source4/provision.ldif

   1 dn: @INDEXLIST
   2 @IDXATTR: name
   3 @IDXATTR: sAMAccountName
   4 @IDXATTR: objectSid
   5 @IDXATTR: objectClass
   6
   7 dn: @ATTRIBUTES
   8 realm: CASE_INSENSITIVE
   9 userPrincipalName: CASE_INSENSITIVE
  10 servicePrincipalName: CASE_INSENSITIVE
  11 name: CASE_INSENSITIVE WILDCARD
  12 sAMAccountName: CASE_INSENSITIVE WILDCARD
  13 objectClass: CASE_INSENSITIVE
  14 numMembers: HIDDEN
  15
  16 dn: @SUBCLASSES
  17 top: domain
  18 top: person
  19 top: group
  20 domain: domainDNS
  21 domain: builtinDomain
  22 person: organizationalPerson
  23 organizationalPerson: user
  24 user: computer
  25 template: userTemplate
  26 template: groupTemplate
  27
  28 dn: ${BASEDN}
  29 objectClass: top
  30 objectClass: domain
  31 objectClass: domainDNS
  32 name: ${DOMAIN}
  33 realm: ${REALM}
  34 dnsDomain: ${REALM}
  35 dc: ${DOMAIN}
  36 objectGUID: ${NEWGUID}
  37 creationTime: ${NTTIME}
  38 forceLogoff: 0x8000000000000000
  39 lockoutDuration: -18000000000
  40 lockOutObservationWindow: -18000000000
  41 lockoutThreshold: 0
  42 whenCreated: ${LDAPTIME}
  43 whenChanged: ${LDAPTIME}
  44 uSNCreated: 1
  45 uSNChanged: 1
  46 maxPwdAge: -37108517437440
  47 minPwdAge: 0
  48 minPwdLength: 7
  49 modifiedCountAtLastProm: 0
  50 nextRid: 1001
  51 pwdProperties: 1
  52 pwdHistoryLength: 24
  53 objectSid: ${DOMAINSID}
  54 serverState: 1
  55 uASCompat: 1
  56 modifiedCount: 1
  57 objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN}
  58 isCriticalSystemObject: TRUE
  59
  60 dn: CN=Users,${BASEDN}
  61 objectClass: top
  62 objectClass: container
  63 cn: Users
  64 description: Default container for upgraded user accounts
  65 instanceType: 4
  66 whenCreated: ${LDAPTIME}
  67 whenChanged: ${LDAPTIME}
  68 uSNCreated: 1
  69 uSNChanged: 1
  70 showInAdvancedViewOnly: FALSE
  71 name: Users
  72 objectGUID: ${NEWGUID}
  73 systemFlags: 0x8c000000
  74 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
  75 isCriticalSystemObject: TRUE
  76
  77 dn: CN=Computers,${BASEDN}
  78 objectClass: top
  79 objectClass: container
  80 cn: Computers
  81 description: Default container for upgraded computer accounts
  82 instanceType: 4
  83 whenCreated: ${LDAPTIME}
  84 whenChanged: ${LDAPTIME}
  85 uSNCreated: 1
  86 uSNChanged: 1
  87 showInAdvancedViewOnly: FALSE
  88 name: Computers
  89 objectGUID: ${NEWGUID}
  90 systemFlags: 0x8c000000
  91 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
  92 isCriticalSystemObject: TRUE
  93
  94 dn: OU=Domain Controllers,${BASEDN}
  95 objectClass: top
  96 objectClass: organizationalUnit
  97 ou: Domain Controllers
  98 description: Default container for domain controllers
  99 instanceType: 4
 100 whenCreated: ${LDAPTIME}
 101 whenChanged: ${LDAPTIME}
 102 uSNCreated: 1
 103 uSNChanged: 1
 104 showInAdvancedViewOnly: FALSE
 105 name: Domain Controllers
 106 objectGUID: ${NEWGUID}
 107 systemFlags: 0x8c000000
 108 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN}
 109 isCriticalSystemObject: TRUE
 110
 111 dn: CN=ForeignSecurityPrincipals,${BASEDN}
 112 objectClass: top
