source4/provision.ldif

   1 dn: @INDEXLIST
   2 @IDXATTR: name
   3 @IDXATTR: sAMAccountName
   4 @IDXATTR: objectSid
   5 @IDXATTR: objectClass
   6
   7 dn: @ATTRIBUTES
   8 realm: CASE_INSENSITIVE
   9 userPrincipalName: CASE_INSENSITIVE
  10 servicePrincipalName: CASE_INSENSITIVE
  11 name: CASE_INSENSITIVE WILDCARD
  12 dn: CASE_INSENSITIVE WILDCARD
  13 sAMAccountName: CASE_INSENSITIVE WILDCARD
  14 objectClass: CASE_INSENSITIVE
  15 unicodePwd: HIDDEN
  16 ntPwdHash: HIDDEN
  17 ntPwdHistory: HIDDEN
  18 lmPwdHash: HIDDEN
  19 lmPwdHistory: HIDDEN
  20
  21 dn: @SUBCLASSES
  22 top: domain
  23 top: person
  24 top: group
  25 domain: domainDNS
  26 domain: builtinDomain
  27 person: organizationalPerson
  28 organizationalPerson: user
  29 user: computer
  30 template: userTemplate
  31 template: groupTemplate
  32
  33 dn: ${BASEDN}
  34 objectClass: top
  35 objectClass: domain
  36 objectClass: domainDNS
  37 name: ${DOMAIN}
  38 realm: ${REALM}
  39 dnsDomain: ${DNSDOMAIN}
  40 dc: ${DOMAIN}
  41 objectGUID: ${DOMAINGUID}
  42 creationTime: ${NTTIME}
  43 forceLogoff: 0x8000000000000000
  44 lockoutDuration: -18000000000
  45 lockOutObservationWindow: -18000000000
  46 lockoutThreshold: 0
  47 whenCreated: ${LDAPTIME}
  48 whenChanged: ${LDAPTIME}
  49 uSNCreated: 1
  50 uSNChanged: 1
  51 maxPwdAge: -37108517437440
  52 minPwdAge: 0
  53 minPwdLength: 7
  54 modifiedCountAtLastProm: 0
  55 nextRid: 1001
  56 pwdProperties: 1
  57 pwdHistoryLength: 24
  58 objectSid: ${DOMAINSID}
  59 serverState: 1
  60 uASCompat: 1
  61 modifiedCount: 1
  62 objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN}
  63 isCriticalSystemObject: TRUE
  64
  65 dn: CN=Users,${BASEDN}
  66 objectClass: top
  67 objectClass: container
  68 cn: Users
  69 description: Default container for upgraded user accounts
  70 instanceType: 4
  71 whenCreated: ${LDAPTIME}
  72 whenChanged: ${LDAPTIME}
  73 uSNCreated: 1
  74 uSNChanged: 1
  75 showInAdvancedViewOnly: FALSE
  76 name: Users
  77 objectGUID: ${NEWGUID}
  78 systemFlags: 0x8c000000
  79 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
  80 isCriticalSystemObject: TRUE
  81
  82 dn: CN=Computers,${BASEDN}
  83 objectClass: top
  84 objectClass: container
  85 cn: Computers
  86 description: Default container for upgraded computer accounts
  87 instanceType: 4
  88 whenCreated: ${LDAPTIME}
  89 whenChanged: ${LDAPTIME}
  90 uSNCreated: 1
  91 uSNChanged: 1
  92 showInAdvancedViewOnly: FALSE
  93 name: Computers
  94 objectGUID: ${NEWGUID}
  95 systemFlags: 0x8c000000
  96 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
  97 isCriticalSystemObject: TRUE
  98
  99 dn: OU=Domain Controllers,${BASEDN}
 100 objectClass: top
 101 objectClass: organizationalUnit
 102 ou: Domain Controllers
 103 description: Default container for domain controllers
 104 instanceType: 4
 105 whenCreated: ${LDAPTIME}
 106 whenChanged: ${LDAPTIME}
 107 uSNCreated: 1
 108 uSNChanged: 1
 109 showInAdvancedViewOnly: FALSE
 110 name: Domain Controllers
 111 objectGUID: ${NEWGUID}
 112 systemFlags: 0x8c000000
 113 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN}
 114 isCriticalSystemObject: TRUE
 115
