We now create it automatically in the samldb module when the first
user is created.
The creation of the dns user also had to move to the _modify.ldif as
it now relies on the fSMO role being setup for the RID Manager
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
"DEFAULTSITE": names.sitename,
"DNSNAME": "%s.%s" % (names.hostname, names.dnsdomain),
"MACHINEPASS_B64": b64encode(machinepass),
- "DNSPASS_B64": b64encode(dnspass),
"REALM": names.realm,
"DOMAIN": names.domain,
"DOMAINSID": str(domainsid),
"DEFAULTSITE": names.sitename,
"SERVERDN": names.serverdn,
"NETBIOSNAME": names.netbiosname,
- "NTDSGUID": names.ntdsguid
+ "NTDSGUID": names.ntdsguid,
+ "DNSPASS_B64": b64encode(dnspass),
})
objectClass: top
objectClass: rIDManager
systemFlags: -1946157056
-# we have granted up to 1499 to ourselves in a RID Set
-rIDAvailablePool: 1500-1073741823
+rIDAvailablePool: 1000-1073741823
isCriticalSystemObject: TRUE
dn: CN=RpcServices,CN=System,${DOMAINDN}
operatingSystem: Samba
operatingSystemVersion: ${SAMBA_VERSION_STRING}
primaryGroupID: 516
-rIDSetReferences: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
sAMAccountName: ${NETBIOSNAME}$
# "servicePrincipalName" for FRS doesn't exit since we still miss FRS support
# "servicePrincipalName"s for DNS ("ldap/../ForestDnsZones",
servicePrincipalName: ldap/${DNSNAME}/${REALM}
userAccountControl: 532480
userPassword:: ${MACHINEPASS_B64}
-objectSID: ${DOMAINSID}-1001
-
-dn: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
-objectClass: top
-objectClass: rIDSet
-rIDAllocationPool: 1000-1499
-rIDPreviousAllocationPool: 1000-1499
-rIDUsedPool: 0
-rIDNextRID: 1001
-
+objectSID: ${DOMAINSID}-1000
# Here are missing the objects for the NTFRS subscription and the RID set since
# we don't support those techniques (FRS, distributed RIDs) yet.
options: 1
systemFlags: 33554432
${NTDSGUID}
-
-# Provides an account for DNS keytab export
-dn: CN=dns,CN=Users,${DOMAINDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
-description: DNS Service Account
-userAccountControl: 514
-accountExpires: 9223372036854775807
-sAMAccountName: dns
-servicePrincipalName: DNS/${DNSDOMAIN}
-userPassword:: ${DNSPASS_B64}
-isCriticalSystemObject: TRUE
add: servicePrincipalName
servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DNSDOMAIN}
servicePrincipalName: ldap/${NTDSGUID}._msdcs.${DNSDOMAIN}
+
+dn: CN=dns,CN=Users,${DOMAINDN}
+changetype: add
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: user
+description: DNS Service Account
+userAccountControl: 514
+accountExpires: 9223372036854775807
+sAMAccountName: dns
+servicePrincipalName: DNS/${DNSDOMAIN}
+userPassword:: ${DNSPASS_B64}
+isCriticalSystemObject: TRUE
git.samba.org / idra / samba.git / commitdiff