@IDXATTR: member
@IDXATTR: unixID
@IDXATTR: unixName
+@IDXATTR: privilege
dn: @ATTRIBUTES
realm: CASE_INSENSITIVE
userPrincipalName: CASE_INSENSITIVE
servicePrincipalName: CASE_INSENSITIVE
+cn: CASE_INSENSITIVE
+dc: CASE_INSENSITIVE
name: CASE_INSENSITIVE WILDCARD
dn: CASE_INSENSITIVE WILDCARD
sAMAccountName: CASE_INSENSITIVE WILDCARD
template: userTemplate
template: groupTemplate
+#Add modules to the list to activate them by default
+#beware often order is important
dn: @MODULES
-@MODULE: timestamps
+@LIST: samldb,timestamps
+###############################
+# Domain Naming Context
+###############################
dn: ${BASEDN}
objectClass: top
objectClass: domain
pwdHistoryLength: 24
objectSid: ${DOMAINSID}
serverState: 1
+nTMixedDomain: 1
+msDS-Behavior-Version: 0
+ridManagerReference: CN=RID Manager$,CN=System,${BASEDN}
uASCompat: 1
modifiedCount: 1
objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+subRefs: CN=Configuration,${BASEDN}
+subRefs: CN=Schema,CN=Configuration,${BASEDN}
dn: CN=Users,${BASEDN}
objectClass: top
objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+dn: CN=System,${BASEDN}
+objectClass: top
+objectClass: container
+cn: System
+description: Builtin system settings
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: 1
+uSNChanged: 1
+showInAdvancedViewOnly: TRUE
+name: System
+objectGUID: ${NEWGUID}
+systemFlags: 0x8c000000
+objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
+isCriticalSystemObject: TRUE
+
+dn: CN=RID Manager$,CN=System,${BASEDN}
+objectclass: top
+objectclass: rIDManager
+cn: RID Manager$
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: 1
+uSNChanged: 1
+showInAdvancedViewOnly: TRUE
+name: RID Manager$
+objectGUID: ${NEWGUID}
+systemFlags: 0x8c000000
+objectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,${BASEDN}
+isCriticalSystemObject: TRUE
+fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+rIDAvailablePool: 4611686014132423217
+
+dn: CN=DomainUpdates,CN=System,${BASEDN}
+objectClass: top
+objectClass: container
+cn: DomainUpdates
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: 1
+uSNChanged: 1
+showInAdvancedViewOnly: TRUE
+name: DomainUpdates
+objectGUID: ${NEWGUID}
+objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
+
+dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN}
+objectClass: top
+objectClass: container
+cn: Windows2003Update
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: 1
+uSNChanged: 1
+showInAdvancedViewOnly: TRUE
+name: Windows2003Update
+objectGUID: ${NEWGUID}
+objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
+revision: 8
+
+dn: CN=Infrastructure,${BASEDN}
+objectclass: top
+objectclass: infrastructureUpdate
+cn: Infrastructure
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: 1
+uSNChanged: 1
+showInAdvancedViewOnly: TRUE
+name: Infrastructure
+objectGUID: ${NEWGUID}
+systemFlags: 0x8c000000
+objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,${BASEDN}
+isCriticalSystemObject: TRUE
+fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+
dn: CN=Builtin,${BASEDN}
objectClass: top
objectClass: builtinDomain
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
unixName: ${WHEEL}
+privilege: SeSecurityPrivilege
+privilege: SeBackupPrivilege
+privilege: SeRestorePrivilege
+privilege: SeSystemtimePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeRemoteShutdownPrivilege
+privilege: SeTakeOwnershipPrivilege
+privilege: SeDebugPrivilege
+privilege: SeSystemEnvironmentPrivilege
+privilege: SeSystemProfilePrivilege
+privilege: SeProfileSingleProcessPrivilege
+privilege: SeIncreaseBasePriorityPrivilege
+privilege: SeLoadDriverPrivilege
+privilege: SeCreatePagefilePrivilege
+privilege: SeIncreaseQuotaPrivilege
+privilege: SeChangeNotifyPrivilege
+privilege: SeUndockPrivilege
+privilege: SeManageVolumePrivilege
+privilege: SeImpersonatePrivilege
+privilege: SeCreateGlobalPrivilege
+privilege: SeEnableDelegationPrivilege
+privilege: SeInteractiveLogonRight
+privilege: SeNetworkLogonRight
+privilege: SeRemoteInteractiveLogonRight
+
dn: CN=Users,CN=Builtin,${BASEDN}
objectClass: top
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeLoadDriverPrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