 116 dn: CN=ForeignSecurityPrincipals,${BASEDN}
 117 objectClass: top
 118 objectClass: container
 119 cn: ForeignSecurityPrincipals
 120 description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
 121 instanceType: 4
 122 whenCreated: ${LDAPTIME}
 123 whenChanged: ${LDAPTIME}
 124 uSNCreated: 1
 125 uSNChanged: 1
 126 showInAdvancedViewOnly: FALSE
 127 name: ForeignSecurityPrincipals
 128 objectGUID: ${NEWGUID}
 129 systemFlags: 0x8c000000
 130 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 131 isCriticalSystemObject: TRUE
 132
 133 dn: CN=Builtin,${BASEDN}
 134 objectClass: top
 135 objectClass: builtinDomain
 136 cn: Builtin
 137 instanceType: 4
 138 showInAdvancedViewOnly: FALSE
 139 name: Builtin
 140 forceLogoff: 0x8000000000000000
 141 lockoutDuration: -18000000000
 142 lockOutObservationWindow: -18000000000
 143 lockoutThreshold: 0
 144 maxPwdAge: -37108517437440
 145 minPwdAge: 0
 146 minPwdLength: 0
 147 modifiedCountAtLastProm: 0
 148 nextRid: 1000
 149 pwdProperties: 0
 150 pwdHistoryLength: 0
 151 objectSid: S-1-5-32
 152 serverState: 1
 153 uASCompat: 1
 154 modifiedCount: 1
 155 objectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,${BASEDN}
 156 isCriticalSystemObject: TRUE
 157
 158 dn: CN=Administrator,CN=Users,${BASEDN}
 159 objectClass: top
 160 objectClass: person
 161 objectClass: organizationalPerson
 162 objectClass: user
 163 cn: Administrator
 164 description: Built-in account for administering the computer/domain
 165 instanceType: 4
 166 whenCreated: ${LDAPTIME}
 167 whenChanged: ${LDAPTIME}
 168 uSNCreated: 1
 169 memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
 170 memberOf: CN=Domain Admins,CN=Users,${BASEDN}
 171 memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
 172 memberOf: CN=Schema Admins,CN=Users,${BASEDN}
 173 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 174 uSNChanged: 1
 175 name: Administrator
 176 objectGUID: ${NEWGUID}
 177 userAccountControl: 0x10200
 178 badPwdCount: 0
 179 codePage: 0
 180 countryCode: 0
 181 badPasswordTime: 0
 182 lastLogoff: 0
 183 lastLogon: 0
 184 pwdLastSet: 0
 185 primaryGroupID: 513
 186 objectSid: ${DOMAINSID}-500
 187 adminCount: 1
 188 accountExpires: -1
 189 logonCount: 0
 190 sAMAccountName: Administrator
 191 sAMAccountType: 0x30000000
 192 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 193 isCriticalSystemObject: TRUE
 194 unicodePwd: ${ADMINPASS}
 195 unixName: root
 196
 197 dn: CN=Guest,CN=Users,${BASEDN}
 198 objectClass: top
 199 objectClass: person
 200 objectClass: organizationalPerson
 201 objectClass: user
 202 cn: Guest
 203 description: Built-in account for guest access to the computer/domain
 204 instanceType: 4
 205 whenCreated: ${LDAPTIME}
 206 whenChanged: ${LDAPTIME}
 207 uSNCreated: 1
 208 memberOf: CN=Guests,CN=Builtin,${BASEDN}
 209 uSNChanged: 1
 210 name: Guest
 211 objectGUID: ${NEWGUID}
 212 userAccountControl: 0x10222
 213 badPwdCount: 0
 214 codePage: 0
 215 countryCode: 0
 216 badPasswordTime: 0
 217 lastLogoff: 0
 218 lastLogon: 0
 219 pwdLastSet: 0
 220 primaryGroupID: 514
 221 objectSid: ${DOMAINSID}-501
 222 accountExpires: -1
 223 logonCount: 0
 224 sAMAccountName: Guest
