source4/provision.ldif

   1 dn: @INDEXLIST
   2 @IDXATTR: name
   3 @IDXATTR: sAMAccountName
   4 @IDXATTR: objectSid
   5 @IDXATTR: objectClass
   6 @IDXATTR: member
   7 @IDXATTR: unixID
   8 @IDXATTR: unixName
   9
  10 dn: @ATTRIBUTES
  11 realm: CASE_INSENSITIVE
  12 userPrincipalName: CASE_INSENSITIVE
  13 servicePrincipalName: CASE_INSENSITIVE
  14 name: CASE_INSENSITIVE WILDCARD
  15 dn: CASE_INSENSITIVE WILDCARD
  16 sAMAccountName: CASE_INSENSITIVE WILDCARD
  17 objectClass: CASE_INSENSITIVE
  18 unicodePwd: HIDDEN
  19 ntPwdHash: HIDDEN
  20 ntPwdHistory: HIDDEN
  21 lmPwdHash: HIDDEN
  22 lmPwdHistory: HIDDEN
  23 createTimestamp: HIDDEN
  24 modifyTimestamp: HIDDEN
  25
  26 dn: @SUBCLASSES
  27 top: domain
  28 top: person
  29 top: group
  30 domain: domainDNS
  31 domain: builtinDomain
  32 person: organizationalPerson
  33 organizationalPerson: user
  34 user: computer
  35 template: userTemplate
  36 template: groupTemplate
  37
  38 dn: @MODULES
  39 @MODULE: timestamps
  40
  41 dn: ${BASEDN}
  42 objectClass: top
  43 objectClass: domain
  44 objectClass: domainDNS
  45 name: ${DOMAIN}
  46 realm: ${REALM}
  47 dnsDomain: ${DNSDOMAIN}
  48 dc: ${DOMAIN}
  49 objectGUID: ${DOMAINGUID}
  50 creationTime: ${NTTIME}
  51 forceLogoff: 0x8000000000000000
  52 lockoutDuration: -18000000000
  53 lockOutObservationWindow: -18000000000
  54 lockoutThreshold: 0
  55 whenCreated: ${LDAPTIME}
  56 whenChanged: ${LDAPTIME}
  57 uSNCreated: 1
  58 uSNChanged: 1
  59 maxPwdAge: -37108517437440
  60 minPwdAge: 0
  61 minPwdLength: 7
  62 modifiedCountAtLastProm: 0
  63 nextRid: 1001
  64 pwdProperties: 1
  65 pwdHistoryLength: 24
  66 objectSid: ${DOMAINSID}
  67 serverState: 1
  68 uASCompat: 1
  69 modifiedCount: 1
  70 objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN}
  71 isCriticalSystemObject: TRUE
  72
  73 dn: CN=Users,${BASEDN}
  74 objectClass: top
  75 objectClass: container
  76 cn: Users
  77 description: Default container for upgraded user accounts
  78 instanceType: 4
  79 whenCreated: ${LDAPTIME}
  80 whenChanged: ${LDAPTIME}
  81 uSNCreated: 1
  82 uSNChanged: 1
  83 showInAdvancedViewOnly: FALSE
  84 name: Users
  85 objectGUID: ${NEWGUID}
  86 systemFlags: 0x8c000000
  87 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
  88 isCriticalSystemObject: TRUE
  89
  90 dn: CN=Computers,${BASEDN}
  91 objectClass: top
  92 objectClass: container
  93 cn: Computers
  94 description: Default container for upgraded computer accounts
  95 instanceType: 4
  96 whenCreated: ${LDAPTIME}
  97 whenChanged: ${LDAPTIME}
  98 uSNCreated: 1
  99 uSNChanged: 1
 100 showInAdvancedViewOnly: FALSE
 101 name: Computers
 102 objectGUID: ${NEWGUID}
 103 systemFlags: 0x8c000000
 104 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 105 isCriticalSystemObject: TRUE
 106
 107 dn: OU=Domain Controllers,${BASEDN}
 108 objectClass: top
 109 objectClass: organizationalUnit
 110 ou: Domain Controllers
 111 description: Default container for domain controllers
 112 instanceType: 4
 113 whenCreated: ${LDAPTIME}
 114 whenChanged: ${LDAPTIME}
 115 uSNCreated: 1
 116 uSNChanged: 1
 117 showInAdvancedViewOnly: FALSE
 118 name: Domain Controllers
 119 objectGUID: ${NEWGUID}
