summaryrefslogtreecommitdiff
path: root/source4/setup/provision_users.ldif
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r11990: Set the password set time as 'now', so it isn't expired back in 2004.Andrew Bartlett1-2/+1
Andrew Bartlett (This used to be commit b3929230b210bd6f0b12f90f48767aa861fd08fa)
2007-10-10r11357: Add more standard 'servicePrincaipalName' entries to our host accountAndrew Bartlett1-0/+4
in provision. Andrew Bartlett (This used to be commit 8ed61562803f92eb110742ac45cff36c8fe8eca3)
2007-10-10r10955: finally worked out why our computer accounts were being identified ↵Andrew Tridgell1-0/+1
as users in mmc. The problem was that the samdb module was auto-adding objectClass=user for these accounts. That would be OK, as computer accounts are supposed to be in that objectClass, but mmc cares about the order of the values in the objectClass attribute! It looks for the last value, and takes that as the value to use when deciding how to manipulate the record. So, this patch adds an explicit objectClass=user to the record when it gets created, which tells the samdb module to not add it as well. That fixes the order. I suspect we are missing something else though - is objectClass supposed to auto-sort based on the schema? (This used to be commit 68c5f807fdb99fd605154d455e61a08293cbd2d0)
2007-10-10r8790: Finish the migration of aliases and privilages with SamSync, by addingAndrew Bartlett1-0/+459
templating support for foreignSecurityPrincipals to the samdb module. This is an extension beyond what microsoft does, and has been very useful :-) The setup scripts have been modified to use the new template, as has the SAMR and LSA code. Other cleanups in LSA remove the assumption that the short domain name is the first component of the realm. Also add a lot of useful debug messages, to make it clear how/why the SamSync may have gone wrong. Many of these should perhaps be hooked into an error string. Andrew Bartlett (This used to be commit 1f071b0609c5c83024db1d4a7d04334a932b8253)