X-Git-Url: http://git.samba.org/samba.git/?a=blobdiff_plain;f=source%2Fsetup%2Fprovision.ldif;h=b2d0848946f850307ba39b0ed281beae15c83cfe;hb=1f071b0609c5c83024db1d4a7d04334a932b8253;hp=466f567cda7779e729968da2b82eb118bcc5d626;hpb=8ee208a926d2b15fdc42753b1f9ee586564c6248;p=kai%2Fsamba.git

diff --git a/source/setup/provision.ldif b/source/setup/provision.ldif
index 466f567cda7..b2d0848946f 100644
--- a/source/setup/provision.ldif
+++ b/source/setup/provision.ldif
@@ -1,48 +1,3 @@
-dn: @INDEXLIST
-@IDXATTR: name
-@IDXATTR: sAMAccountName
-@IDXATTR: objectSid
-@IDXATTR: objectClass
-@IDXATTR: member
-@IDXATTR: unixID
-@IDXATTR: unixName
-@IDXATTR: privilege
-
-dn: @ATTRIBUTES
-realm: CASE_INSENSITIVE
-userPrincipalName: CASE_INSENSITIVE
-servicePrincipalName: CASE_INSENSITIVE
-cn: CASE_INSENSITIVE
-dc: CASE_INSENSITIVE
-name: CASE_INSENSITIVE WILDCARD
-dn: CASE_INSENSITIVE WILDCARD
-sAMAccountName: CASE_INSENSITIVE WILDCARD
-objectClass: CASE_INSENSITIVE
-unicodePwd: HIDDEN
-ntPwdHash: HIDDEN
-ntPwdHistory: HIDDEN
-lmPwdHash: HIDDEN
-lmPwdHistory: HIDDEN
-createTimestamp: HIDDEN
-modifyTimestamp: HIDDEN
-
-dn: @SUBCLASSES
-top: domain
-top: person
-top: group
-domain: domainDNS
-domain: builtinDomain
-person: organizationalPerson
-organizationalPerson: user
-user: computer
-template: userTemplate
-template: groupTemplate
-
-#Add modules to the list to activate them by default
-#beware often order is important
-dn: @MODULES
-@LIST: samldb,timestamps
-
 ###############################
 # Domain Naming Context
 ###############################
@@ -50,19 +5,14 @@ dn: ${BASEDN}
 objectClass: top
 objectClass: domain
 objectClass: domainDNS
-name: ${DOMAIN}
-flatname: ${DOMAIN}
-realm: ${REALM}
 dnsDomain: ${DNSDOMAIN}
-dc: ${DOMAIN}
+dc: ${RDN_DC}
 objectGUID: ${DOMAINGUID}
 creationTime: ${NTTIME}
 forceLogoff: 0x8000000000000000
 lockoutDuration: -18000000000
 lockOutObservationWindow: -18000000000
 lockoutThreshold: 0
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 maxPwdAge: -37108517437440
@@ -73,6 +23,7 @@ nextRid: 1001
 pwdProperties: 1
 pwdHistoryLength: 24
 objectSid: ${DOMAINSID}
+oEMInformation: Provisioned by Samba4: ${LDAPTIME}
 serverState: 1
 nTMixedDomain: 1
 msDS-Behavior-Version: 0
@@ -83,6 +34,7 @@ objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
 subRefs: CN=Configuration,${BASEDN}
 subRefs: CN=Schema,CN=Configuration,${BASEDN}
+canonicalName: ${REALM}/
 
 dn: CN=Users,${BASEDN}
 objectClass: top
@@ -90,13 +42,9 @@ objectClass: container
 cn: Users
 description: Default container for upgraded user accounts
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: FALSE
-name: Users
-objectGUID: ${NEWGUID}
 systemFlags: 0x8c000000
 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
@@ -107,13 +55,9 @@ objectClass: container
 cn: Computers
 description: Default container for upgraded computer accounts
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: FALSE
-name: Computers
-objectGUID: ${NEWGUID}
 systemFlags: 0x8c000000
 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
@@ -124,13 +68,9 @@ objectClass: organizationalUnit
 ou: Domain Controllers
 description: Default container for domain controllers
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: FALSE
-name: Domain Controllers
-objectGUID: ${NEWGUID}
 systemFlags: 0x8c000000
 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
@@ -141,13 +81,9 @@ objectClass: container
 cn: ForeignSecurityPrincipals
 description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: FALSE
-name: ForeignSecurityPrincipals
-objectGUID: ${NEWGUID}
 systemFlags: 0x8c000000
 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
@@ -158,13 +94,9 @@ objectClass: container
 cn: System
 description: Builtin system settings
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: TRUE
-name: System
-objectGUID: ${NEWGUID}
 systemFlags: 0x8c000000
 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
@@ -174,13 +106,9 @@ objectclass: top
 objectclass: rIDManager
 cn: RID Manager$
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: TRUE
-name: RID Manager$
-objectGUID: ${NEWGUID}
 systemFlags: 0x8c000000
 objectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
@@ -192,13 +120,9 @@ objectClass: top
 objectClass: container
 cn: DomainUpdates
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: TRUE
-name: DomainUpdates
-objectGUID: ${NEWGUID}
 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 
 dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN}
@@ -206,13 +130,9 @@ objectClass: top
 objectClass: container
 cn: Windows2003Update
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: TRUE
-name: Windows2003Update
-objectGUID: ${NEWGUID}
 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
 revision: 8
 
@@ -221,13 +141,9 @@ objectclass: top