 120 systemFlags: 0x8c000000
 121 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN}
 122 isCriticalSystemObject: TRUE
 123
 124 dn: CN=ForeignSecurityPrincipals,${BASEDN}
 125 objectClass: top
 126 objectClass: container
 127 cn: ForeignSecurityPrincipals
 128 description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
 129 instanceType: 4
 130 whenCreated: ${LDAPTIME}
 131 whenChanged: ${LDAPTIME}
 132 uSNCreated: 1
 133 uSNChanged: 1
 134 showInAdvancedViewOnly: FALSE
 135 name: ForeignSecurityPrincipals
 136 objectGUID: ${NEWGUID}
 137 systemFlags: 0x8c000000
 138 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 139 isCriticalSystemObject: TRUE
 140
 141 dn: CN=Builtin,${BASEDN}
 142 objectClass: top
 143 objectClass: builtinDomain
 144 cn: Builtin
 145 instanceType: 4
 146 showInAdvancedViewOnly: FALSE
 147 name: Builtin
 148 forceLogoff: 0x8000000000000000
 149 lockoutDuration: -18000000000
 150 lockOutObservationWindow: -18000000000
 151 lockoutThreshold: 0
 152 maxPwdAge: -37108517437440
 153 minPwdAge: 0
 154 minPwdLength: 0
 155 modifiedCountAtLastProm: 0
 156 nextRid: 1000
 157 pwdProperties: 0
 158 pwdHistoryLength: 0
 159 objectSid: S-1-5-32
 160 serverState: 1
 161 uASCompat: 1
 162 modifiedCount: 1
 163 objectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,${BASEDN}
 164 isCriticalSystemObject: TRUE
 165
 166 dn: CN=Administrator,CN=Users,${BASEDN}
 167 objectClass: top
 168 objectClass: person
 169 objectClass: organizationalPerson
 170 objectClass: user
 171 cn: Administrator
 172 description: Built-in account for administering the computer/domain
 173 instanceType: 4
 174 whenCreated: ${LDAPTIME}
 175 whenChanged: ${LDAPTIME}
 176 uSNCreated: 1
 177 memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
 178 memberOf: CN=Domain Admins,CN=Users,${BASEDN}
 179 memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
 180 memberOf: CN=Schema Admins,CN=Users,${BASEDN}
 181 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 182 uSNChanged: 1
 183 name: Administrator
 184 objectGUID: ${NEWGUID}
 185 userAccountControl: 0x10200
 186 badPwdCount: 0
 187 codePage: 0
 188 countryCode: 0
 189 badPasswordTime: 0
 190 lastLogoff: 0
 191 lastLogon: 0
 192 pwdLastSet: 0
 193 primaryGroupID: 513
 194 objectSid: ${DOMAINSID}-500
 195 adminCount: 1
 196 accountExpires: -1
 197 logonCount: 0
 198 sAMAccountName: Administrator
 199 sAMAccountType: 0x30000000
 200 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 201 isCriticalSystemObject: TRUE
 202 unicodePwd: ${ADMINPASS}
 203 unixName: root
 204
 205 dn: CN=Guest,CN=Users,${BASEDN}
 206 objectClass: top
 207 objectClass: person
 208 objectClass: organizationalPerson
 209 objectClass: user
 210 cn: Guest
 211 description: Built-in account for guest access to the computer/domain
 212 instanceType: 4
 213 whenCreated: ${LDAPTIME}
 214 whenChanged: ${LDAPTIME}
 215 uSNCreated: 1
 216 memberOf: CN=Guests,CN=Builtin,${BASEDN}
 217 uSNChanged: 1
 218 name: Guest
 219 objectGUID: ${NEWGUID}
 220 userAccountControl: 0x10222
 221 badPwdCount: 0
 222 codePage: 0
 223 countryCode: 0
 224 badPasswordTime: 0
 225 lastLogoff: 0
 226 lastLogon: 0
 227 pwdLastSet: 0
 228 primaryGroupID: 514
 229 objectSid: ${DOMAINSID}-501