 225 sAMAccountType: 0x30000000
 226 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 227 isCriticalSystemObject: TRUE
 228
 229 dn: CN=Administrators,CN=Builtin,${BASEDN}
 230 objectClass: top
 231 objectClass: group
 232 cn: Administrators
 233 description: Administrators have complete and unrestricted access to the computer/domain
 234 member: CN=Domain Admins,CN=Users,${BASEDN}
 235 member: CN=Enterprise Admins,CN=Users,${BASEDN}
 236 member: CN=Administrator,CN=Users,${BASEDN}
 237 instanceType: 4
 238 whenCreated: ${LDAPTIME}
 239 whenChanged: ${LDAPTIME}
 240 uSNCreated: 1
 241 uSNChanged: 1
 242 name: Administrators
 243 objectGUID: ${NEWGUID}
 244 objectSid: S-1-5-32-544
 245 adminCount: 1
 246 sAMAccountName: Administrators
 247 sAMAccountType: 0x20000000
 248 systemFlags: 0x8c000000
 249 groupType: 0x80000005
 250 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 251 isCriticalSystemObject: TRUE
 252 unixName: ${WHEEL}
 253
 254 dn: CN=Users,CN=Builtin,${BASEDN}
 255 objectClass: top
 256 objectClass: group
 257 cn: Users
 258 description: Users are prevented from making accidental or intentional system-wide changes.  Thus, Users can run certified applications, but not most legacy applications
 259 member: CN=Domain Users,CN=Users,${BASEDN}
 260 instanceType: 4
 261 whenCreated: ${LDAPTIME}
 262 whenChanged: ${LDAPTIME}
 263 uSNCreated: 1
 264 uSNChanged: 1
 265 name: Users
 266 objectGUID: ${NEWGUID}
 267 objectSid: S-1-5-32-545
 268 sAMAccountName: Users
 269 sAMAccountType: 0x20000000
 270 systemFlags: 0x8c000000
 271 groupType: 0x80000005
 272 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 273 isCriticalSystemObject: TRUE
 274
 275 dn: CN=Guests,CN=Builtin,${BASEDN}
 276 objectClass: top
 277 objectClass: group
 278 cn: Guests
 279 description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
 280 member: CN=Domain Guests,CN=Users,${BASEDN}
 281 member: CN=Guest,CN=Users,${BASEDN}
 282 instanceType: 4
 283 whenCreated: ${LDAPTIME}
 284 whenChanged: ${LDAPTIME}
 285 uSNCreated: 1
 286 uSNChanged: 1
 287 name: Guests
 288 objectGUID: ${NEWGUID}
 289 objectSid: S-1-5-32-546
 290 sAMAccountName: Guests
 291 sAMAccountType: 0x20000000
 292 systemFlags: 0x8c000000
 293 groupType: 0x80000005
 294 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 295 isCriticalSystemObject: TRUE
 296 unixName: ${NOGROUP}
 297
 298 dn: CN=Print Operators,CN=Builtin,${BASEDN}
 299 objectClass: top
 300 objectClass: group
 301 cn: Print Operators
 302 description: Members can administer domain printers
 303 instanceType: 4
 304 whenCreated: ${LDAPTIME}
 305 whenChanged: ${LDAPTIME}
 306 uSNCreated: 1
 307 uSNChanged: 1
 308 name: Print Operators
 309 objectGUID: ${NEWGUID}
 310 objectSid: S-1-5-32-550
 311 adminCount: 1
 312 sAMAccountName: Print Operators
 313 sAMAccountType: 0x20000000
 314 systemFlags: 0x8c000000
 315 groupType: 0x80000005
 316 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 317 isCriticalSystemObject: TRUE
 318
 319 dn: CN=Backup Operators,CN=Builtin,${BASEDN}
 320 objectClass: top
 321 objectClass: group
 322 cn: Backup Operators
 323 description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
