE, attrs);
if (res.length != 1) {
info.message("Failed to find record for objectSid %s\n", sid);
return false;
@@ -211,7 +211,7 @@ function ldb_erase_partitions(info, ldb, ldapbackend)
var previous_remaining = 1;
var current_remaining = 0;
- if (ldapbackend && (basedn == info.subobj.BASEDN)) {
+ if (ldapbackend && (basedn == info.subobj.DOMAINDN)) {
/* Only delete objects that were created by provision */
anything = "(objectcategory=*)";
}
@@ -398,7 +398,7 @@ function setup_name_mappings(info, ldb)
var attrs = new Array("objectSid");
var subobj = info.subobj;
- res = ldb.search("objectSid=*", subobj.BASEDN, ldb.SCOPE_BASE, attrs);
+ res = ldb.search("objectSid=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs);
assert(res.length == 1 && res[0].objectSid != undefined);
var sid = res[0].objectSid;
@@ -450,7 +450,7 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
assert(valid_netbios_name(subobj.DOMAIN));
subobj.NETBIOSNAME = strupper(subobj.HOSTNAME);
assert(valid_netbios_name(subobj.NETBIOSNAME));
- var rdns = split(",", subobj.BASEDN);
+ var rdns = split(",", subobj.DOMAINDN);
subobj.RDN_DC = substr(rdns[0], strlen("DC="));
if (subobj.DOMAINGUID != undefined) {
@@ -502,13 +502,13 @@ function provision(subobj, message, blank, paths, session_info, credentials, lda
message("Erasing data from partitions\n");
ldb_erase_partitions(info, samdb, ldapbackend);
- message("Adding baseDN: " + subobj.BASEDN + " (permitted to fail)\n");
+ message("Adding DomainDN: " + subobj.DOMAINDN + " (permitted to fail)\n");
var add_ok = setup_add_ldif("provision_basedn.ldif", info, samdb, true);
- message("Modifying baseDN: " + subobj.BASEDN + "\n");
+ message("Modifying DomainDN: " + subobj.DOMAINDN + "\n");
var modify_ok = setup_ldb_modify("provision_basedn_modify.ldif", info, samdb);
if (!modify_ok) {
if (!add_ok) {
- message("Failed to both add and modify " + subobj.BASEDN + " in target " + subobj.LDAPBACKEND + "\n");
+ message("Failed to both add and modify " + subobj.DOMAINDN + " in target " + subobj.LDAPBACKEND + "\n");
message("Perhaps you need to run the provision script with the --ldap-base-dn option, and add this record to the backend manually\n");
};
assert(modify_ok);
@@ -622,12 +622,12 @@ function provision_dns(subobj, message, paths, session_info, credentials)
or may not have been specified, so fetch them from the database */
var attrs = new Array("objectGUID");
- res = ldb.search("objectGUID=*", subobj.BASEDN, ldb.SCOPE_BASE, attrs);
+ res = ldb.search("objectGUID=*", subobj.DOMAINDN, ldb.SCOPE_BASE, attrs);
assert(res.length == 1);
assert(res[0].objectGUID != undefined);
subobj.DOMAINGUID = res[0].objectGUID;
- subobj.HOSTGUID = searchone(ldb, subobj.BASEDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID");
+ subobj.HOSTGUID = searchone(ldb, subobj.DOMAINDN, "(&(objectClass=computer)(cn=" + subobj.NETBIOSNAME + "))", "objectGUID");
assert(subobj.HOSTGUID != undefined);
setup_file("provision.zone",
@@ -640,8 +640,8 @@ function provision_dns(subobj, message, paths, session_info, credentials)
/* Write out a DNS zone file, from the info in the current database */
function provision_ldapbase(subobj, message, paths)
{
- message("Setting up LDAP base entry: " + subobj.BASEDN + " \n");
- var rdns = split(",", subobj.BASEDN);
+ message("Setting up LDAP base entry: " + subobj.DOMAINDN + " \n");
+ var rdns = split(",", subobj.DOMAINDN);
subobj.EXTENSIBLEOBJECT = "objectClass: extensibleObject";
subobj.RDN_DC = substr(rdns[0], strlen("DC="));
@@ -696,8 +696,8 @@ function provision_guess()
strlower(subobj.HOSTNAME),
subobj.DNSDOMAIN);
rdn_list = split(".", subobj.DNSDOMAIN);
- subobj.BASEDN = "DC=" + join(",DC=", rdn_list);
- subobj.ROOTDN = subobj.BASEDN;
+ subobj.DOMAINDN = "DC=" + join(",DC=", rdn_list);
+ subobj.ROOTDN = subobj.DOMAINDN;
subobj.CONFIGDN = "CN=Configuration," + subobj.ROOTDN;
subobj.SCHEMADN = "CN=Schema," + subobj.CONFIGDN;