 113 objectClass: container
 114 cn: ForeignSecurityPrincipals
 115 description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
 116 instanceType: 4
 117 whenCreated: ${LDAPTIME}
 118 whenChanged: ${LDAPTIME}
 119 uSNCreated: 1
 120 uSNChanged: 1
 121 showInAdvancedViewOnly: FALSE
 122 name: ForeignSecurityPrincipals
 123 objectGUID: ${NEWGUID}
 124 systemFlags: 0x8c000000
 125 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 126 isCriticalSystemObject: TRUE
 127
 128 dn: CN=Builtin,${BASEDN}
 129 objectClass: top
 130 objectClass: builtinDomain
 131 cn: Builtin
 132 instanceType: 4
 133 showInAdvancedViewOnly: FALSE
 134 name: Builtin
 135 forceLogoff: 0x8000000000000000
 136 lockoutDuration: -18000000000
 137 lockOutObservationWindow: -18000000000
 138 lockoutThreshold: 0
 139 maxPwdAge: -37108517437440
 140 minPwdAge: 0
 141 minPwdLength: 0
 142 modifiedCountAtLastProm: 0
 143 nextRid: 1000
 144 pwdProperties: 0
 145 pwdHistoryLength: 0
 146 objectSid: S-1-5-32
 147 serverState: 1
 148 uASCompat: 1
 149 modifiedCount: 1
 150 objectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,${BASEDN}
 151 isCriticalSystemObject: TRUE
 152
 153 dn: CN=Administrator,CN=Users,${BASEDN}
 154 objectClass: top
 155 objectClass: person
 156 objectClass: organizationalPerson
 157 objectClass: user
 158 cn: Administrator
 159 description: Built-in account for administering the computer/domain
 160 instanceType: 4
 161 whenCreated: ${LDAPTIME}
 162 whenChanged: ${LDAPTIME}
 163 uSNCreated: 1
 164 memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
 165 memberOf: CN=Domain Admins,CN=Users,${BASEDN}
 166 memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
 167 memberOf: CN=Schema Admins,CN=Users,${BASEDN}
 168 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 169 uSNChanged: 1
 170 name: Administrator
 171 objectGUID: ${NEWGUID}
 172 userAccountControl: 0x10200
 173 badPwdCount: 0
 174 codePage: 0
 175 countryCode: 0
 176 badPasswordTime: 0
 177 lastLogoff: 0
 178 lastLogon: 0
 179 pwdLastSet: 0
 180 primaryGroupID: 513
 181 objectSid: ${DOMAINSID}-500
 182 adminCount: 1
 183 accountExpires: -1
 184 logonCount: 0
 185 sAMAccountName: Administrator
 186 sAMAccountType: 0x30000000
 187 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 188 isCriticalSystemObject: TRUE
 189
 190 dn: CN=Guest,CN=Users,${BASEDN}
 191 objectClass: top
 192 objectClass: person
 193 objectClass: organizationalPerson
 194 objectClass: user
 195 cn: Guest
 196 description: Built-in account for guest access to the computer/domain
 197 instanceType: 4
 198 whenCreated: ${LDAPTIME}
 199 whenChanged: ${LDAPTIME}
 200 uSNCreated: 1
 201 memberOf: CN=Guests,CN=Builtin,${BASEDN}
 202 uSNChanged: 1
 203 name: Guest
 204 objectGUID: ${NEWGUID}
 205 userAccountControl: 0x10222
 206 badPwdCount: 0
 207 codePage: 0
 208 countryCode: 0
 209 badPasswordTime: 0
 210 lastLogoff: 0
 211 lastLogon: 0
 212 pwdLastSet: 0
 213 primaryGroupID: 514
 214 objectSid: ${DOMAINSID}-501
 215 accountExpires: -1
 216 logonCount: 0
 217 sAMAccountName: Guest
 218 sAMAccountType: 0x30000000
 219 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 220 isCriticalSystemObject: TRUE