 324 instanceType: 4
 325 whenCreated: ${LDAPTIME}
 326 whenChanged: ${LDAPTIME}
 327 uSNCreated: 1
 328 uSNChanged: 1
 329 name: Backup Operators
 330 objectGUID: ${NEWGUID}
 331 objectSid: S-1-5-32-551
 332 adminCount: 1
 333 sAMAccountName: Backup Operators
 334 sAMAccountType: 0x20000000
 335 systemFlags: 0x8c000000
 336 groupType: 0x80000005
 337 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 338 isCriticalSystemObject: TRUE
 339
 340 dn: CN=Replicator,CN=Builtin,${BASEDN}
 341 objectClass: top
 342 objectClass: group
 343 cn: Replicator
 344 description: Supports file replication in a domain
 345 instanceType: 4
 346 whenCreated: ${LDAPTIME}
 347 whenChanged: ${LDAPTIME}
 348 uSNCreated: 1
 349 uSNChanged: 1
 350 name: Replicator
 351 objectGUID: ${NEWGUID}
 352 objectSid: S-1-5-32-552
 353 adminCount: 1
 354 sAMAccountName: Replicator
 355 sAMAccountType: 0x20000000
 356 systemFlags: 0x8c000000
 357 groupType: 0x80000005
 358 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 359 isCriticalSystemObject: TRUE
 360
 361 dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN}
 362 objectClass: top
 363 objectClass: group
 364 cn: Remote Desktop Users
 365 description: Members in this group are granted the right to logon remotely
 366 instanceType: 4
 367 whenCreated: ${LDAPTIME}
 368 whenChanged: ${LDAPTIME}
 369 uSNCreated: 1
 370 uSNChanged: 1
 371 name: Remote Desktop Users
 372 objectGUID: ${NEWGUID}
 373 objectSid: S-1-5-32-555
 374 sAMAccountName: Remote Desktop Users
 375 sAMAccountType: 0x20000000
 376 systemFlags: 0x8c000000
 377 groupType: 0x80000005
 378 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 379 isCriticalSystemObject: TRUE
 380
 381 dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN}
 382 objectClass: top
 383 objectClass: group
 384 cn: Network Configuration Operators
 385 description: Members in this group can have some administrative privileges to manage configuration of networking features
 386 instanceType: 4
 387 whenCreated: ${LDAPTIME}
 388 whenChanged: ${LDAPTIME}
 389 uSNCreated: 1
 390 uSNChanged: 1
 391 name: Network Configuration Operators
 392 objectGUID: ${NEWGUID}
 393 objectSid: S-1-5-32-556
 394 sAMAccountName: Network Configuration Operators
 395 sAMAccountType: 0x20000000
 396 systemFlags: 0x8c000000
 397 groupType: 0x80000005
 398 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 399 isCriticalSystemObject: TRUE
 400
 401 dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN}
 402 objectClass: top
 403 objectClass: group
 404 cn: Performance Monitor Users
 405 description: Members of this group have remote access to monitor this computer
 406 instanceType: 4
 407 whenCreated: ${LDAPTIME}
 408 whenChanged: ${LDAPTIME}
 409 uSNCreated: 1
 410 uSNChanged: 1
 411 name: Performance Monitor Users
 412 objectGUID: ${NEWGUID}
 413 objectSid: S-1-5-32-558
 414 sAMAccountName: Performance Monitor Users
 415 sAMAccountType: 0x20000000
 416 systemFlags: 0x8c000000
 417 groupType: 0x80000005
 418 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 419 isCriticalSystemObject: TRUE
 420
 421 dn: CN=Performance Log Users,CN=Builtin,${BASEDN}
 422 objectClass: top
 423 objectClass: group