 objectclass: infrastructureUpdate
 cn: Infrastructure
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: 1
 uSNChanged: 1
 showInAdvancedViewOnly: TRUE
-name: Infrastructure
-objectGUID: ${NEWGUID}
 systemFlags: 0x8c000000
 objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
@@ -239,7 +155,6 @@ objectClass: builtinDomain
 cn: Builtin
 instanceType: 4
 showInAdvancedViewOnly: FALSE
-name: Builtin
 forceLogoff: 0x8000000000000000
 lockoutDuration: -18000000000
 lockOutObservationWindow: -18000000000
@@ -258,803 +173,6 @@ modifiedCount: 1
 objectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,${BASEDN}
 isCriticalSystemObject: TRUE
 
-dn: CN=Administrator,CN=Users,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
-cn: Administrator
-description: Built-in account for administering the computer/domain
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
-memberOf: CN=Domain Admins,CN=Users,${BASEDN}
-memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
-memberOf: CN=Schema Admins,CN=Users,${BASEDN}
-memberOf: CN=Administrators,CN=Builtin,${BASEDN}
-uSNChanged: 1
-name: Administrator
-objectGUID: ${NEWGUID}
-userAccountControl: 0x10200
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 0
-pwdLastSet: 0
-primaryGroupID: 513
-objectSid: ${DOMAINSID}-500
-adminCount: 1
-accountExpires: -1
-logonCount: 0
-sAMAccountName: Administrator
-sAMAccountType: 0x30000000
-objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unicodePwd: ${ADMINPASS}
-unixName: root
-
-dn: CN=Guest,CN=Users,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
-cn: Guest
-description: Built-in account for guest access to the computer/domain
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-memberOf: CN=Guests,CN=Builtin,${BASEDN}
-uSNChanged: 1
-name: Guest
-objectGUID: ${NEWGUID}
-userAccountControl: 0x10222
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 0
-pwdLastSet: 0
-primaryGroupID: 514
-objectSid: ${DOMAINSID}-501
-accountExpires: -1
-logonCount: 0
-sAMAccountName: Guest
-sAMAccountType: 0x30000000
-objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Administrators,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Administrators
-description: Administrators have complete and unrestricted access to the computer/domain
-member: CN=Domain Admins,CN=Users,${BASEDN}
-member: CN=Enterprise Admins,CN=Users,${BASEDN}
-member: CN=Administrator,CN=Users,${BASEDN}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Administrators
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-544
-adminCount: 1
-sAMAccountName: Administrators
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unixName: ${WHEEL}
-privilege: SeSecurityPrivilege
-privilege: SeBackupPrivilege
-privilege: SeRestorePrivilege
-privilege: SeSystemtimePrivilege
-privilege: SeShutdownPrivilege
-privilege: SeRemoteShutdownPrivilege
-privilege: SeTakeOwnershipPrivilege
-privilege: SeDebugPrivilege
-privilege: SeSystemEnvironmentPrivilege
-privilege: SeSystemProfilePrivilege
-privilege: SeProfileSingleProcessPrivilege
-privilege: SeIncreaseBasePriorityPrivilege
-privilege: SeLoadDriverPrivilege
-privilege: SeCreatePagefilePrivilege
-privilege: SeIncreaseQuotaPrivilege
-privilege: SeChangeNotifyPrivilege
-privilege: SeUndockPrivilege
-privilege: SeManageVolumePrivilege
-privilege: SeImpersonatePrivilege
-privilege: SeCreateGlobalPrivilege
-privilege: SeEnableDelegationPrivilege
-privilege: SeInteractiveLogonRight
-privilege: SeNetworkLogonRight
-privilege: SeRemoteInteractiveLogonRight
-
-
-dn: CN=Users,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Users
-description: Users are prevented from making accidental or intentional system-wide changes.  Thus, Users can run certified applications, but not most legacy applications
-member: CN=Domain Users,CN=Users,${BASEDN}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Users
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-545
-sAMAccountName: Users
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Guests,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Guests
-description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
-member: CN=Domain Guests,CN=Users,${BASEDN}
-member: CN=Guest,CN=Users,${BASEDN}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Guests
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-546
-sAMAccountName: Guests
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unixName: ${NOGROUP}
-
-dn: CN=Print Operators,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Print Operators
-description: Members can administer domain printers
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Print Operators
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-550
-adminCount: 1
-sAMAccountName: Print Operators