 221
 222 dn: CN=Administrators,CN=Builtin,${BASEDN}
 223 objectClass: top
 224 objectClass: group
 225 cn: Administrators
 226 description: Administrators have complete and unrestricted access to the computer/domain
 227 member: CN=Domain Admins,CN=Users,${BASEDN}
 228 member: CN=Enterprise Admins,CN=Users,${BASEDN}
 229 member: CN=Administrator,CN=Users,${BASEDN}
 230 instanceType: 4
 231 whenCreated: ${LDAPTIME}
 232 whenChanged: ${LDAPTIME}
 233 uSNCreated: 1
 234 uSNChanged: 1
 235 name: Administrators
 236 objectGUID: ${NEWGUID}
 237 objectSid: S-1-5-32-544
 238 adminCount: 1
 239 sAMAccountName: Administrators
 240 sAMAccountType: 0x20000000
 241 systemFlags: 0x8c000000
 242 groupType: 0x80000005
 243 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 244 isCriticalSystemObject: TRUE
 245
 246 dn: CN=Users,CN=Builtin,${BASEDN}
 247 objectClass: top
 248 objectClass: group
 249 cn: Users
 250 description: Users are prevented from making accidental or intentional system-wide changes.  Thus, Users can run certified applications, but not most legacy applications
 251 member: CN=Domain Users,CN=Users,${BASEDN}
 252 instanceType: 4
 253 whenCreated: ${LDAPTIME}
 254 whenChanged: ${LDAPTIME}
 255 uSNCreated: 1
 256 uSNChanged: 1
 257 name: Users
 258 objectGUID: ${NEWGUID}
 259 objectSid: S-1-5-32-545
 260 sAMAccountName: Users
 261 sAMAccountType: 0x20000000
 262 systemFlags: 0x8c000000
 263 groupType: 0x80000005
 264 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 265 isCriticalSystemObject: TRUE
 266
 267 dn: CN=Guests,CN=Builtin,${BASEDN}
 268 objectClass: top
 269 objectClass: group
 270 cn: Guests
 271 description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
 272 member: CN=Domain Guests,CN=Users,${BASEDN}
 273 member: CN=Guest,CN=Users,${BASEDN}
 274 instanceType: 4
 275 whenCreated: ${LDAPTIME}
 276 whenChanged: ${LDAPTIME}
 277 uSNCreated: 1
 278 uSNChanged: 1
 279 name: Guests
 280 objectGUID: ${NEWGUID}
 281 objectSid: S-1-5-32-546
 282 sAMAccountName: Guests
 283 sAMAccountType: 0x20000000
 284 systemFlags: 0x8c000000
 285 groupType: 0x80000005
 286 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 287 isCriticalSystemObject: TRUE
 288
 289 dn: CN=Print Operators,CN=Builtin,${BASEDN}
 290 objectClass: top
 291 objectClass: group
 292 cn: Print Operators
 293 description: Members can administer domain printers
 294 instanceType: 4
 295 whenCreated: ${LDAPTIME}
 296 whenChanged: ${LDAPTIME}
 297 uSNCreated: 1
 298 uSNChanged: 1
 299 name: Print Operators
 300 objectGUID: ${NEWGUID}
 301 objectSid: S-1-5-32-550
 302 adminCount: 1
 303 sAMAccountName: Print Operators
 304 sAMAccountType: 0x20000000
 305 systemFlags: 0x8c000000
 306 groupType: 0x80000005
 307 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 308 isCriticalSystemObject: TRUE
 309
 310 dn: CN=Backup Operators,CN=Builtin,${BASEDN}
 311 objectClass: top
 312 objectClass: group
 313 cn: Backup Operators
 314 description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
 315 instanceType: 4
 316 whenCreated: ${LDAPTIME}
 317 whenChanged: ${LDAPTIME}