 424 cn: Performance Log Users
 425 description: Members of this group have remote access to schedule logging of performance counters on this computer
 426 instanceType: 4
 427 whenCreated: ${LDAPTIME}
 428 whenChanged: ${LDAPTIME}
 429 uSNCreated: 1
 430 uSNChanged: 1
 431 name: Performance Log Users
 432 objectGUID: ${NEWGUID}
 433 objectSid: S-1-5-32-559
 434 sAMAccountName: Performance Log Users
 435 sAMAccountType: 0x20000000
 436 systemFlags: 0x8c000000
 437 groupType: 0x80000005
 438 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 439 isCriticalSystemObject: TRUE
 440
 441 dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
 442 objectClass: top
 443 objectClass: person
 444 objectClass: organizationalPerson
 445 objectClass: user
 446 objectClass: computer
 447 cn: ${NETBIOSNAME}
 448 instanceType: 4
 449 whenCreated: ${LDAPTIME}
 450 whenChanged: ${LDAPTIME}
 451 uSNCreated: 1
 452 uSNChanged: 1
 453 name: ${NETBIOSNAME}
 454 objectGUID: ${HOSTGUID}
 455 userAccountControl: 532480
 456 badPwdCount: 0
 457 codePage: 0
 458 countryCode: 0
 459 badPasswordTime: 0
 460 lastLogoff: 0
 461 lastLogon: 127273269057298624
 462 localPolicyFlags: 0
 463 pwdLastSet: 127258826171655328
 464 primaryGroupID: 516
 465 objectSid: ${DOMAINSID}-1000
 466 accountExpires: 9223372036854775807
 467 logonCount: 30
 468 sAMAccountName: ${NETBIOSNAME}$
 469 sAMAccountType: 805306369
 470 operatingSystem: Samba
 471 operatingSystemVersion: 4.0
 472 dNSHostName: ${DNSNAME}
 473 objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
 474 isCriticalSystemObject: TRUE
 475 unicodePwd: ${RANDPASS}
 476 servicePrincipalName: HOST/${DNSNAME}
 477
 478 dn: CN=krbtgt,CN=Users,${BASEDN}
 479 objectClass: top
 480 objectClass: person
 481 objectClass: organizationalPerson
 482 objectClass: user
 483 cn: krbtgt
 484 description: Key Distribution Center Service Account
 485 instanceType: 4
 486 whenCreated: ${LDAPTIME}
 487 whenChanged: ${LDAPTIME}
 488 uSNCreated: 1
 489 uSNChanged: 1
 490 showInAdvancedViewOnly: TRUE
 491 name: krbtgt
 492 objectGUID: ${NEWGUID}
 493 userAccountControl: 514
 494 badPwdCount: 0
 495 codePage: 0
 496 countryCode: 0
 497 badPasswordTime: 0
 498 lastLogoff: 0
 499 lastLogon: 0
 500 pwdLastSet: 127258826179466560
 501 primaryGroupID: 513
 502 objectSid: ${DOMAINSID}-502
 503 adminCount: 1
 504 accountExpires: 9223372036854775807
 505 logonCount: 0
 506 sAMAccountName: krbtgt
 507 sAMAccountType: 805306368
 508 servicePrincipalName: kadmin/changepw
 509 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 510 isCriticalSystemObject: TRUE
 511 unicodePwd: ${RANDPASS}
 512
 513 dn: CN=Domain Computers,CN=Users,${BASEDN}
 514 objectClass: top
 515 objectClass: group
 516 cn: Domain Computers
 517 description: All workstations and servers joined to the domain
 518 instanceType: 4
 519 whenCreated: ${LDAPTIME}
 520 whenChanged: ${LDAPTIME}
 521 uSNCreated: 1
 522 uSNChanged: 1
 523 name: Domain Computers
 524 objectGUID: ${NEWGUID}
 525 objectSid: ${DOMAINSID}-515
 526 sAMAccountName: Domain Computers
 527 sAMAccountType: 268435456
 528 groupType: -2147483646
 529 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 530 isCriticalSystemObject: TRUE