 230 accountExpires: -1
 231 logonCount: 0
 232 sAMAccountName: Guest
 233 sAMAccountType: 0x30000000
 234 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 235 isCriticalSystemObject: TRUE
 236
 237 dn: CN=Administrators,CN=Builtin,${BASEDN}
 238 objectClass: top
 239 objectClass: group
 240 cn: Administrators
 241 description: Administrators have complete and unrestricted access to the computer/domain
 242 member: CN=Domain Admins,CN=Users,${BASEDN}
 243 member: CN=Enterprise Admins,CN=Users,${BASEDN}
 244 member: CN=Administrator,CN=Users,${BASEDN}
 245 instanceType: 4
 246 whenCreated: ${LDAPTIME}
 247 whenChanged: ${LDAPTIME}
 248 uSNCreated: 1
 249 uSNChanged: 1
 250 name: Administrators
 251 objectGUID: ${NEWGUID}
 252 objectSid: S-1-5-32-544
 253 adminCount: 1
 254 sAMAccountName: Administrators
 255 sAMAccountType: 0x20000000
 256 systemFlags: 0x8c000000
 257 groupType: 0x80000005
 258 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 259 isCriticalSystemObject: TRUE
 260 unixName: ${WHEEL}
 261
 262 dn: CN=Users,CN=Builtin,${BASEDN}
 263 objectClass: top
 264 objectClass: group
 265 cn: Users
 266 description: Users are prevented from making accidental or intentional system-wide changes.  Thus, Users can run certified applications, but not most legacy applications
 267 member: CN=Domain Users,CN=Users,${BASEDN}
 268 instanceType: 4
 269 whenCreated: ${LDAPTIME}
 270 whenChanged: ${LDAPTIME}
 271 uSNCreated: 1
 272 uSNChanged: 1
 273 name: Users
 274 objectGUID: ${NEWGUID}
 275 objectSid: S-1-5-32-545
 276 sAMAccountName: Users
 277 sAMAccountType: 0x20000000
 278 systemFlags: 0x8c000000
 279 groupType: 0x80000005
 280 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 281 isCriticalSystemObject: TRUE
 282
 283 dn: CN=Guests,CN=Builtin,${BASEDN}
 284 objectClass: top
 285 objectClass: group
 286 cn: Guests
 287 description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
 288 member: CN=Domain Guests,CN=Users,${BASEDN}
 289 member: CN=Guest,CN=Users,${BASEDN}
 290 instanceType: 4
 291 whenCreated: ${LDAPTIME}
 292 whenChanged: ${LDAPTIME}
 293 uSNCreated: 1
 294 uSNChanged: 1
 295 name: Guests
 296 objectGUID: ${NEWGUID}
 297 objectSid: S-1-5-32-546
 298 sAMAccountName: Guests
 299 sAMAccountType: 0x20000000
 300 systemFlags: 0x8c000000
 301 groupType: 0x80000005
 302 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 303 isCriticalSystemObject: TRUE
 304 unixName: ${NOGROUP}
 305
 306 dn: CN=Print Operators,CN=Builtin,${BASEDN}
 307 objectClass: top
 308 objectClass: group
 309 cn: Print Operators
 310 description: Members can administer domain printers
 311 instanceType: 4
 312 whenCreated: ${LDAPTIME}
 313 whenChanged: ${LDAPTIME}
 314 uSNCreated: 1
 315 uSNChanged: 1
 316 name: Print Operators
 317 objectGUID: ${NEWGUID}
 318 objectSid: S-1-5-32-550
 319 adminCount: 1
 320 sAMAccountName: Print Operators
 321 sAMAccountType: 0x20000000
 322 systemFlags: 0x8c000000
 323 groupType: 0x80000005
 324 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 325 isCriticalSystemObject: TRUE
 326
 327 dn: CN=Backup Operators,CN=Builtin,${BASEDN}
 328 objectClass: top
 329 objectClass: group
 330 cn: Backup Operators
 331 description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