 318 uSNCreated: 1
 319 uSNChanged: 1
 320 name: Backup Operators
 321 objectGUID: ${NEWGUID}
 322 objectSid: S-1-5-32-551
 323 adminCount: 1
 324 sAMAccountName: Backup Operators
 325 sAMAccountType: 0x20000000
 326 systemFlags: 0x8c000000
 327 groupType: 0x80000005
 328 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 329 isCriticalSystemObject: TRUE
 330
 331 dn: CN=Replicator,CN=Builtin,${BASEDN}
 332 objectClass: top
 333 objectClass: group
 334 cn: Replicator
 335 description: Supports file replication in a domain
 336 instanceType: 4
 337 whenCreated: ${LDAPTIME}
 338 whenChanged: ${LDAPTIME}
 339 uSNCreated: 1
 340 uSNChanged: 1
 341 name: Replicator
 342 objectGUID: ${NEWGUID}
 343 objectSid: S-1-5-32-552
 344 adminCount: 1
 345 sAMAccountName: Replicator
 346 sAMAccountType: 0x20000000
 347 systemFlags: 0x8c000000
 348 groupType: 0x80000005
 349 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 350 isCriticalSystemObject: TRUE
 351
 352 dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN}
 353 objectClass: top
 354 objectClass: group
 355 cn: Remote Desktop Users
 356 description: Members in this group are granted the right to logon remotely
 357 instanceType: 4
 358 whenCreated: ${LDAPTIME}
 359 whenChanged: ${LDAPTIME}
 360 uSNCreated: 1
 361 uSNChanged: 1
 362 name: Remote Desktop Users
 363 objectGUID: ${NEWGUID}
 364 objectSid: S-1-5-32-555
 365 sAMAccountName: Remote Desktop Users
 366 sAMAccountType: 0x20000000
 367 systemFlags: 0x8c000000
 368 groupType: 0x80000005
 369 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 370 isCriticalSystemObject: TRUE
 371
 372 dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN}
 373 objectClass: top
 374 objectClass: group
 375 cn: Network Configuration Operators
 376 description: Members in this group can have some administrative privileges to manage configuration of networking features
 377 instanceType: 4
 378 whenCreated: ${LDAPTIME}
 379 whenChanged: ${LDAPTIME}
 380 uSNCreated: 1
 381 uSNChanged: 1
 382 name: Network Configuration Operators
 383 objectGUID: ${NEWGUID}
 384 objectSid: S-1-5-32-556
 385 sAMAccountName: Network Configuration Operators
 386 sAMAccountType: 0x20000000
 387 systemFlags: 0x8c000000
 388 groupType: 0x80000005
 389 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 390 isCriticalSystemObject: TRUE
 391
 392 dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN}
 393 objectClass: top
 394 objectClass: group
 395 cn: Performance Monitor Users
 396 description: Members of this group have remote access to monitor this computer
 397 instanceType: 4
 398 whenCreated: ${LDAPTIME}
 399 whenChanged: ${LDAPTIME}
 400 uSNCreated: 1
 401 uSNChanged: 1
 402 name: Performance Monitor Users
 403 objectGUID: ${NEWGUID}
 404 objectSid: S-1-5-32-558
 405 sAMAccountName: Performance Monitor Users
 406 sAMAccountType: 0x20000000
 407 systemFlags: 0x8c000000
 408 groupType: 0x80000005
 409 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 410 isCriticalSystemObject: TRUE
 411
 412 dn: CN=Performance Log Users,CN=Builtin,${BASEDN}
 413 objectClass: top
 414 objectClass: group