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-privilege: SeLoadDriverPrivilege
-privilege: SeShutdownPrivilege
-privilege: SeInteractiveLogonRight
-
-dn: CN=Backup Operators,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Backup Operators
-description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Backup Operators
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-551
-adminCount: 1
-sAMAccountName: Backup Operators
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-privilege: SeBackupPrivilege
-privilege: SeRestorePrivilege
-privilege: SeShutdownPrivilege
-privilege: SeInteractiveLogonRight
-
-dn: CN=Replicator,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Replicator
-description: Supports file replication in a domain
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Replicator
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-552
-adminCount: 1
-sAMAccountName: Replicator
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Remote Desktop Users
-description: Members in this group are granted the right to logon remotely
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Remote Desktop Users
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-555
-sAMAccountName: Remote Desktop Users
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Network Configuration Operators
-description: Members in this group can have some administrative privileges to manage configuration of networking features
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Network Configuration Operators
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-556
-sAMAccountName: Network Configuration Operators
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Performance Monitor Users
-description: Members of this group have remote access to monitor this computer
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Performance Monitor Users
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-558
-sAMAccountName: Performance Monitor Users
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Performance Log Users,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Performance Log Users
-description: Members of this group have remote access to schedule logging of performance counters on this computer
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Performance Log Users
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-559
-sAMAccountName: Performance Log Users
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
-objectClass: computer
-cn: ${NETBIOSNAME}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: ${NETBIOSNAME}
-objectGUID: ${HOSTGUID}
-userAccountControl: 532480
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 127273269057298624
-localPolicyFlags: 0
-pwdLastSet: 127258826171655328
-primaryGroupID: 516
-objectSid: ${DOMAINSID}-1000
-accountExpires: 9223372036854775807
-logonCount: 30
-sAMAccountName: ${NETBIOSNAME}$
-sAMAccountType: 805306369
-operatingSystem: Samba
-operatingSystemVersion: 4.0
-dNSHostName: ${DNSNAME}
-objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unicodePwd: ${JOINPASS}
-servicePrincipalName: HOST/${DNSNAME}
-servicePrincipalName: HOST/${NETBIOSNAME}
-servicePrincipalName: CIFS/${DNSNAME}
-servicePrincipalName: CIFS/${NETBIOSNAME}
-servicePrincipalName: LDAP/${DNSNAME}
-servicePrincipalName: LDAP/${NETBIOSNAME}
-
-dn: CN=krbtgt,CN=Users,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: user
-cn: krbtgt
-description: Key Distribution Center Service Account
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-showInAdvancedViewOnly: TRUE
-name: krbtgt
-objectGUID: ${NEWGUID}
-userAccountControl: 514
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 0
-pwdLastSet: 127258826179466560
-primaryGroupID: 513
-objectSid: ${DOMAINSID}-502
-adminCount: 1
-accountExpires: 9223372036854775807
-logonCount: 0
-sAMAccountName: krbtgt
-sAMAccountType: 805306368
-servicePrincipalName: kadmin/changepw
-objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unicodePwd: ${RANDPASS}
-
-dn: CN=Domain Computers,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Domain Computers
-description: All workstations and servers joined to the domain
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Domain Computers
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-515
-sAMAccountName: Domain Computers
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Domain Controllers,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Domain Controllers
-description: All domain controllers in the domain
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Domain Controllers
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-516
-adminCount: 1
-sAMAccountName: Domain Controllers
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Schema Admins,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Schema Admins