 332 instanceType: 4
 333 whenCreated: ${LDAPTIME}
 334 whenChanged: ${LDAPTIME}
 335 uSNCreated: 1
 336 uSNChanged: 1
 337 name: Backup Operators
 338 objectGUID: ${NEWGUID}
 339 objectSid: S-1-5-32-551
 340 adminCount: 1
 341 sAMAccountName: Backup Operators
 342 sAMAccountType: 0x20000000
 343 systemFlags: 0x8c000000
 344 groupType: 0x80000005
 345 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 346 isCriticalSystemObject: TRUE
 347
 348 dn: CN=Replicator,CN=Builtin,${BASEDN}
 349 objectClass: top
 350 objectClass: group
 351 cn: Replicator
 352 description: Supports file replication in a domain
 353 instanceType: 4
 354 whenCreated: ${LDAPTIME}
 355 whenChanged: ${LDAPTIME}
 356 uSNCreated: 1
 357 uSNChanged: 1
 358 name: Replicator
 359 objectGUID: ${NEWGUID}
 360 objectSid: S-1-5-32-552
 361 adminCount: 1
 362 sAMAccountName: Replicator
 363 sAMAccountType: 0x20000000
 364 systemFlags: 0x8c000000
 365 groupType: 0x80000005
 366 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 367 isCriticalSystemObject: TRUE
 368
 369 dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN}
 370 objectClass: top
 371 objectClass: group
 372 cn: Remote Desktop Users
 373 description: Members in this group are granted the right to logon remotely
 374 instanceType: 4
 375 whenCreated: ${LDAPTIME}
 376 whenChanged: ${LDAPTIME}
 377 uSNCreated: 1
 378 uSNChanged: 1
 379 name: Remote Desktop Users
 380 objectGUID: ${NEWGUID}
 381 objectSid: S-1-5-32-555
 382 sAMAccountName: Remote Desktop Users
 383 sAMAccountType: 0x20000000
 384 systemFlags: 0x8c000000
 385 groupType: 0x80000005
 386 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 387 isCriticalSystemObject: TRUE
 388
 389 dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN}
 390 objectClass: top
 391 objectClass: group
 392 cn: Network Configuration Operators
 393 description: Members in this group can have some administrative privileges to manage configuration of networking features
 394 instanceType: 4
 395 whenCreated: ${LDAPTIME}
 396 whenChanged: ${LDAPTIME}
 397 uSNCreated: 1
 398 uSNChanged: 1
 399 name: Network Configuration Operators
 400 objectGUID: ${NEWGUID}
 401 objectSid: S-1-5-32-556
 402 sAMAccountName: Network Configuration Operators
 403 sAMAccountType: 0x20000000
 404 systemFlags: 0x8c000000
 405 groupType: 0x80000005
 406 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 407 isCriticalSystemObject: TRUE
 408
 409 dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN}
 410 objectClass: top
 411 objectClass: group
 412 cn: Performance Monitor Users
 413 description: Members of this group have remote access to monitor this computer
 414 instanceType: 4
 415 whenCreated: ${LDAPTIME}
 416 whenChanged: ${LDAPTIME}
 417 uSNCreated: 1
 418 uSNChanged: 1
 419 name: Performance Monitor Users
 420 objectGUID: ${NEWGUID}
 421 objectSid: S-1-5-32-558
 422 sAMAccountName: Performance Monitor Users
 423 sAMAccountType: 0x20000000
 424 systemFlags: 0x8c000000
 425 groupType: 0x80000005
 426 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 427 isCriticalSystemObject: TRUE
 428
 429 dn: CN=Performance Log Users,CN=Builtin,${BASEDN}
 430 objectClass: top
 431 objectClass: group
 432 cn: Performance Log Users