 415 cn: Performance Log Users
 416 description: Members of this group have remote access to schedule logging of performance counters on this computer
 417 instanceType: 4
 418 whenCreated: ${LDAPTIME}
 419 whenChanged: ${LDAPTIME}
 420 uSNCreated: 1
 421 uSNChanged: 1
 422 name: Performance Log Users
 423 objectGUID: ${NEWGUID}
 424 objectSid: S-1-5-32-559
 425 sAMAccountName: Performance Log Users
 426 sAMAccountType: 0x20000000
 427 systemFlags: 0x8c000000
 428 groupType: 0x80000005
 429 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 430 isCriticalSystemObject: TRUE
 431
 432 dn: CN=${HOSTNAME},OU=Domain Controllers,${BASEDN}
 433 objectClass: top
 434 objectClass: person
 435 objectClass: organizationalPerson
 436 objectClass: user
 437 objectClass: computer
 438 cn: ${HOSTNAME}
 439 instanceType: 4
 440 whenCreated: ${LDAPTIME}
 441 whenChanged: ${LDAPTIME}
 442 uSNCreated: 1
 443 uSNChanged: 1
 444 name: ${HOSTNAME}
 445 objectGUID: ${NEWGUID}
 446 userAccountControl: 532480
 447 badPwdCount: 0
 448 codePage: 0
 449 countryCode: 0
 450 badPasswordTime: 0
 451 lastLogoff: 0
 452 lastLogon: 127273269057298624
 453 localPolicyFlags: 0
 454 pwdLastSet: 127258826171655328
 455 primaryGroupID: 516
 456 objectSid: ${DOMAINSID}-1000
 457 accountExpires: 9223372036854775807
 458 logonCount: 30
 459 sAMAccountName: ${HOSTNAME}$
 460 sAMAccountType: 805306369
 461 operatingSystem: Samba
 462 operatingSystemVersion: 4.0
 463 dNSHostName: ${DNSNAME}
 464 objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
 465 isCriticalSystemObject: TRUE
 466
 467 dn: CN=krbtgt,CN=Users,${BASEDN}
 468 objectClass: top
 469 objectClass: person
 470 objectClass: organizationalPerson
 471 objectClass: user
 472 cn: krbtgt
 473 description: Key Distribution Center Service Account
 474 instanceType: 4
 475 whenCreated: ${LDAPTIME}
 476 whenChanged: ${LDAPTIME}
 477 uSNCreated: 1
 478 uSNChanged: 1
 479 showInAdvancedViewOnly: TRUE
 480 name: krbtgt
 481 objectGUID: ${NEWGUID}
 482 userAccountControl: 514
 483 badPwdCount: 0
 484 codePage: 0
 485 countryCode: 0
 486 badPasswordTime: 0
 487 lastLogoff: 0
 488 lastLogon: 0
 489 pwdLastSet: 127258826179466560
 490 primaryGroupID: 513
 491 objectSid: ${DOMAINSID}-502
 492 adminCount: 1
 493 accountExpires: 9223372036854775807
 494 logonCount: 0
 495 sAMAccountName: krbtgt
 496 sAMAccountType: 805306368
 497 servicePrincipalName: kadmin/changepw
 498 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 499 isCriticalSystemObject: TRUE
 500
 501 dn: CN=Domain Computers,CN=Users,${BASEDN}
 502 objectClass: top
 503 objectClass: group
 504 cn: Domain Computers
 505 description: All workstations and servers joined to the domain
 506 instanceType: 4
 507 whenCreated: ${LDAPTIME}
 508 whenChanged: ${LDAPTIME}
 509 uSNCreated: 1
 510 uSNChanged: 1
 511 name: Domain Computers
 512 objectGUID: ${NEWGUID}
 513 objectSid: ${DOMAINSID}-515
 514 sAMAccountName: Domain Computers
 515 sAMAccountType: 268435456
 516 groupType: -2147483646
 517 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 518 isCriticalSystemObject: TRUE
 519