subobj.LDAPBACKEND = "users.ldb";
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif
index 652770c813..71a4f44ba7 100644
--- a/source4/setup/provision.ldif
+++ b/source4/setup/provision.ldif
@@ -1,4 +1,4 @@
-dn: CN=Domain Controllers,${BASEDN}
+dn: CN=Domain Controllers,${DOMAINDN}
objectClass: top
objectClass: container
cn: Domain Controllers
@@ -9,7 +9,7 @@ systemFlags: 2348810240
objectCategory: CN=Container,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=ForeignSecurityPrincipals,${BASEDN}
+dn: CN=ForeignSecurityPrincipals,${DOMAINDN}
objectClass: top
objectClass: container
cn: ForeignSecurityPrincipals
@@ -20,7 +20,7 @@ systemFlags: 2348810240
objectCategory: CN=Container,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=System,${BASEDN}
+dn: CN=System,${DOMAINDN}
objectClass: top
objectClass: container
cn: System
@@ -31,7 +31,7 @@ systemFlags: 2348810240
objectCategory: CN=Container,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=RID Manager$,CN=System,${BASEDN}
+dn: CN=RID Manager$,CN=System,${DOMAINDN}
objectclass: top
objectclass: rIDManager
cn: RID Manager$
@@ -43,7 +43,7 @@ isCriticalSystemObject: TRUE
fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
rIDAvailablePool: 4611686014132423217
-dn: CN=DomainUpdates,CN=System,${BASEDN}
+dn: CN=DomainUpdates,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
cn: DomainUpdates
@@ -51,7 +51,7 @@ instanceType: 4
showInAdvancedViewOnly: TRUE
objectCategory: CN=Container,${SCHEMADN}
-dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN}
+dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
cn: Windows2003Update
@@ -60,7 +60,7 @@ showInAdvancedViewOnly: TRUE
objectCategory: CN=Container,${SCHEMADN}
revision: 8
-dn: CN=Infrastructure,${BASEDN}
+dn: CN=Infrastructure,${DOMAINDN}
objectclass: top
objectclass: infrastructureUpdate
cn: Infrastructure
@@ -71,7 +71,7 @@ objectCategory: CN=Infrastructure-Update,${SCHEMADN}
isCriticalSystemObject: TRUE
fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
-dn: CN=Builtin,${BASEDN}
+dn: CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: builtinDomain
cn: Builtin
diff --git a/source4/setup/provision_basedn.ldif b/source4/setup/provision_basedn.ldif
index e8cf8005f3..234c1f9e8f 100644
--- a/source4/setup/provision_basedn.ldif
+++ b/source4/setup/provision_basedn.ldif
@@ -1,7 +1,7 @@
################################
## Domain Naming Context
################################
-dn: ${BASEDN}
+dn: ${DOMAINDN}
objectClass: top
objectClass: domain
objectClass: domainDNS
diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif
index 189c3161d9..c0595a9be5 100644
--- a/source4/setup/provision_basedn_modify.ldif
+++ b/source4/setup/provision_basedn_modify.ldif
@@ -1,7 +1,7 @@
###############################
# Domain Naming Context
###############################
-dn: ${BASEDN}
+dn: ${DOMAINDN}
changetype: modify
replace: dnsDomain
dnsDomain: ${DNSDOMAIN}
@@ -58,7 +58,7 @@ replace: msDS-Behavior-Version
msDS-Behavior-Version: 0
-
replace: ridManagerReference
-ridManagerReference: CN=RID Manager$,CN=System,${BASEDN}
+ridManagerReference: CN=RID Manager$,CN=System,${DOMAINDN}
-
replace: uASCompat
uASCompat: 1
diff --git a/source4/setup/provision_computers_add.ldif b/source4/setup/provision_computers_add.ldif
index c89742fe3f..6db3f41524 100644
--- a/source4/setup/provision_computers_add.ldif
+++ b/source4/setup/provision_computers_add.ldif
@@ -1,3 +1,3 @@
-dn: CN=Computers,${BASEDN}
+dn: CN=Computers,${DOMAINDN}
objectClass: top
objectClass: container
diff --git a/source4/setup/provision_computers_modify.ldif b/source4/setup/provision_computers_modify.ldif
index aab32e8665..9f0c1884ea 100644
--- a/source4/setup/provision_computers_modify.ldif
+++ b/source4/setup/provision_computers_modify.ldif
@@ -1,4 +1,4 @@
-dn: CN=Computers,${BASEDN}
+dn: CN=Computers,${DOMAINDN}
changetype: modify
replace: description
description: Default container for upgraded computer accounts
diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif
index b6eaa30529..902d717fb6 100644
--- a/source4/setup/provision_configuration.ldif
+++ b/source4/setup/provision_configuration.ldif
@@ -53,7 +53,7 @@ instanceType: 4
showInAdvancedViewOnly: TRUE
systemFlags: 3
objectCategory: CN=Cross-Ref,${SCHEMADN}
-nCName: ${BASEDN}
+nCName: ${DOMAINDN}
nETBIOSName: ${DOMAIN}
dnsRoot: ${DNSDOMAIN}
@@ -93,7 +93,7 @@ showInAdvancedViewOnly: TRUE
systemFlags: 1375731712
objectCategory: CN=Server,${SCHEMADN}
dNSHostName: ${DNSNAME}
-serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
+serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
dn: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
objectClass: top
diff --git a/source4/setup/provision_init.ldif b/source4/setup/provision_init.ldif
index 5f57651f16..bea45ce4ee 100644
--- a/source4/setup/provision_init.ldif
+++ b/source4/setup/provision_init.ldif
@@ -46,7 +46,7 @@ passwordAttribute: krb5key
dn: cn=ROOTDSE
subschemaSubentry: CN=Aggregate,${SCHEMADN}
dsServiceName: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,${CONFIGDN}
-defaultNamingContext: ${BASEDN}
+defaultNamingContext: ${DOMAINDN}
rootDomainNamingContext: ${ROOTDN}
configurationNamingContext: ${CONFIGDN}
schemaNamingContext: ${SCHEMADN}
diff --git a/source4/setup/provision_partitions.ldif b/source4/setup/provision_partitions.ldif
index 9acc140683..b713e4e31d 100644
--- a/source4/setup/provision_partitions.ldif
+++ b/source4/setup/provision_partitions.ldif
@@ -1,13 +1,13 @@
dn: @PARTITION
partition: ${SCHEMADN}:schema.ldb
partition: ${CONFIGDN}:configuration.ldb
-partition: ${BASEDN}:${LDAPBACKEND}
+partition: ${DOMAINDN}:${LDAPBACKEND}
replicateEntries: @SUBCLASSES
replicateEntries: @ATTRIBUTES
replicateEntries: @INDEXLIST
modules:${SCHEMADN}:objectguid
modules:${CONFIGDN}:objectguid
-modules:${BASEDN}:${LDAPMODULES}
+modules:${DOMAINDN}:${LDAPMODULES}
#Add modules to the list to activate them by default
#beware often order is important
diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif
index f5a445b4b5..d00570b121 100644
--- a/source4/setup/provision_users.ldif
+++ b/source4/setup/provision_users.ldif
@@ -1,12 +1,12 @@
-dn: CN=Administrator,CN=Users,${BASEDN}
+dn: CN=Administrator,CN=Users,${DOMAINDN}
objectClass: user
cn: Administrator
description: Built-in account for administering the computer/domain
-memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
-memberOf: CN=Domain Admins,CN=Users,${BASEDN}
-memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
-memberOf: CN=Schema Admins,CN=Users,${BASEDN}
-memberOf: CN=Administrators,CN=Builtin,${BASEDN}
+memberOf: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN}
+memberOf: CN=Domain Admins,CN=Users,${DOMAINDN}
+memberOf: CN=Enterprise Admins,CN=Users,${DOMAINDN}
+memberOf: CN=Schema Admins,CN=Users,${DOMAINDN}
+memberOf: CN=Administrators,CN=Builtin,${DOMAINDN}
userAccountControl: 66048
objectSid: ${DOMAINSID}-500
adminCount: 1
@@ -15,25 +15,25 @@ sAMAccountName: Administrator
isCriticalSystemObject: TRUE
sambaPassword: ${ADMINPASS}
-dn: CN=Guest,CN=Users,${BASEDN}
+dn: CN=Guest,CN=Users,${DOMAINDN}
objectClass: user
cn: Guest
description: Built-in account for guest access to the computer/domain
-memberOf: CN=Guests,CN=Builtin,${BASEDN}
+memberOf: CN=Guests,CN=Builtin,${DOMAINDN}
userAccountControl: 66082
primaryGroupID: 514
objectSid: ${DOMAINSID}-501
sAMAccountName: Guest
isCriticalSystemObject: TRUE
-dn: CN=Administrators,CN=Builtin,${BASEDN}
+dn: CN=Administrators,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Administrators
description: Administrators have complete and unrestricted access to the computer/domain
-member: CN=Domain Admins,CN=Users,${BASEDN}
-member: CN=Enterprise Admins,CN=Users,${BASEDN}
-member: CN=Administrator,CN=Users,${BASEDN}
+member: CN=Domain Admins,CN=Users,${DOMAINDN}
+member: CN=Enterprise Admins,CN=Users,${DOMAINDN}