 433 description: Members of this group have remote access to schedule logging of performance counters on this computer
 434 instanceType: 4
 435 whenCreated: ${LDAPTIME}
 436 whenChanged: ${LDAPTIME}
 437 uSNCreated: 1
 438 uSNChanged: 1
 439 name: Performance Log Users
 440 objectGUID: ${NEWGUID}
 441 objectSid: S-1-5-32-559
 442 sAMAccountName: Performance Log Users
 443 sAMAccountType: 0x20000000
 444 systemFlags: 0x8c000000
 445 groupType: 0x80000005
 446 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 447 isCriticalSystemObject: TRUE
 448
 449 dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
 450 objectClass: top
 451 objectClass: person
 452 objectClass: organizationalPerson
 453 objectClass: user
 454 objectClass: computer
 455 cn: ${NETBIOSNAME}
 456 instanceType: 4
 457 whenCreated: ${LDAPTIME}
 458 whenChanged: ${LDAPTIME}
 459 uSNCreated: 1
 460 uSNChanged: 1
 461 name: ${NETBIOSNAME}
 462 objectGUID: ${HOSTGUID}
 463 userAccountControl: 532480
 464 badPwdCount: 0
 465 codePage: 0
 466 countryCode: 0
 467 badPasswordTime: 0
 468 lastLogoff: 0
 469 lastLogon: 127273269057298624
 470 localPolicyFlags: 0
 471 pwdLastSet: 127258826171655328
 472 primaryGroupID: 516
 473 objectSid: ${DOMAINSID}-1000
 474 accountExpires: 9223372036854775807
 475 logonCount: 30
 476 sAMAccountName: ${NETBIOSNAME}$
 477 sAMAccountType: 805306369
 478 operatingSystem: Samba
 479 operatingSystemVersion: 4.0
 480 dNSHostName: ${DNSNAME}
 481 objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
 482 isCriticalSystemObject: TRUE
 483 unicodePwd: ${RANDPASS}
 484 servicePrincipalName: HOST/${DNSNAME}
 485 servicePrincipalName: HOST/${NETBIOSNAME}
 486 servicePrincipalName: CIFS/${DNSNAME}
 487 servicePrincipalName: CIFS/${NETBIOSNAME}
 488 servicePrincipalName: LDAP/${DNSNAME}
 489 servicePrincipalName: LDAP/${NETBIOSNAME}
 490
 491 dn: CN=krbtgt,CN=Users,${BASEDN}
 492 objectClass: top
 493 objectClass: person
 494 objectClass: organizationalPerson
 495 objectClass: user
 496 cn: krbtgt
 497 description: Key Distribution Center Service Account
 498 instanceType: 4
 499 whenCreated: ${LDAPTIME}
 500 whenChanged: ${LDAPTIME}
 501 uSNCreated: 1
 502 uSNChanged: 1
 503 showInAdvancedViewOnly: TRUE
 504 name: krbtgt
 505 objectGUID: ${NEWGUID}
 506 userAccountControl: 514
 507 badPwdCount: 0
 508 codePage: 0
 509 countryCode: 0
 510 badPasswordTime: 0
 511 lastLogoff: 0
 512 lastLogon: 0
 513 pwdLastSet: 127258826179466560
 514 primaryGroupID: 513
 515 objectSid: ${DOMAINSID}-502
 516 adminCount: 1
 517 accountExpires: 9223372036854775807
 518 logonCount: 0
 519 sAMAccountName: krbtgt
 520 sAMAccountType: 805306368
 521 servicePrincipalName: kadmin/changepw
 522 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
 523 isCriticalSystemObject: TRUE
 524 unicodePwd: ${RANDPASS}
 525
 526 dn: CN=Domain Computers,CN=Users,${BASEDN}
 527 objectClass: top
 528 objectClass: group
 529 cn: Domain Computers
 530 description: All workstations and servers joined to the domain
 531 instanceType: 4
 532 whenCreated: ${LDAPTIME}
 533 whenChanged: ${LDAPTIME}
 534 uSNCreated: 1
 535 uSNChanged: 1
 536 name: Domain Computers
 537 objectGUID: ${NEWGUID}
 538 objectSid: ${DOMAINSID}-515