dn: CN=Backup Operators,CN=Builtin,${BASEDN}
objectClass: top
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeBackupPrivilege
+privilege: SeRestorePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
dn: CN=Replicator,CN=Builtin,${BASEDN}
objectClass: top
dNSHostName: ${DNSNAME}
objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
-unicodePwd: ${RANDPASS}
+unicodePwd: ${JOINPASS}
servicePrincipalName: HOST/${DNSNAME}
servicePrincipalName: HOST/${NETBIOSNAME}
servicePrincipalName: CIFS/${DNSNAME}
objectGUID: ${NEWGUID}
objectSid: ${DOMAINSID}-515
sAMAccountName: Domain Computers
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
objectSid: ${DOMAINSID}-516
adminCount: 1
sAMAccountName: Domain Controllers
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
objectSid: ${DOMAINSID}-518
adminCount: 1
sAMAccountName: Schema Admins
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
unixName: ${WHEEL}
objectSid: ${DOMAINSID}-519
adminCount: 1
sAMAccountName: Enterprise Admins
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
unixName: ${WHEEL}
objectSid: ${DOMAINSID}-517
sAMAccountName: Cert Publishers
sAMAccountType: 0x20000000
-groupType: -2147483644
+groupType: 0x80000004
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
objectSid: ${DOMAINSID}-512
adminCount: 1
sAMAccountName: Domain Admins
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
unixName: ${WHEEL}
objectGUID: ${NEWGUID}
objectSid: ${DOMAINSID}-513
sAMAccountName: Domain Users
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
unixName: ${USERS}
objectGUID: ${NEWGUID}
objectSid: ${DOMAINSID}-514
sAMAccountName: Domain Guests
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
objectGUID: ${NEWGUID}
objectSid: ${DOMAINSID}-520
sAMAccountName: Group Policy Creator Owners
-sAMAccountType: 268435456
-groupType: -2147483646
+sAMAccountType: 0x10000000
+groupType: 0x80000002
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
unixName: ${WHEEL}
objectSid: ${DOMAINSID}-553
sAMAccountName: RAS and IAS Servers
sAMAccountType: 0x20000000
-groupType: -2147483644
+groupType: 0x80000004
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeBackupPrivilege
+privilege: SeSystemtimePrivilege
+privilege: SeRemoteShutdownPrivilege
+privilege: SeRestorePrivilege
+privilege: SeShutdownPrivilege
+privilege: SeInteractiveLogonRight
dn: CN=Account Operators,CN=Builtin,${BASEDN}
objectClass: top
groupType: 0x80000005
objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
isCriticalSystemObject: TRUE
+privilege: SeInteractiveLogonRight
dn: CN=Templates,${BASEDN}
objectClass: top
whenChanged: ${LDAPTIME}
uSNCreated: 1
uSNChanged: 1
-showInAdvancedViewOnly: FALSE
+showInAdvancedViewOnly: TRUE
name: Templates
objectGUID: ${NEWGUID}
systemFlags: 0x8c000000
logonCount: 0
sAMAccountType: 0x30000001
+dn: CN=TemplateTrustingDomain,CN=Templates,${BASEDN}
+objectClass: top
+objectClass: Template
+objectClass: userTemplate
+cn: TemplateTrustingDomain
+name: TemplateTrustingDomain
+instanceType: 4
+userAccountControl: 0x820
+badPwdCount: 0
+codePage: 0
+countryCode: 0
+badPasswordTime: 0
+lastLogoff: 0
+lastLogon: 0
+pwdLastSet: 0
+primaryGroupID: 513
+accountExpires: -1
+logonCount: 0
+sAMAccountType: 0x30000002
+
dn: CN=TemplateGroup,CN=Templates,${BASEDN}
objectClass: top
objectClass: Template
cn: TemplateGroup
name: TemplateGroup
instanceType: 4
+groupType: 0x80000002
sAMAccountType: 0x10000000
+dn: CN=TemplateAlias,CN=Templates,${BASEDN}
+objectClass: top
+objectClass: Template
+objectClass: aliasTemplate
+cn: TemplateAlias
+name: TemplateAlias
+instanceType: 4
+groupType: 0x80000004
+sAMAccountType: 0x10000000
+
+dn: CN=TemplateForeignSecurityPrincipal,CN=Templates,${BASEDN}
+objectClass: top
+objectClass: Template
+objectClass: foreignSecurityPrincipalTemplate
+cn: TemplateForeignSecurityPrincipal
+name: TemplateForeignSecurityPrincipal
+
+dn: CN=TemplateSecret,CN=Templates,${BASEDN}
+objectClass: top
+objectClass: leaf
+objectClass: Template
+objectClass: secretTemplate
+cn: TemplateSecret
+name: TemplateSecret
+instanceType: 4
+
+dn: CN=TemplateTrustedDomain,CN=Templates,${BASEDN}
+objectClass: top