 520 dn: CN=Domain Controllers,CN=Users,${BASEDN}
 521 objectClass: top
 522 objectClass: group
 523 cn: Domain Controllers
 524 description: All domain controllers in the domain
 525 instanceType: 4
 526 whenCreated: ${LDAPTIME}
 527 whenChanged: ${LDAPTIME}
 528 uSNCreated: 1
 529 uSNChanged: 1
 530 name: Domain Controllers
 531 objectGUID: ${NEWGUID}
 532 objectSid: ${DOMAINSID}-516
 533 adminCount: 1
 534 sAMAccountName: Domain Controllers
 535 sAMAccountType: 268435456
 536 groupType: -2147483646
 537 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 538 isCriticalSystemObject: TRUE
 539
 540 dn: CN=Schema Admins,CN=Users,${BASEDN}
 541 objectClass: top
 542 objectClass: group
 543 cn: Schema Admins
 544 description: Designated administrators of the schema
 545 member: CN=Administrator,CN=Users,${BASEDN}
 546 instanceType: 4
 547 whenCreated: ${LDAPTIME}
 548 whenChanged: ${LDAPTIME}
 549 uSNCreated: 1
 550 uSNChanged: 1
 551 name: Schema Admins
 552 objectGUID: ${NEWGUID}
 553 objectSid: ${DOMAINSID}-518
 554 adminCount: 1
 555 sAMAccountName: Schema Admins
 556 sAMAccountType: 268435456
 557 groupType: -2147483646
 558 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 559 isCriticalSystemObject: TRUE
 560
 561 dn: CN=Enterprise Admins,CN=Users,${BASEDN}
 562 objectClass: top
 563 objectClass: group
 564 cn: Enterprise Admins
 565 description: Designated administrators of the enterprise
 566 member: CN=Administrator,CN=Users,${BASEDN}
 567 instanceType: 4
 568 whenCreated: ${LDAPTIME}
 569 whenChanged: ${LDAPTIME}
 570 uSNCreated: 1
 571 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 572 uSNChanged: 1
 573 name: Enterprise Admins
 574 objectGUID: ${NEWGUID}
 575 objectSid: ${DOMAINSID}-519
 576 adminCount: 1
 577 sAMAccountName: Enterprise Admins
 578 sAMAccountType: 268435456
 579 groupType: -2147483646
 580 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 581 isCriticalSystemObject: TRUE
 582
 583 dn: CN=Cert Publishers,CN=Users,${BASEDN}
 584 objectClass: top
 585 objectClass: group
 586 cn: Cert Publishers
 587 description: Members of this group are permitted to publish certificates to the Active Directory
 588 instanceType: 4
 589 whenCreated: ${LDAPTIME}
 590 whenChanged: ${LDAPTIME}
 591 uSNCreated: 1
 592 uSNChanged: 1
 593 name: Cert Publishers
 594 objectGUID: ${NEWGUID}
 595 objectSid: ${DOMAINSID}-517
 596 sAMAccountName: Cert Publishers
 597 sAMAccountType: 0x20000000
 598 groupType: -2147483644
 599 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 600 isCriticalSystemObject: TRUE
 601
 602 dn: CN=Domain Admins,CN=Users,${BASEDN}
 603 objectClass: top
 604 objectClass: group
 605 cn: Domain Admins
 606 description: Designated administrators of the domain
 607 member: CN=Administrator,CN=Users,${BASEDN}
 608 instanceType: 4
 609 whenCreated: ${LDAPTIME}
 610 whenChanged: ${LDAPTIME}
 611 uSNCreated: 1
 612 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 613 uSNChanged: 1
 614 name: Domain Admins
 615 objectGUID: ${NEWGUID}
 616 objectSid: ${DOMAINSID}-512
 617 adminCount: 1
 618 sAMAccountName: Domain Admins
 619 sAMAccountType: 268435456