 539 sAMAccountName: Domain Computers
 540 sAMAccountType: 268435456
 541 groupType: -2147483646
 542 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 543 isCriticalSystemObject: TRUE
 544
 545 dn: CN=Domain Controllers,CN=Users,${BASEDN}
 546 objectClass: top
 547 objectClass: group
 548 cn: Domain Controllers
 549 description: All domain controllers in the domain
 550 instanceType: 4
 551 whenCreated: ${LDAPTIME}
 552 whenChanged: ${LDAPTIME}
 553 uSNCreated: 1
 554 uSNChanged: 1
 555 name: Domain Controllers
 556 objectGUID: ${NEWGUID}
 557 objectSid: ${DOMAINSID}-516
 558 adminCount: 1
 559 sAMAccountName: Domain Controllers
 560 sAMAccountType: 268435456
 561 groupType: -2147483646
 562 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 563 isCriticalSystemObject: TRUE
 564
 565 dn: CN=Schema Admins,CN=Users,${BASEDN}
 566 objectClass: top
 567 objectClass: group
 568 cn: Schema Admins
 569 description: Designated administrators of the schema
 570 member: CN=Administrator,CN=Users,${BASEDN}
 571 instanceType: 4
 572 whenCreated: ${LDAPTIME}
 573 whenChanged: ${LDAPTIME}
 574 uSNCreated: 1
 575 uSNChanged: 1
 576 name: Schema Admins
 577 objectGUID: ${NEWGUID}
 578 objectSid: ${DOMAINSID}-518
 579 adminCount: 1
 580 sAMAccountName: Schema Admins
 581 sAMAccountType: 268435456
 582 groupType: -2147483646
 583 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 584 isCriticalSystemObject: TRUE
 585 unixName: ${WHEEL}
 586
 587 dn: CN=Enterprise Admins,CN=Users,${BASEDN}
 588 objectClass: top
 589 objectClass: group
 590 cn: Enterprise Admins
 591 description: Designated administrators of the enterprise
 592 member: CN=Administrator,CN=Users,${BASEDN}
 593 instanceType: 4
 594 whenCreated: ${LDAPTIME}
 595 whenChanged: ${LDAPTIME}
 596 uSNCreated: 1
 597 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 598 uSNChanged: 1
 599 name: Enterprise Admins
 600 objectGUID: ${NEWGUID}
 601 objectSid: ${DOMAINSID}-519
 602 adminCount: 1
 603 sAMAccountName: Enterprise Admins
 604 sAMAccountType: 268435456
 605 groupType: -2147483646
 606 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 607 isCriticalSystemObject: TRUE
 608 unixName: ${WHEEL}
 609
 610 dn: CN=Cert Publishers,CN=Users,${BASEDN}
 611 objectClass: top
 612 objectClass: group
 613 cn: Cert Publishers
 614 description: Members of this group are permitted to publish certificates to the Active Directory
 615 instanceType: 4
 616 whenCreated: ${LDAPTIME}
 617 whenChanged: ${LDAPTIME}
 618 uSNCreated: 1
 619 uSNChanged: 1
 620 name: Cert Publishers
 621 objectGUID: ${NEWGUID}
 622 objectSid: ${DOMAINSID}-517
 623 sAMAccountName: Cert Publishers
 624 sAMAccountType: 0x20000000
 625 groupType: -2147483644
 626 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 627 isCriticalSystemObject: TRUE
 628
 629 dn: CN=Domain Admins,CN=Users,${BASEDN}
 630 objectClass: top
 631 objectClass: group
 632 cn: Domain Admins
 633 description: Designated administrators of the domain
 634 member: CN=Administrator,CN=Users,${BASEDN}
 635 instanceType: 4
 636 whenCreated: ${LDAPTIME}
 637 whenChanged: ${LDAPTIME}
 638 uSNCreated: 1
 639 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
 640 uSNChanged: 1
 641 name: Domain Admins
 642 objectGUID: ${NEWGUID}
