-#Join the DC to itself by default
+# Accounts for selfjoin (joins DC to itself)
+# Object under "Domain Controllers"
dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: user
objectClass: computer
-cn: ${NETBIOSNAME}
-userAccountControl: 532480
-localPolicyFlags: 0
-primaryGroupID: 516
accountExpires: 9223372036854775807
-sAMAccountName: ${NETBIOSNAME}$
-sAMAccountType: 805306369
-operatingSystem: Samba
-operatingSystemVersion: 4.0
dNSHostName: ${DNSNAME}
-isCriticalSystemObject: TRUE
-sambaPassword: ${MACHINEPASS}
-servicePrincipalName: HOST/${DNSNAME}
-servicePrincipalName: HOST/${NETBIOSNAME}
-servicePrincipalName: HOST/${DNSNAME}/${REALM}
-servicePrincipalName: HOST/${NETBIOSNAME}/${REALM}
-servicePrincipalName: HOST/${DNSNAME}/${DOMAIN}
-servicePrincipalName: HOST/${NETBIOSNAME}/${DOMAIN}
-${HOSTGUID_ADD}
+# "MSDFSR-ComputerReferenceBL" doesn't exist since we still miss DFSR support
+# "isCritcalSystemObject" is now filled in by the samldb LDB module
+localPolicyFlags: 0
+operatingSystem: Samba
+operatingSystemVersion: ${SAMBA_VERSION_STRING}
+sAMAccountName: ${NETBIOSNAME}$
+# The "servicePrincipalName" updates are now handled by the "samba_spnupdate"
+# script
+userAccountControl: 532480
+clearTextPassword:: ${MACHINEPASS_B64}
+objectSid: ${DOMAINSID}-${DCRID}
+
+dn: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
+objectClass: rIDSet
+rIDAllocationPool: ${RIDALLOCATIONSTART}-${RIDALLOCATIONEND}
+rIDPreviousAllocationPool: ${RIDALLOCATIONSTART}-${RIDALLOCATIONEND}
+rIDUsedPool: 0
+rIDNextRID: ${RIDALLOCATIONSTART}