 620 groupType: -2147483646
 621 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 622 isCriticalSystemObject: TRUE
 623
 624 dn: CN=Domain Users,CN=Users,${BASEDN}
 625 objectClass: top
 626 objectClass: group
 627 cn: Domain Users
 628 description: All domain users
 629 instanceType: 4
 630 whenCreated: ${LDAPTIME}
 631 whenChanged: ${LDAPTIME}
 632 uSNCreated: 1
 633 memberOf: CN=Users,CN=Builtin,${BASEDN}
 634 uSNChanged: 1
 635 name: Domain Users
 636 objectGUID: ${NEWGUID}
 637 objectSid: ${DOMAINSID}-513
 638 sAMAccountName: Domain Users
 639 sAMAccountType: 268435456
 640 groupType: -2147483646
 641 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 642 isCriticalSystemObject: TRUE
 643
 644 dn: CN=Domain Guests,CN=Users,${BASEDN}
 645 objectClass: top
 646 objectClass: group
 647 cn: Domain Guests
 648 description: All domain guests
 649 instanceType: 4
 650 whenCreated: ${LDAPTIME}
 651 whenChanged: ${LDAPTIME}
 652 uSNCreated: 1
 653 memberOf: CN=Guests,CN=Builtin,${BASEDN}
 654 uSNChanged: 1
 655 name: Domain Guests
 656 objectGUID: ${NEWGUID}
 657 objectSid: ${DOMAINSID}-514
 658 sAMAccountName: Domain Guests
 659 sAMAccountType: 268435456
 660 groupType: -2147483646
 661 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 662 isCriticalSystemObject: TRUE
 663
 664 dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
 665 objectClass: top
 666 objectClass: group
 667 cn: Group Policy Creator Owners
 668 description: Members in this group can modify group policy for the domain
 669 member: CN=Administrator,CN=Users,${BASEDN}
 670 instanceType: 4
 671 whenCreated: ${LDAPTIME}
 672 whenChanged: ${LDAPTIME}
 673 uSNCreated: 1
 674 uSNChanged: 1
 675 name: Group Policy Creator Owners
 676 objectGUID: ${NEWGUID}
 677 objectSid: ${DOMAINSID}-520
 678 sAMAccountName: Group Policy Creator Owners
 679 sAMAccountType: 268435456
 680 groupType: -2147483646
 681 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 682 isCriticalSystemObject: TRUE
 683
 684 dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
 685 objectClass: top
 686 objectClass: group
 687 cn: RAS and IAS Servers
 688 description: Servers in this group can access remote access properties of users
 689 instanceType: 4
 690 whenCreated: ${LDAPTIME}
 691 whenChanged: ${LDAPTIME}
 692 uSNCreated: 1
 693 uSNChanged: 1
 694 name: RAS and IAS Servers
 695 objectGUID: ${NEWGUID}
 696 objectSid: ${DOMAINSID}-553
 697 sAMAccountName: RAS and IAS Servers
 698 sAMAccountType: 0x20000000
 699 groupType: -2147483644
 700 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 701 isCriticalSystemObject: TRUE
 702
 703 dn: CN=Server Operators,CN=Builtin,${BASEDN}
 704 objectClass: top
 705 objectClass: group
 706 cn: Server Operators
 707 description: Members can administer domain servers
 708 instanceType: 4
 709 whenCreated: ${LDAPTIME}
 710 whenChanged: ${LDAPTIME}
 711 uSNCreated: 1
 712 uSNChanged: 1
 713 name: Server Operators
 714 objectGUID: ${NEWGUID}
 715 objectSid: S-1-5-32-549
 716 adminCount: 1
 717 sAMAccountName: Server Operators
 718 sAMAccountType: 0x20000000
 719 systemFlags: 0x8c000000
 720 groupType: 0x80000005
