userAccountControl: 66048
objectSid: ${DOMAINSID}-500
adminCount: 1
-accountExpires: -1
+accountExpires: 9223372036854775807
sAMAccountName: Administrator
isCriticalSystemObject: TRUE
-sambaPassword:: ${ADMINPASS_B64}
+userPassword:: ${ADMINPASS_B64}
dn: CN=Guest,CN=Users,${DOMAINDN}
objectClass: user
sAMAccountName: krbtgt
servicePrincipalName: kadmin/changepw
isCriticalSystemObject: TRUE
-sambaPassword:: ${KRBTGTPASS_B64}
+userPassword:: ${KRBTGTPASS_B64}
dn: CN=Domain Computers,CN=Users,${DOMAINDN}
objectClass: top
objectClass: group
cn: Cert Publishers
description: Members of this group are permitted to publish certificates to the Active Directory
-groupType: 2147483652
+groupType: -2147483644
objectSid: ${DOMAINSID}-517
sAMAccountName: Cert Publishers
isCriticalSystemObject: TRUE
description: Servers in this group can access remote access properties of users
objectSid: ${DOMAINSID}-553
sAMAccountName: RAS and IAS Servers
-groupType: 2147483652
+groupType: -2147483644
+isCriticalSystemObject: TRUE
+
+dn: CN=Read-Only Domain Controllers,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+cn: Read-Only Domain Controllers
+description: read-only domain controllers
+objectSid: ${DOMAINSID}-521
+sAMAccountName: Read-Only Domain Controllers
+groupType: -2147483644
+isCriticalSystemObject: TRUE
+
+dn: CN=Enterprise Read-Only Domain Controllers,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+cn: Enterprise Read-Only Domain Controllers
+description: enterprise read-only domain controllers
+objectSid: ${DOMAINSID}-498
+sAMAccountName: Enterprise Read-Only Domain Controllers
+groupType: -2147483644
+isCriticalSystemObject: TRUE
+
+dn: CN=Certificate Service DCOM Access,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+cn: Certificate Service DCOM Access
+description: Certificate Service DCOM Access
+objectSid: ${DOMAINSID}-574
+sAMAccountName: Certificate Service DCOM Access
+groupType: -2147483644
+isCriticalSystemObject: TRUE
+
+dn: CN=Cryptographic Operators,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+cn: Cryptographic Operators
+description: Cryptographic Operators
+objectSid: ${DOMAINSID}-569
+sAMAccountName: Cryptographic Operators
+groupType: -2147483644
+isCriticalSystemObject: TRUE
+
+dn: CN=Event Log Readers,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+cn: Event Log Readers
+description: Event Log Readers
+objectSid: ${DOMAINSID}-573
+sAMAccountName: Event Log Readers
+groupType: -2147483644
+isCriticalSystemObject: TRUE
+
+dn: CN=IIS_IUSRS,CN=Users,${DOMAINDN}
+objectClass: top
+objectClass: group
+cn: IIS_IUSRS
+description: IIS_IUSRS
+objectSid: ${DOMAINSID}-568
+sAMAccountName: IIS_IUSRS
+groupType: -2147483644
isCriticalSystemObject: TRUE
dn: CN=Administrators,CN=Builtin,${DOMAINDN}
objectSid: S-1-5-32-544
adminCount: 1
sAMAccountName: Administrators
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
privilege: SeSecurityPrivilege
privilege: SeBackupPrivilege
member: CN=Domain Users,CN=Users,${DOMAINDN}
objectSid: S-1-5-32-545
sAMAccountName: Users
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Guests,CN=Builtin,${DOMAINDN}
member: CN=Guest,CN=Users,${DOMAINDN}
objectSid: S-1-5-32-546
sAMAccountName: Guests
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Print Operators,CN=Builtin,${DOMAINDN}
objectSid: S-1-5-32-550
adminCount: 1
sAMAccountName: Print Operators
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
privilege: SeLoadDriverPrivilege
privilege: SeShutdownPrivilege
objectSid: S-1-5-32-551
adminCount: 1
sAMAccountName: Backup Operators
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
privilege: SeBackupPrivilege
privilege: SeRestorePrivilege
objectSid: S-1-5-32-552
adminCount: 1
sAMAccountName: Replicator
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Remote Desktop Users,CN=Builtin,${DOMAINDN}
description: Members in this group are granted the right to logon remotely
objectSid: S-1-5-32-555
sAMAccountName: Remote Desktop Users
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Network Configuration Operators,CN=Builtin,${DOMAINDN}
description: Members in this group can have some administrative privileges to manage configuration of networking features
objectSid: S-1-5-32-556
sAMAccountName: Network Configuration Operators
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Performance Monitor Users,CN=Builtin,${DOMAINDN}
description: Members of this group have remote access to monitor this computer
objectSid: S-1-5-32-558
sAMAccountName: Performance Monitor Users
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Performance Log Users,CN=Builtin,${DOMAINDN}
description: Members of this group have remote access to schedule logging of performance counters on this computer
objectSid: S-1-5-32-559
sAMAccountName: Performance Log Users
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Server Operators,CN=Builtin,${DOMAINDN}
objectSid: S-1-5-32-549
adminCount: 1
sAMAccountName: Server Operators
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
privilege: SeBackupPrivilege
privilege: SeSystemtimePrivilege
objectSid: S-1-5-32-548
adminCount: 1
sAMAccountName: Account Operators
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
privilege: SeInteractiveLogonRight
description: A backward compatibility group which allows read access on all users and groups in the domain
objectSid: S-1-5-32-554
sAMAccountName: Pre-Windows 2000 Compatible Access
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
privilege: SeRemoteInteractiveLogonRight
privilege: SeChangeNotifyPrivilege
description: Members of this group can create incoming, one-way trusts to this forest
objectSid: S-1-5-32-557
sAMAccountName: Incoming Forest Trust Builders
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Windows Authorization Access Group,CN=Builtin,${DOMAINDN}
description: Members of this group have access to the computed tokenGroupsGlobalAndUniversal attribute on User objects
objectSid: S-1-5-32-560
sAMAccountName: Windows Authorization Access Group
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Terminal Server License Servers,CN=Builtin,${DOMAINDN}
description: Terminal Server License Servers
objectSid: S-1-5-32-561
sAMAccountName: Terminal Server License Servers
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=Distributed COM Users,CN=Builtin,${DOMAINDN}
description: Members are allowed to launch, activate and use Distributed COM objects on this machine.
objectSid: S-1-5-32-562
sAMAccountName: Distributed COM Users
-systemFlags: 2348810240
-groupType: 2147483653
+systemFlags: -1946157056
+groupType: -2147483643
isCriticalSystemObject: TRUE
dn: CN=WellKnown Security Principals,${CONFIGDN}
objectClass: top
objectClass: container
cn: WellKnown Security Principals
-systemFlags: 2147483648
+systemFlags: -2147483648
dn: CN=Anonymous Logon,CN=WellKnown Security Principals,${CONFIGDN}
objectClass: top