+objectClass: leaf
+objectClass: Template
+objectClass: trustedDomainTemplate
+cn: TemplateTrustedDomain
+name: TemplateTrustedDomain
+instanceType: 4
+
+###############################
+# Configuration Naming Context
+###############################
+dn: CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: configuration
+cn: Configuration
+instanceType: 13
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Configuration
+objectGUID: ${NEWGUID}
+objectCategory: CN=Configuration,CN=Schema,CN=Configuration,${BASEDN}
+subRefs: CN=Schema,CN=Configuration,${BASEDN}
+masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+
+dn: CN=Partitions,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: crossRefContainer
+cn: Partitions
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Partitions
+objectGUID: ${NEWGUID}
+systemFlags: 0x80000000
+objectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,${BASEDN}
+msDS-Behavior-Version: 0
+fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+
+dn: CN=Enterprise Configuration,CN=Partitions,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: crossRef
+cn: Enterprise Configuration
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Enterprise Configuration
+objectGUID: ${NEWGUID}
+systemFlags: 0x00000001
+objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
+nCName: CN=Configuration,${BASEDN}
+dnsRoot: ${DNSDOMAIN}
+
+dn: CN=Enterprise Schema,CN=Partitions,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: crossRef
+cn: Enterprise Schema
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Enterprise Schema
+objectGUID: ${NEWGUID}
+systemFlags: 0x00000001
+objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
+nCName: CN=Schema,CN=Configuration,${BASEDN}
+dnsRoot: ${DNSDOMAIN}
+
+dn: CN=${DOMAIN},CN=Partitions,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: crossRef
+cn: ${DOMAIN}
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: ${DOMAIN}
+objectGUID: ${NEWGUID}
+systemFlags: 0x00000003
+objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
+nCName: ${BASEDN}
+nETBIOSName: ${DOMAIN}
+dnsRoot: ${DNSDOMAIN}
+
+dn: CN=Sites,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: sitesContainer
+cn: Sites
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Sites
+objectGUID: ${NEWGUID}
+systemFlags: 0x82000000
+objectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,${BASEDN}
+
+dn: CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: site
+cn: Sites
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Sites
+objectGUID: ${NEWGUID}
+systemFlags: 0x82000000
+objectCategory: CN=Site,CN=Schema,CN=Configuration,${BASEDN}
+
+dn: CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: serversContainer
+cn: Servers
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Servers
+objectGUID: ${NEWGUID}
+systemFlags: 0x82000000
+objectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,${BASEDN}
+
+dn: CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: server
+cn: ${NETBIOSNAME}
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: ${NETBIOSNAME}
+objectGUID: ${NEWGUID}
+systemFlags: 0x52000000
+objectCategory: CN=Server,CN=Schema,CN=Configuration,${BASEDN}
+dNSHostName: ${DNSNAME}
+serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
+
+dn: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: applicationSettings
+objectClass: nTDSDSA
+cn: NTDS Settings
+instanceType: 4
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: NTDS Settings
+systemFlags: 0x02000000
+objectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,${BASEDN}
+dMDLocation: CN=Schema,CN=Configuration,${BASEDN}
+objectGUID: ${INVOCATIONID}
+invocationId: ${INVOCATIONID}
+msDS-Behavior-Version: 2
+
+###############################
+# Schema Naming Context
+###############################
+dn: CN=Schema,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: dMD
+cn: Schema
+instanceType: 13
+whenCreated: ${LDAPTIME}
+whenChanged: ${LDAPTIME}
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+name: Schema
+objectGUID: ${NEWGUID}
+objectCategory: CN=DMD,CN=Schema,CN=Configuration,${BASEDN}
+masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
+objectVersion: 30