diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/setup/provision_users.ldif | 61 |
1 files changed, 35 insertions, 26 deletions
diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif index 041262de14..8669d8a4e6 100644 --- a/source4/setup/provision_users.ldif +++ b/source4/setup/provision_users.ldif @@ -1,3 +1,24 @@ +# Add default primary groups (domain users, domain guests) - needed for +# the users to find valid primary groups (samldb module) + +dn: CN=Domain Users,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +description: All domain users +objectSid: ${DOMAINSID}-513 +sAMAccountName: Domain Users +isCriticalSystemObject: TRUE + +dn: CN=Domain Guests,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +description: All domain guests +objectSid: ${DOMAINSID}-514 +sAMAccountName: Domain Guests +isCriticalSystemObject: TRUE + +# Add users + dn: CN=Administrator,CN=Users,${DOMAINDN} objectClass: user description: Built-in account for administering the computer/domain @@ -18,16 +39,6 @@ objectSid: ${DOMAINSID}-501 sAMAccountName: Guest isCriticalSystemObject: TRUE -dn: CN=Enterprise Admins,CN=Users,${DOMAINDN} -objectClass: top -objectClass: group -description: Designated administrators of the enterprise -member: CN=Administrator,CN=Users,${DOMAINDN} -objectSid: ${DOMAINSID}-519 -adminCount: 1 -sAMAccountName: Enterprise Admins -isCriticalSystemObject: TRUE - dn: CN=krbtgt,CN=Users,${DOMAINDN} objectClass: top objectClass: person @@ -44,6 +55,18 @@ servicePrincipalName: kadmin/changepw userPassword:: ${KRBTGTPASS_B64} isCriticalSystemObject: TRUE +# Add other groups + +dn: CN=Enterprise Admins,CN=Users,${DOMAINDN} +objectClass: top +objectClass: group +description: Designated administrators of the enterprise +member: CN=Administrator,CN=Users,${DOMAINDN} +objectSid: ${DOMAINSID}-519 +adminCount: 1 +sAMAccountName: Enterprise Admins +isCriticalSystemObject: TRUE + dn: CN=Domain Computers,CN=Users,${DOMAINDN} objectClass: top objectClass: group @@ -90,22 +113,6 @@ adminCount: 1 sAMAccountName: Domain Admins isCriticalSystemObject: TRUE -dn: CN=Domain Users,CN=Users,${DOMAINDN} -objectClass: top -objectClass: group -description: All domain users -objectSid: ${DOMAINSID}-513 -sAMAccountName: Domain Users -isCriticalSystemObject: TRUE - -dn: CN=Domain Guests,CN=Users,${DOMAINDN} -objectClass: top -objectClass: group -description: All domain guests -objectSid: ${DOMAINSID}-514 -sAMAccountName: Domain Guests -isCriticalSystemObject: TRUE - dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN} objectClass: top objectClass: group @@ -391,6 +398,8 @@ systemFlags: -1946157056 groupType: -2147483643 isCriticalSystemObject: TRUE +# Add well known security principals + dn: CN=WellKnown Security Principals,${CONFIGDN} objectClass: top objectClass: container |