summaryrefslogtreecommitdiff
path: root/source4/setup/provision_self_join.ldif
blob: 0ad1b90fdbb9282928f6865dd25edc9ae3a08c02 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
# Accounts for selfjoin (joins DC to itself)

# Object under "Domain Controllers"
dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer
accountExpires: 9223372036854775807
dNSHostName: ${DNSNAME}
# "frsComputerReferenceBL" doesn't exist since we still miss FRS support
isCriticalSystemObject: TRUE
localPolicyFlags: 0
operatingSystem: Samba
operatingSystemVersion: ${SAMBA_VERSION_STRING}
primaryGroupID: 516
rIDSetReferences: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
sAMAccountName: ${NETBIOSNAME}$
# "servicePrincipalName" for FRS doesn't exit since we still miss FRS support
# "servicePrincipalName"s for DNS ("ldap/../ForestDnsZones",
# "ldap/../DomainDnsZones", "DNS/..") don't exist since we don't support AD DNS
servicePrincipalName: GC/${DNSNAME}/${REALM}
servicePrincipalName: HOST/${DNSNAME}/${DOMAIN}
servicePrincipalName: HOST/${NETBIOSNAME}
servicePrincipalName: HOST/${DNSNAME}
servicePrincipalName: HOST/${DNSNAME}/${REALM}
# "servicePrincipalName"s with GUIDs are located in
# "provision_self_join_modify.ldif"
servicePrincipalName: ldap/${DNSNAME}/${DOMAIN}
servicePrincipalName: ldap/${NETBIOSNAME}
servicePrincipalName: ldap/${DNSNAME}
servicePrincipalName: ldap/${DNSNAME}/${REALM}
userAccountControl: 532480
userPassword:: ${MACHINEPASS_B64}
objectSID: ${DOMAINSID}-1001

dn: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
objectClass: top
objectClass: rIDSet
rIDAllocationPool: 1000-1499
rIDPreviousAllocationPool: 1000-1499
rIDUsedPool: 0
rIDNextRID: 1001


# Here are missing the objects for the NTFRS subscription and the RID set since
# we don't support those techniques (FRS, distributed RIDs) yet.

# Objects under "Configuration/Sites/<Default sitename>/Servers"

dn: ${SERVERDN}
objectClass: top
objectClass: server
systemFlags: 1375731712
dNSHostName: ${DNSNAME}
serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}

dn: CN=NTDS Settings,${SERVERDN}
objectClass: top
objectClass: applicationSettings
objectClass: nTDSDSA
dMDLocation: ${SCHEMADN}
hasMasterNCs: ${CONFIGDN}
hasMasterNCs: ${SCHEMADN}
hasMasterNCs: ${DOMAINDN}
invocationId: ${INVOCATIONID}
msDS-Behavior-Version: ${DOMAIN_CONTROLLER_FUNCTIONALITY}
msDS-HasDomainNCs: ${DOMAINDN}
# "msDS-HasInstantiatedNCs"s for DNS don't exist since we don't support AD DNS
msDS-HasInstantiatedNCs: B:8:0000000D:${CONFIGDN}
msDS-HasInstantiatedNCs: B:8:0000000D:${SCHEMADN}
msDS-HasInstantiatedNCs: B:8:00000005:${DOMAINDN}
# "msDS-hasMasterNCs"s for DNS don't exist since we don't support AD DNS
msDS-hasMasterNCs: ${CONFIGDN}
msDS-hasMasterNCs: ${SCHEMADN}
msDS-hasMasterNCs: ${DOMAINDN}
options: 1
systemFlags: 33554432
${NTDSGUID}

# Provides an account for DNS keytab export
dn: CN=dns,CN=Users,${DOMAINDN}
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
description: DNS Service Account
userAccountControl: 514
accountExpires: 9223372036854775807
sAMAccountName: dns
servicePrincipalName: DNS/${DNSDOMAIN}
userPassword:: ${DNSPASS_B64}
isCriticalSystemObject: TRUE