From 9ee895fcf6327b1c2f5ee09fa565bd62974e9c58 Mon Sep 17 00:00:00 2001
From: Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de>
Date: Sun, 10 Jan 2010 15:38:55 +0100
Subject: s4:provision_users.ldif - Fix memberships regarding the denied
 password RODC replication group

---
 source4/setup/provision_users.ldif | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'source4/setup')

diff --git a/source4/setup/provision_users.ldif b/source4/setup/provision_users.ldif
index 1fc0936560..934fc0538e 100644
--- a/source4/setup/provision_users.ldif
+++ b/source4/setup/provision_users.ldif
@@ -165,6 +165,14 @@ dn: CN=Denied RODC Password Replication Group,CN=Users,${DOMAINDN}
 objectClass: top
 objectClass: group
 description: Members in this group cannot have their passwords replicated to any read-only domain controllers in the domain.
+member: CN=Read-Only Domain Controllers,CN=Users,${DOMAINDN}
+member: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN}
+member: CN=Domain Admins,CN=Users,${DOMAINDN}
+member: CN=Cert Publishers,CN=Users,${DOMAINDN}
+member: CN=Enterprise Admins,CN=Users,${DOMAINDN}
+member: CN=Schema Admins,CN=Users,${DOMAINDN}
+member: CN=Domain Controllers,CN=Users,${DOMAINDN}
+member: CN=krbtgt,CN=Users,${DOMAINDN}
 objectSid: ${DOMAINSID}-572
 sAMAccountName: Denied RODC Password Replication Group
 groupType: -2147483644
-- 
cgit