+member: CN=Administrator,CN=Users,${DOMAINDN}
objectSid: S-1-5-32-544
adminCount: 1
sAMAccountName: Administrators
@@ -68,7 +68,7 @@ privilege: SeNetworkLogonRight
privilege: SeRemoteInteractiveLogonRight
-dn: CN=${NETBIOSNAME},CN=Domain Controllers,${BASEDN}
+dn: CN=${NETBIOSNAME},CN=Domain Controllers,${DOMAINDN}
objectClass: computer
cn: ${NETBIOSNAME}
userAccountControl: 532480
@@ -90,12 +90,12 @@ servicePrincipalName: HOST/${DNSNAME}/${DOMAIN}
servicePrincipalName: HOST/${NETBIOSNAME}/${DOMAIN}
${HOSTGUID_ADD}
-dn: CN=Users,CN=Builtin,${BASEDN}
+dn: CN=Users,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Users
description: Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications
-member: CN=Domain Users,CN=Users,${BASEDN}
+member: CN=Domain Users,CN=Users,${DOMAINDN}
objectSid: S-1-5-32-545
sAMAccountName: Users
sAMAccountType: 536870912
@@ -104,13 +104,13 @@ groupType: 2147483653
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Guests,CN=Builtin,${BASEDN}
+dn: CN=Guests,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Guests
description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
-member: CN=Domain Guests,CN=Users,${BASEDN}
-member: CN=Guest,CN=Users,${BASEDN}
+member: CN=Domain Guests,CN=Users,${DOMAINDN}
+member: CN=Guest,CN=Users,${DOMAINDN}
objectSid: S-1-5-32-546
sAMAccountName: Guests
sAMAccountType: 536870912
@@ -119,7 +119,7 @@ groupType: 2147483653
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Print Operators,CN=Builtin,${BASEDN}
+dn: CN=Print Operators,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Print Operators
@@ -136,7 +136,7 @@ privilege: SeLoadDriverPrivilege
privilege: SeShutdownPrivilege
privilege: SeInteractiveLogonRight
-dn: CN=Backup Operators,CN=Builtin,${BASEDN}
+dn: CN=Backup Operators,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Backup Operators
@@ -154,7 +154,7 @@ privilege: SeRestorePrivilege
privilege: SeShutdownPrivilege
privilege: SeInteractiveLogonRight
-dn: CN=Replicator,CN=Builtin,${BASEDN}
+dn: CN=Replicator,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Replicator
@@ -168,7 +168,7 @@ groupType: 2147483653
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN}
+dn: CN=Remote Desktop Users,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Remote Desktop Users
@@ -181,7 +181,7 @@ groupType: 2147483653
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN}
+dn: CN=Network Configuration Operators,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Network Configuration Operators
@@ -194,7 +194,7 @@ groupType: 2147483653
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN}
+dn: CN=Performance Monitor Users,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Performance Monitor Users
@@ -207,7 +207,7 @@ groupType: 2147483653
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Performance Log Users,CN=Builtin,${BASEDN}
+dn: CN=Performance Log Users,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Performance Log Users
@@ -220,7 +220,7 @@ groupType: 2147483653
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=krbtgt,CN=Users,${BASEDN}
+dn: CN=krbtgt,CN=Users,${DOMAINDN}
objectClass: top
objectClass: person
objectClass: organizationalPerson
@@ -238,7 +238,7 @@ servicePrincipalName: kadmin/changepw
isCriticalSystemObject: TRUE
sambaPassword: ${KRBTGTPASS}
-dn: CN=Domain Computers,CN=Users,${BASEDN}
+dn: CN=Domain Computers,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Domain Computers
@@ -248,7 +248,7 @@ sAMAccountName: Domain Computers
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Domain Controllers,CN=Users,${BASEDN}
+dn: CN=Domain Controllers,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Domain Controllers
@@ -258,30 +258,30 @@ adminCount: 1
sAMAccountName: Domain Controllers
isCriticalSystemObject: TRUE
-dn: CN=Schema Admins,CN=Users,${BASEDN}
+dn: CN=Schema Admins,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Schema Admins