 531
 532 dn: CN=Domain Controllers,CN=Users,${BASEDN}
 533 objectClass: top
 534 objectClass: group
 535 cn: Domain Controllers
 536 description: All domain controllers in the domain
 537 instanceType: 4
 538 whenCreated: ${LDAPTIME}
 539 whenChanged: ${LDAPTIME}
 540 uSNCreated: 1
 541 uSNChanged: 1
 542 name: Domain Controllers
 543 objectGUID: ${NEWGUID}
 544 objectSid: ${DOMAINSID}-516
 545 adminCount: 1
 546 sAMAccountName: Domain Controllers
 547 sAMAccountType: 268435456
 548 groupType: -2147483646
 549 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 550 isCriticalSystemObject: TRUE
 551
 552 dn: CN=Schema Admins,CN=Users,${BASEDN}
 553 objectClass: top
 554 objectClass: group
 555 cn: Schema Admins
 556 description: Designated administrators of the schema
 557 member: CN=Administrator,CN=Users,${BASEDN}
 558 instanceType: 4
 559 whenCreated: ${LDAPTIME}
 560 whenChanged: ${LDAPTIME}
 561 uSNCreated: 1
 562 uSNChanged: 1
 563 name: Schema Admins
 564 objectGUID: ${NEWGUID}
 565 objectSid: ${DOMAINSID}-518
 566 adminCount: 1
 567 sAMAccountName: Schema Admins
 568 sAMAccountType: 268435456
 569 groupType: -2147483646
 570 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 571 isCriticalSystemObject: TRUE
 572 unixName: ${WHEEL}
 573
 574 dn: CN=Enterprise Admins,CN=Users,${BASEDN}
 575 objectClass: top
 576 objectClass: group
 577 cn: Enterprise Admins
 578 description: Designated administrators of the enterprise
 579 member: CN=Administrator,CN=Users,${BASEDN}
 580 instanceType: 4
 581 whenCreated: ${LDAPTIME}
 582 whenChanged: ${LDAPTIME}
 583 uSNCreated: 1
 584 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 585 uSNChanged: 1
 586 name: Enterprise Admins
 587 objectGUID: ${NEWGUID}
 588 objectSid: ${DOMAINSID}-519
 589 adminCount: 1
 590 sAMAccountName: Enterprise Admins
 591 sAMAccountType: 268435456
 592 groupType: -2147483646
 593 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 594 isCriticalSystemObject: TRUE
 595 unixName: ${WHEEL}
 596
 597 dn: CN=Cert Publishers,CN=Users,${BASEDN}
 598 objectClass: top
 599 objectClass: group
 600 cn: Cert Publishers
 601 description: Members of this group are permitted to publish certificates to the Active Directory
 602 instanceType: 4
 603 whenCreated: ${LDAPTIME}
 604 whenChanged: ${LDAPTIME}
 605 uSNCreated: 1
 606 uSNChanged: 1
 607 name: Cert Publishers
 608 objectGUID: ${NEWGUID}
 609 objectSid: ${DOMAINSID}-517
 610 sAMAccountName: Cert Publishers
 611 sAMAccountType: 0x20000000
 612 groupType: -2147483644
 613 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 614 isCriticalSystemObject: TRUE
 615
 616 dn: CN=Domain Admins,CN=Users,${BASEDN}
 617 objectClass: top
 618 objectClass: group
 619 cn: Domain Admins
 620 description: Designated administrators of the domain
 621 member: CN=Administrator,CN=Users,${BASEDN}
 622 instanceType: 4
 623 whenCreated: ${LDAPTIME}
 624 whenChanged: ${LDAPTIME}
 625 uSNCreated: 1
 626 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 627 uSNChanged: 1
 628 name: Domain Admins
 629 objectGUID: ${NEWGUID}
 630 objectSid: ${DOMAINSID}-512
 631 adminCount: 1
 632 sAMAccountName: Domain Admins
