From f794e8d43de1c2fb577b883f0e0b49f392fa14a1 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Fri, 16 Oct 2009 18:01:35 +1100
Subject: s4-provision: added the default privileges db

privileges are now stored in a separate database
---
 source4/setup/provision_privilege.ldif | 78 ++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 source4/setup/provision_privilege.ldif

(limited to 'source4/setup')

diff --git a/source4/setup/provision_privilege.ldif b/source4/setup/provision_privilege.ldif
new file mode 100644
index 0000000000..0916c59f30
--- /dev/null
+++ b/source4/setup/provision_privilege.ldif
@@ -0,0 +1,78 @@
+# default privileges - more can be added via LSA or ldbedit
+dn: @ATTRIBUTES
+comment: CASE_INSENSITIVE
+privilege: CASE_INSENSITIVE
+
+dn: @INDEXLIST
+@IDXATTR: objectSid
+@IDXATTR: privilege
+
+dn: sid=S-1-5-32-544
+objectClass: privilege
+comment: Administrators
+objectSid: S-1-5-32-544
+privilege: SeSecurityPrivilege
+privilege: SeBackupPrivilege
+privilege: SeRestorePrivilege
+privilege: SeSystemtimePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeRemoteShutdownPrivilege
+privilege: SeTakeOwnershipPrivilege
+privilege: SeDebugPrivilege
+privilege: SeSystemEnvironmentPrivilege
+privilege: SeSystemProfilePrivilege
+privilege: SeProfileSingleProcessPrivilege
+privilege: SeIncreaseBasePriorityPrivilege
+privilege: SeLoadDriverPrivilege
+privilege: SeCreatePagefilePrivilege
+privilege: SeIncreaseQuotaPrivilege
+privilege: SeChangeNotifyPrivilege
+privilege: SeUndockPrivilege
+privilege: SeManageVolumePrivilege
+privilege: SeImpersonatePrivilege
+privilege: SeCreateGlobalPrivilege
+privilege: SeEnableDelegationPrivilege
+privilege: SeInteractiveLogonRight
+privilege: SeNetworkLogonRight
+privilege: SeRemoteInteractiveLogonRight
+
+dn: sid=S-1-5-32-550
+objectClass: privilege
+comment: Print Operators
+objectSid: S-1-5-32-550
+privilege: SeLoadDriverPrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
+
+dn: sid=S-1-5-32-551
+objectClass: privilege
+comment: Backup Operators
+objectSid: S-1-5-32-551
+privilege: SeBackupPrivilege
+privilege: SeRestorePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
+
+dn: sid=S-1-5-32-549
+objectClass: privilege
+comment: Server Operators
+objectSid: S-1-5-32-549
+privilege: SeBackupPrivilege
+privilege: SeSystemtimePrivilege
+privilege: SeRemoteShutdownPrivilege
+privilege: SeRestorePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
+
+dn: sid=S-1-5-32-548
+objectClass: privilege
+comment: Account Operators
+objectSid: S-1-5-32-548
+privilege: SeInteractiveLogonRight
+
+dn: sid=S-1-5-32-554
+objectClass: privilege
+comment: Pre-Windows 2000 Compatible Access
+objectSid: S-1-5-32-554
+privilege: SeRemoteInteractiveLogonRight
+privilege: SeChangeNotifyPrivilege
-- 
cgit