 643 objectSid: ${DOMAINSID}-512
 644 adminCount: 1
 645 sAMAccountName: Domain Admins
 646 sAMAccountType: 268435456
 647 groupType: -2147483646
 648 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 649 isCriticalSystemObject: TRUE
 650 unixName: ${WHEEL}
 651
 652 dn: CN=Domain Users,CN=Users,${BASEDN}
 653 objectClass: top
 654 objectClass: group
 655 cn: Domain Users
 656 description: All domain users
 657 instanceType: 4
 658 whenCreated: ${LDAPTIME}
 659 whenChanged: ${LDAPTIME}
 660 uSNCreated: 1
 661 memberOf: CN=Users,CN=Builtin,${BASEDN}
 662 uSNChanged: 1
 663 name: Domain Users
 664 objectGUID: ${NEWGUID}
 665 objectSid: ${DOMAINSID}-513
 666 sAMAccountName: Domain Users
 667 sAMAccountType: 268435456
 668 groupType: -2147483646
 669 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 670 isCriticalSystemObject: TRUE
 671 unixName: ${USERS}
 672
 673 dn: CN=Domain Guests,CN=Users,${BASEDN}
 674 objectClass: top
 675 objectClass: group
 676 cn: Domain Guests
 677 description: All domain guests
 678 instanceType: 4
 679 whenCreated: ${LDAPTIME}
 680 whenChanged: ${LDAPTIME}
 681 uSNCreated: 1
 682 memberOf: CN=Guests,CN=Builtin,${BASEDN}
 683 uSNChanged: 1
 684 name: Domain Guests
 685 objectGUID: ${NEWGUID}
 686 objectSid: ${DOMAINSID}-514
 687 sAMAccountName: Domain Guests
 688 sAMAccountType: 268435456
 689 groupType: -2147483646
 690 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 691 isCriticalSystemObject: TRUE
 692
 693 dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
 694 objectClass: top
 695 objectClass: group
 696 cn: Group Policy Creator Owners
 697 description: Members in this group can modify group policy for the domain
 698 member: CN=Administrator,CN=Users,${BASEDN}
 699 instanceType: 4
 700 whenCreated: ${LDAPTIME}
 701 whenChanged: ${LDAPTIME}
 702 uSNCreated: 1
 703 uSNChanged: 1
 704 name: Group Policy Creator Owners
 705 objectGUID: ${NEWGUID}
 706 objectSid: ${DOMAINSID}-520
 707 sAMAccountName: Group Policy Creator Owners
 708 sAMAccountType: 268435456
 709 groupType: -2147483646
 710 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 711 isCriticalSystemObject: TRUE
 712 unixName: ${WHEEL}
 713
 714 dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
 715 objectClass: top
 716 objectClass: group
 717 cn: RAS and IAS Servers
 718 description: Servers in this group can access remote access properties of users
 719 instanceType: 4
 720 whenCreated: ${LDAPTIME}
 721 whenChanged: ${LDAPTIME}
 722 uSNCreated: 1
 723 uSNChanged: 1
 724 name: RAS and IAS Servers
 725 objectGUID: ${NEWGUID}
 726 objectSid: ${DOMAINSID}-553
 727 sAMAccountName: RAS and IAS Servers
 728 sAMAccountType: 0x20000000
 729 groupType: -2147483644
 730 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 731 isCriticalSystemObject: TRUE
 732
 733 dn: CN=Server Operators,CN=Builtin,${BASEDN}
 734 objectClass: top
 735 objectClass: group
 736 cn: Server Operators
 737 description: Members can administer domain servers
 738 instanceType: 4
 739 whenCreated: ${LDAPTIME}
 740 whenChanged: ${LDAPTIME}
 741 uSNCreated: 1
 742 uSNChanged: 1
 743 name: Server Operators
 744 objectGUID: ${NEWGUID}
 745 objectSid: S-1-5-32-549
 746 adminCount: 1