 633 sAMAccountType: 268435456
 634 groupType: -2147483646
 635 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 636 isCriticalSystemObject: TRUE
 637 unixName: ${WHEEL}
 638
 639 dn: CN=Domain Users,CN=Users,${BASEDN}
 640 objectClass: top
 641 objectClass: group
 642 cn: Domain Users
 643 description: All domain users
 644 instanceType: 4
 645 whenCreated: ${LDAPTIME}
 646 whenChanged: ${LDAPTIME}
 647 uSNCreated: 1
 648 memberOf: CN=Users,CN=Builtin,${BASEDN}
 649 uSNChanged: 1
 650 name: Domain Users
 651 objectGUID: ${NEWGUID}
 652 objectSid: ${DOMAINSID}-513
 653 sAMAccountName: Domain Users
 654 sAMAccountType: 268435456
 655 groupType: -2147483646
 656 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 657 isCriticalSystemObject: TRUE
 658 unixName: ${USERS}
 659
 660 dn: CN=Domain Guests,CN=Users,${BASEDN}
 661 objectClass: top
 662 objectClass: group
 663 cn: Domain Guests
 664 description: All domain guests
 665 instanceType: 4
 666 whenCreated: ${LDAPTIME}
 667 whenChanged: ${LDAPTIME}
 668 uSNCreated: 1
 669 memberOf: CN=Guests,CN=Builtin,${BASEDN}
 670 uSNChanged: 1
 671 name: Domain Guests
 672 objectGUID: ${NEWGUID}
 673 objectSid: ${DOMAINSID}-514
 674 sAMAccountName: Domain Guests
 675 sAMAccountType: 268435456
 676 groupType: -2147483646
 677 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 678 isCriticalSystemObject: TRUE
 679
 680 dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
 681 objectClass: top
 682 objectClass: group
 683 cn: Group Policy Creator Owners
 684 description: Members in this group can modify group policy for the domain
 685 member: CN=Administrator,CN=Users,${BASEDN}
 686 instanceType: 4
 687 whenCreated: ${LDAPTIME}
 688 whenChanged: ${LDAPTIME}
 689 uSNCreated: 1
 690 uSNChanged: 1
 691 name: Group Policy Creator Owners
 692 objectGUID: ${NEWGUID}
 693 objectSid: ${DOMAINSID}-520
 694 sAMAccountName: Group Policy Creator Owners
 695 sAMAccountType: 268435456
 696 groupType: -2147483646
 697 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 698 isCriticalSystemObject: TRUE
 699 unixName: ${WHEEL}
 700
 701 dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
 702 objectClass: top
 703 objectClass: group
 704 cn: RAS and IAS Servers
 705 description: Servers in this group can access remote access properties of users
 706 instanceType: 4
 707 whenCreated: ${LDAPTIME}
 708 whenChanged: ${LDAPTIME}
 709 uSNCreated: 1
 710 uSNChanged: 1
 711 name: RAS and IAS Servers
 712 objectGUID: ${NEWGUID}
 713 objectSid: ${DOMAINSID}-553
 714 sAMAccountName: RAS and IAS Servers
 715 sAMAccountType: 0x20000000
 716 groupType: -2147483644
 717 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 718 isCriticalSystemObject: TRUE
 719
 720 dn: CN=Server Operators,CN=Builtin,${BASEDN}
 721 objectClass: top
 722 objectClass: group
 723 cn: Server Operators
 724 description: Members can administer domain servers
 725 instanceType: 4
 726 whenCreated: ${LDAPTIME}
 727 whenChanged: ${LDAPTIME}
 728 uSNCreated: 1
 729 uSNChanged: 1
 730 name: Server Operators
 731 objectGUID: ${NEWGUID}
 732 objectSid: S-1-5-32-549
 733 adminCount: 1
 734 sAMAccountName: Server Operators
 735 sAMAccountType: 0x20000000
