From 53d10d139e569f9132193e8f8c268638eab30a0b Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 6 Jan 2010 09:26:17 +1100 Subject: s4-provision: don't hard wire the creation of the RID Set object We now create it automatically in the samldb module when the first user is created. The creation of the dns user also had to move to the _modify.ldif as it now relies on the fSMO role being setup for the RID Manager Pair-Programmed-With: Andrew Bartlett --- source4/setup/provision_self_join.ldif | 26 +------------------------- 1 file changed, 1 insertion(+), 25 deletions(-) (limited to 'source4/setup/provision_self_join.ldif') diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif index 0ad1b90fdb..48f7157679 100644 --- a/source4/setup/provision_self_join.ldif +++ b/source4/setup/provision_self_join.ldif @@ -15,7 +15,6 @@ localPolicyFlags: 0 operatingSystem: Samba operatingSystemVersion: ${SAMBA_VERSION_STRING} primaryGroupID: 516 -rIDSetReferences: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN} sAMAccountName: ${NETBIOSNAME}$ # "servicePrincipalName" for FRS doesn't exit since we still miss FRS support # "servicePrincipalName"s for DNS ("ldap/../ForestDnsZones", @@ -33,16 +32,7 @@ servicePrincipalName: ldap/${DNSNAME} servicePrincipalName: ldap/${DNSNAME}/${REALM} userAccountControl: 532480 userPassword:: ${MACHINEPASS_B64} -objectSID: ${DOMAINSID}-1001 - -dn: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN} -objectClass: top -objectClass: rIDSet -rIDAllocationPool: 1000-1499 -rIDPreviousAllocationPool: 1000-1499 -rIDUsedPool: 0 -rIDNextRID: 1001 - +objectSID: ${DOMAINSID}-1000 # Here are missing the objects for the NTFRS subscription and the RID set since # we don't support those techniques (FRS, distributed RIDs) yet. @@ -78,17 +68,3 @@ msDS-hasMasterNCs: ${DOMAINDN} options: 1 systemFlags: 33554432 ${NTDSGUID} - -# Provides an account for DNS keytab export -dn: CN=dns,CN=Users,${DOMAINDN} -objectClass: top -objectClass: person -objectClass: organizationalPerson -objectClass: user -description: DNS Service Account -userAccountControl: 514 -accountExpires: 9223372036854775807 -sAMAccountName: dns -servicePrincipalName: DNS/${DNSDOMAIN} -userPassword:: ${DNSPASS_B64} -isCriticalSystemObject: TRUE -- cgit