 747 sAMAccountName: Server Operators
 748 sAMAccountType: 0x20000000
 749 systemFlags: 0x8c000000
 750 groupType: 0x80000005
 751 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 752 isCriticalSystemObject: TRUE
 753
 754 dn: CN=Account Operators,CN=Builtin,${BASEDN}
 755 objectClass: top
 756 objectClass: group
 757 cn: Account Operators
 758 description: Members can administer domain user and group accounts
 759 instanceType: 4
 760 whenCreated: ${LDAPTIME}
 761 whenChanged: ${LDAPTIME}
 762 uSNCreated: 1
 763 uSNChanged: 1
 764 name: Account Operators
 765 objectGUID: ${NEWGUID}
 766 objectSid: S-1-5-32-548
 767 adminCount: 1
 768 sAMAccountName: Account Operators
 769 sAMAccountType: 0x20000000
 770 systemFlags: 0x8c000000
 771 groupType: 0x80000005
 772 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
 773 isCriticalSystemObject: TRUE
 774
 775 dn: CN=Templates,${BASEDN}
 776 objectClass: top
 777 objectClass: container
 778 cn: Templates
 779 description: Container for SAM account templates
 780 instanceType: 4
 781 whenCreated: ${LDAPTIME}
 782 whenChanged: ${LDAPTIME}
 783 uSNCreated: 1
 784 uSNChanged: 1
 785 showInAdvancedViewOnly: FALSE
 786 name: Templates
 787 objectGUID: ${NEWGUID}
 788 systemFlags: 0x8c000000
 789 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 790 isCriticalSystemObject: TRUE
 791
 792 ###
 793 # note! the template users must not match normal searches. Be careful
 794 # with what classes you put them in
 795 ###
 796
 797 dn: CN=TemplateUser,CN=Templates,${BASEDN}
 798 objectClass: top
 799 objectClass: person
 800 objectClass: organizationalPerson
 801 objectClass: Template
 802 objectClass: userTemplate
 803 cn: TemplateUser
 804 name: TemplateUser
 805 instanceType: 4
 806 userAccountControl: 0x202
 807 badPwdCount: 0
 808 codePage: 0
 809 countryCode: 0
 810 badPasswordTime: 0
 811 lastLogoff: 0
 812 lastLogon: 0
 813 pwdLastSet: 0
 814 primaryGroupID: 513
 815 accountExpires: -1
 816 logonCount: 0
 817 sAMAccountType: 0x30000000
 818
 819 dn: CN=TemplateMemberServer,CN=Templates,${BASEDN}
 820 objectClass: top
 821 objectClass: Template
 822 objectClass: userTemplate
 823 cn: TemplateMemberServer
 824 name: TemplateMemberServer
 825 instanceType: 4
 826 userAccountControl: 0x1002
 827 badPwdCount: 0
 828 codePage: 0
 829 countryCode: 0
 830 badPasswordTime: 0
 831 lastLogoff: 0
 832 lastLogon: 0
 833 pwdLastSet: 0
 834 primaryGroupID: 513
 835 accountExpires: -1
 836 logonCount: 0
 837 sAMAccountType: 0x30000001
 838
 839 dn: CN=TemplateDomainController,CN=Templates,${BASEDN}
 840 objectClass: top
 841 objectClass: Template
 842 objectClass: userTemplate
 843 cn: TemplateDomainController
 844 name: TemplateDomainController
 845 instanceType: 4
 846 userAccountControl: 0x2002
 847 badPwdCount: 0
 848 codePage: 0
 849 countryCode: 0
 850 badPasswordTime: 0
 851 lastLogoff: 0
 852 lastLogon: 0
 853 pwdLastSet: 0
 854 primaryGroupID: 513
 855 accountExpires: -1
 856 logonCount: 0
 857 sAMAccountType: 0x30000001
 858
 859 dn: CN=TemplateGroup,CN=Templates,${BASEDN}
 860 objectClass: top
 861 objectClass: Template
 862 objectClass: groupTemplate
 863 cn: TemplateGroup
 864 name: TemplateGroup
 865 instanceType: 4
 866 sAMAccountType: 0x10000000
 867