 736 systemFlags: 0x8c000000
 737 groupType: 0x80000005
 738 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 739 isCriticalSystemObject: TRUE
 740
 741 dn: CN=Account Operators,CN=Builtin,${BASEDN}
 742 objectClass: top
 743 objectClass: group
 744 cn: Account Operators
 745 description: Members can administer domain user and group accounts
 746 instanceType: 4
 747 whenCreated: ${LDAPTIME}
 748 whenChanged: ${LDAPTIME}
 749 uSNCreated: 1
 750 uSNChanged: 1
 751 name: Account Operators
 752 objectGUID: ${NEWGUID}
 753 objectSid: S-1-5-32-548
 754 adminCount: 1
 755 sAMAccountName: Account Operators
 756 sAMAccountType: 0x20000000
 757 systemFlags: 0x8c000000
 758 groupType: 0x80000005
 759 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 760 isCriticalSystemObject: TRUE
 761
 762 dn: CN=Templates,${BASEDN}
 763 objectClass: top
 764 objectClass: container
 765 cn: Templates
 766 description: Container for SAM account templates
 767 instanceType: 4
 768 whenCreated: ${LDAPTIME}
 769 whenChanged: ${LDAPTIME}
 770 uSNCreated: 1
 771 uSNChanged: 1
 772 showInAdvancedViewOnly: FALSE
 773 name: Templates
 774 objectGUID: ${NEWGUID}
 775 systemFlags: 0x8c000000
 776 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 777 isCriticalSystemObject: TRUE
 778
 779 ###
 780 # note! the template users must not match normal searches. Be careful
 781 # with what classes you put them in
 782 ###
 783
 784 dn: CN=TemplateUser,CN=Templates,${BASEDN}
 785 objectClass: top
 786 objectClass: person
 787 objectClass: organizationalPerson
 788 objectClass: Template
 789 objectClass: userTemplate
 790 cn: TemplateUser
 791 name: TemplateUser
 792 instanceType: 4
 793 userAccountControl: 0x202
 794 badPwdCount: 0
 795 codePage: 0
 796 countryCode: 0
 797 badPasswordTime: 0
 798 lastLogoff: 0
 799 lastLogon: 0
 800 pwdLastSet: 0
 801 primaryGroupID: 513
 802 accountExpires: -1
 803 logonCount: 0
 804 sAMAccountType: 0x30000000
 805
 806 dn: CN=TemplateMemberServer,CN=Templates,${BASEDN}
 807 objectClass: top
 808 objectClass: Template
 809 objectClass: userTemplate
 810 cn: TemplateMemberServer
 811 name: TemplateMemberServer
 812 instanceType: 4
 813 userAccountControl: 0x1002
 814 badPwdCount: 0
 815 codePage: 0
 816 countryCode: 0
 817 badPasswordTime: 0
 818 lastLogoff: 0
 819 lastLogon: 0
 820 pwdLastSet: 0
 821 primaryGroupID: 513
 822 accountExpires: -1
 823 logonCount: 0
 824 sAMAccountType: 0x30000001
 825
 826 dn: CN=TemplateDomainController,CN=Templates,${BASEDN}
 827 objectClass: top
 828 objectClass: Template
 829 objectClass: userTemplate
 830 cn: TemplateDomainController
 831 name: TemplateDomainController
 832 instanceType: 4
 833 userAccountControl: 0x2002
 834 badPwdCount: 0
 835 codePage: 0
 836 countryCode: 0
 837 badPasswordTime: 0
 838 lastLogoff: 0
 839 lastLogon: 0
 840 pwdLastSet: 0
 841 primaryGroupID: 513
 842 accountExpires: -1
 843 logonCount: 0
 844 sAMAccountType: 0x30000001
 845
 846 dn: CN=TemplateGroup,CN=Templates,${BASEDN}
 847 objectClass: top
 848 objectClass: Template
 849 objectClass: groupTemplate
 850 cn: TemplateGroup
 851 name: TemplateGroup
 852 instanceType: 4
 853 sAMAccountType: 0x10000000
 854