#These attributes are only used as far as the bootstrapping of the
# schema.  After that, the attributes from the schema are used.
#
# Therefore, they must strictly match the schema

dn: @ATTRIBUTES
userPrincipalName: CASE_INSENSITIVE
servicePrincipalName: CASE_INSENSITIVE
dnsDomain: CASE_INSENSITIVE
dnsRoot: CASE_INSENSITIVE
nETBIOSName: CASE_INSENSITIVE
cn: CASE_INSENSITIVE
dc: CASE_INSENSITIVE
name: CASE_INSENSITIVE
lDAPDisplayName: CASE_INSENSITIVE
subClassOf: CASE_INSENSITIVE
dn: CASE_INSENSITIVE
sAMAccountName: CASE_INSENSITIVE
objectClass: CASE_INSENSITIVE
userPassword: HIDDEN
krb5Key: HIDDEN
ntPwdHash: HIDDEN
sambaNTPwdHistory: HIDDEN
lmPwdHash: HIDDEN
sambaLMPwdHistory: HIDDEN
createTimestamp: HIDDEN
modifyTimestamp: HIDDEN
groupType: INTEGER
sAMAccountType: INTEGER
systemFlags: INTEGER
userAccountControl: INTEGER

dn: @OPTIONS
checkBaseOnSearch: TRUE

dn: @KLUDGEACL
passwordAttribute: clearTextPassword
passwordAttribute: userPassword
passwordAttribute: ntPwdHash
passwordAttribute: sambaNTPwdHistory
passwordAttribute: lmPwdHash
passwordAttribute: sambaLMPwdHistory
passwordAttribute: krb5key
passwordAttribute: dBCSPwd
passwordAttribute: unicodePwd
passwordAttribute: ntPwdHistory
passwordAttribute: lmPwdHistory
passwordAttribute: supplementalCredentials
passwordAttribute: priorValue
passwordAttribute: currentValue
passwordAttribute: trustAuthOutgoing
passwordAttribute: trustAuthIncoming
passwordAttribute: initialAuthOutgoing
passwordAttribute: initialAuthIncoming