description: Designated administrators of the schema
-member: CN=Administrator,CN=Users,${BASEDN}
+member: CN=Administrator,CN=Users,${DOMAINDN}
objectSid: ${DOMAINSID}-518
adminCount: 1
sAMAccountName: Schema Admins
isCriticalSystemObject: TRUE
-dn: CN=Enterprise Admins,CN=Users,${BASEDN}
+dn: CN=Enterprise Admins,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Enterprise Admins
description: Designated administrators of the enterprise
-member: CN=Administrator,CN=Users,${BASEDN}
-memberOf: CN=Administrators,CN=Builtin,${BASEDN}
+member: CN=Administrator,CN=Users,${DOMAINDN}
+memberOf: CN=Administrators,CN=Builtin,${DOMAINDN}
objectSid: ${DOMAINSID}-519
adminCount: 1
sAMAccountName: Enterprise Admins
isCriticalSystemObject: TRUE
-dn: CN=Cert Publishers,CN=Users,${BASEDN}
+dn: CN=Cert Publishers,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Cert Publishers
@@ -293,50 +293,50 @@ sAMAccountName: Cert Publishers
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Domain Admins,CN=Users,${BASEDN}
+dn: CN=Domain Admins,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Domain Admins
description: Designated administrators of the domain
-member: CN=Administrator,CN=Users,${BASEDN}
-memberOf: CN=Administrators,CN=Builtin,${BASEDN}
+member: CN=Administrator,CN=Users,${DOMAINDN}
+memberOf: CN=Administrators,CN=Builtin,${DOMAINDN}
objectSid: ${DOMAINSID}-512
adminCount: 1
sAMAccountName: Domain Admins
isCriticalSystemObject: TRUE
-dn: CN=Domain Users,CN=Users,${BASEDN}
+dn: CN=Domain Users,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Domain Users
description: All domain users
-memberOf: CN=Users,CN=Builtin,${BASEDN}
+memberOf: CN=Users,CN=Builtin,${DOMAINDN}
objectSid: ${DOMAINSID}-513
sAMAccountName: Domain Users
isCriticalSystemObject: TRUE
-dn: CN=Domain Guests,CN=Users,${BASEDN}
+dn: CN=Domain Guests,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Domain Guests
description: All domain guests
-memberOf: CN=Guests,CN=Builtin,${BASEDN}
+memberOf: CN=Guests,CN=Builtin,${DOMAINDN}
objectSid: ${DOMAINSID}-514
sAMAccountName: Domain Guests
isCriticalSystemObject: TRUE
-dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
+dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Group Policy Creator Owners
description: Members in this group can modify group policy for the domain
-member: CN=Administrator,CN=Users,${BASEDN}
+member: CN=Administrator,CN=Users,${DOMAINDN}
objectSid: ${DOMAINSID}-520
sAMAccountName: Group Policy Creator Owners
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
+dn: CN=RAS and IAS Servers,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: RAS and IAS Servers
@@ -349,7 +349,7 @@ groupType: 2147483652
objectCategory: CN=Group,${SCHEMADN}
isCriticalSystemObject: TRUE
-dn: CN=Server Operators,CN=Builtin,${BASEDN}
+dn: CN=Server Operators,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Server Operators
@@ -370,7 +370,7 @@ privilege: SeRestorePrivilege
privilege: SeShutdownPrivilege
privilege: SeInteractiveLogonRight
-dn: CN=Account Operators,CN=Builtin,${BASEDN}
+dn: CN=Account Operators,CN=Builtin,${DOMAINDN}
objectClass: top
objectClass: group
cn: Account Operators
diff --git a/source4/setup/provision_users_add.ldif b/source4/setup/provision_users_add.ldif
index 56a2623cfc..db075d9c80 100644
--- a/source4/setup/provision_users_add.ldif
+++ b/source4/setup/provision_users_add.ldif
@@ -1,3 +1,3 @@
-dn: CN=Users,${BASEDN}
+dn: CN=Users,${DOMAINDN}
objectClass: top
objectClass: container
diff --git a/source4/setup/provision_users_modify.ldif b/source4/setup/provision_users_modify.ldif
index 5766d672f7..04ff57368e 100644
--- a/source4/setup/provision_users_modify.ldif
+++ b/source4/setup/provision_users_modify.ldif
@@ -1,4 +1,4 @@
-dn: CN=Users,${BASEDN}
+dn: CN=Users,${DOMAINDN}
changetype: modify
replace: description
description: Default container for upgraded user accounts