From 0eeb0973e9ccf4583c918562b92a0c8921c122da Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Sun, 3 Oct 2004 10:31:12 +0000
Subject: r2804: - setup some reasonable default SAM to unixName mappings in
 the provisioning.

- enable the unixuid module by default on all backends
(This used to be commit e335cd4933fccc1bb53641131eb6505faca857ce)
---
 source4/param/loadparm.c    |  2 +-
 source4/provision.ldif      | 10 ++++++++++
 source4/script/provision.pl | 10 ++++++----
 3 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index 8448cdeb04..bc5ceb00d8 100644
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -886,7 +886,7 @@ static void init_globals(void)
 	init_printer_values();
 
 	do_parameter("fstype", FSTYPE_STRING);
-	do_parameter("ntvfs handler", "default");
+	do_parameter("ntvfs handler", "unixuid default");
 
 	do_parameter("dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss");
 	do_parameter("server services", "smb rpc");
diff --git a/source4/provision.ldif b/source4/provision.ldif
index ac2f69b086..3d21fd8b6e 100644
--- a/source4/provision.ldif
+++ b/source4/provision.ldif
@@ -191,6 +191,8 @@ sAMAccountName: Administrator
 sAMAccountType: 0x30000000
 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unicodePwd: ${ADMINPASS}
+unixName: root
 
 dn: CN=Guest,CN=Users,${BASEDN}
 objectClass: top
@@ -247,6 +249,7 @@ systemFlags: 0x8c000000
 groupType: 0x80000005
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Users,CN=Builtin,${BASEDN}
 objectClass: top
@@ -290,6 +293,7 @@ systemFlags: 0x8c000000
 groupType: 0x80000005
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: nogroup
 
 dn: CN=Print Operators,CN=Builtin,${BASEDN}
 objectClass: top
@@ -562,6 +566,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Enterprise Admins,CN=Users,${BASEDN}
 objectClass: top
@@ -584,6 +589,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Cert Publishers,CN=Users,${BASEDN}
 objectClass: top
@@ -625,6 +631,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=Domain Users,CN=Users,${BASEDN}
 objectClass: top
@@ -645,6 +652,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: users
 
 dn: CN=Domain Guests,CN=Users,${BASEDN}
 objectClass: top
@@ -685,6 +693,7 @@ sAMAccountType: 268435456
 groupType: -2147483646
 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
+unixName: root
 
 dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
 objectClass: top
@@ -839,3 +848,4 @@ cn: TemplateGroup
 name: TemplateGroup
 instanceType: 4
 sAMAccountType: 0x10000000
+
diff --git a/source4/script/provision.pl b/source4/script/provision.pl
index 60ab5653a0..cc08c94bfb 100755
--- a/source4/script/provision.pl
+++ b/source4/script/provision.pl
@@ -139,10 +139,11 @@ sub FileLoad($)
 
 #######################################################################
 # add a foreign security principle
-sub add_foreign($$)
+sub add_foreign($$$)
 {
 	my $sid = shift;
 	my $desc = shift;
+	my $unixname = shift;
 	return "
 dn: CN=$sid,CN=ForeignSecurityPrincipals,\${BASEDN}
 objectClass: top
@@ -160,6 +161,7 @@ name: $sid
 objectGUID: \${NEWGUID}
 objectSid: $sid
 objectCategory: CN=Foreign-Security-Principal,CN=Schema,CN=Configuration,\${BASEDN}
+unixName: $unixname
 
 ";
 }
@@ -209,9 +211,9 @@ $basedn = "DC=" . join(",DC=", split(/\./, $opt_realm));
 
 my $data = FileLoad("provision.ldif") || die "Unable to load provision.ldif\n";
 
-$data .= add_foreign("S-1-5-7", "Anonymous");
-$data .= add_foreign("S-1-5-18", "System");
-$data .= add_foreign("S-1-5-11", "Authenticated Users");
+$data .= add_foreign("S-1-5-7", "Anonymous", "nobody");
+$data .= add_foreign("S-1-5-18", "System", "root");
+$data .= add_foreign("S-1-5-11", "Authenticated Users", "users");
 
 if (!$opt_adminpass) {
 	$opt_adminpass = randpass();
-- 
cgit