 721 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 722 isCriticalSystemObject: TRUE
 723
 724 dn: CN=Account Operators,CN=Builtin,${BASEDN}
 725 objectClass: top
 726 objectClass: group
 727 cn: Account Operators
 728 description: Members can administer domain user and group accounts
 729 instanceType: 4
 730 whenCreated: ${LDAPTIME}
 731 whenChanged: ${LDAPTIME}
 732 uSNCreated: 1
 733 uSNChanged: 1
 734 name: Account Operators
 735 objectGUID: ${NEWGUID}
 736 objectSid: S-1-5-32-548
 737 adminCount: 1
 738 sAMAccountName: Account Operators
 739 sAMAccountType: 0x20000000
 740 systemFlags: 0x8c000000
 741 groupType: 0x80000005
 742 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 743 isCriticalSystemObject: TRUE
 744
 745 dn: CN=Templates,${BASEDN}
 746 objectClass: top
 747 objectClass: container
 748 cn: Templates
 749 description: Container for SAM account templates
 750 instanceType: 4
 751 whenCreated: ${LDAPTIME}
 752 whenChanged: ${LDAPTIME}
 753 uSNCreated: 1
 754 uSNChanged: 1
 755 showInAdvancedViewOnly: FALSE
 756 name: Templates
 757 objectGUID: ${NEWGUID}
 758 systemFlags: 0x8c000000
 759 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 760 isCriticalSystemObject: TRUE
 761
 762 ###
 763 # note! the template users must not match normal searches. Be careful
 764 # with what classes you put them in
 765 ###
 766
 767 dn: CN=TemplateUser,CN=Templates,${BASEDN}
 768 objectClass: top
 769 objectClass: person
 770 objectClass: organizationalPerson
 771 objectClass: Template
 772 objectClass: userTemplate
 773 cn: TemplateUser
 774 name: TemplateUser
 775 instanceType: 4
 776 userAccountControl: 0x202
 777 badPwdCount: 0
 778 codePage: 0
 779 countryCode: 0
 780 badPasswordTime: 0
 781 lastLogoff: 0
 782 lastLogon: 0
 783 pwdLastSet: 0
 784 primaryGroupID: 513
 785 accountExpires: -1
 786 logonCount: 0
 787 sAMAccountType: 0x30000000
 788
 789 dn: CN=TemplateMemberServer,CN=Templates,${BASEDN}
 790 objectClass: top
 791 objectClass: Template
 792 objectClass: userTemplate
 793 cn: TemplateMemberServer
 794 name: TemplateMemberServer
 795 instanceType: 4
 796 userAccountControl: 0x1002
 797 badPwdCount: 0
 798 codePage: 0
 799 countryCode: 0
 800 badPasswordTime: 0
 801 lastLogoff: 0
 802 lastLogon: 0
 803 pwdLastSet: 0
 804 primaryGroupID: 513
 805 accountExpires: -1
 806 logonCount: 0
 807 sAMAccountType: 0x30000001
 808
 809 dn: CN=TemplateDomainController,CN=Templates,${BASEDN}
 810 objectClass: top
 811 objectClass: Template
 812 objectClass: userTemplate
 813 cn: TemplateDomainController
 814 name: TemplateDomainController
 815 instanceType: 4
 816 userAccountControl: 0x2002
 817 badPwdCount: 0
 818 codePage: 0
 819 countryCode: 0
 820 badPasswordTime: 0
 821 lastLogoff: 0
 822 lastLogon: 0
 823 pwdLastSet: 0
 824 primaryGroupID: 513
 825 accountExpires: -1
 826 logonCount: 0
 827 sAMAccountType: 0x30000001
 828
 829 dn: CN=TemplateGroup,CN=Templates,${BASEDN}
 830 objectClass: top
 831 objectClass: Template
 832 objectClass: groupTemplate
 833 cn: TemplateGroup
 834 name: TemplateGroup
 835 instanceType: 4
 836 sAMAccountType: 0x10000000