-description: Designated administrators of the schema
-member: CN=Administrator,CN=Users,${BASEDN}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Schema Admins
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-518
-adminCount: 1
-sAMAccountName: Schema Admins
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unixName: ${WHEEL}
-
-dn: CN=Enterprise Admins,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Enterprise Admins
-description: Designated administrators of the enterprise
-member: CN=Administrator,CN=Users,${BASEDN}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-memberOf: CN=Administrators,CN=Builtin,${BASEDN}
-uSNChanged: 1
-name: Enterprise Admins
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-519
-adminCount: 1
-sAMAccountName: Enterprise Admins
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unixName: ${WHEEL}
-
-dn: CN=Cert Publishers,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Cert Publishers
-description: Members of this group are permitted to publish certificates to the Active Directory
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Cert Publishers
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-517
-sAMAccountName: Cert Publishers
-sAMAccountType: 0x20000000
-groupType: 0x80000004
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Domain Admins,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Domain Admins
-description: Designated administrators of the domain
-member: CN=Administrator,CN=Users,${BASEDN}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-memberOf: CN=Administrators,CN=Builtin,${BASEDN}
-uSNChanged: 1
-name: Domain Admins
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-512
-adminCount: 1
-sAMAccountName: Domain Admins
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unixName: ${WHEEL}
-
-dn: CN=Domain Users,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Domain Users
-description: All domain users
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-memberOf: CN=Users,CN=Builtin,${BASEDN}
-uSNChanged: 1
-name: Domain Users
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-513
-sAMAccountName: Domain Users
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unixName: ${USERS}
-
-dn: CN=Domain Guests,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Domain Guests
-description: All domain guests
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-memberOf: CN=Guests,CN=Builtin,${BASEDN}
-uSNChanged: 1
-name: Domain Guests
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-514
-sAMAccountName: Domain Guests
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Group Policy Creator Owners
-description: Members in this group can modify group policy for the domain
-member: CN=Administrator,CN=Users,${BASEDN}
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Group Policy Creator Owners
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-520
-sAMAccountName: Group Policy Creator Owners
-sAMAccountType: 0x10000000
-groupType: 0x80000002
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-unixName: ${WHEEL}
-
-dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
-objectClass: top
-objectClass: group
-cn: RAS and IAS Servers
-description: Servers in this group can access remote access properties of users
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: RAS and IAS Servers
-objectGUID: ${NEWGUID}
-objectSid: ${DOMAINSID}-553
-sAMAccountName: RAS and IAS Servers
-sAMAccountType: 0x20000000
-groupType: 0x80000004
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-dn: CN=Server Operators,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Server Operators
-description: Members can administer domain servers
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Server Operators
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-549
-adminCount: 1
-sAMAccountName: Server Operators
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-privilege: SeBackupPrivilege
-privilege: SeSystemtimePrivilege
-privilege: SeRemoteShutdownPrivilege
-privilege: SeRestorePrivilege
-privilege: SeShutdownPrivilege
-privilege: SeInteractiveLogonRight
-
-dn: CN=Account Operators,CN=Builtin,${BASEDN}
-objectClass: top
-objectClass: group
-cn: Account Operators
-description: Members can administer domain user and group accounts
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-name: Account Operators
-objectGUID: ${NEWGUID}
-objectSid: S-1-5-32-548
-adminCount: 1
-sAMAccountName: Account Operators
-sAMAccountType: 0x20000000
-systemFlags: 0x8c000000
-groupType: 0x80000005
-objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-privilege: SeInteractiveLogonRight
-
-dn: CN=Templates,${BASEDN}
-objectClass: top
-objectClass: container
-cn: Templates
-description: Container for SAM account templates
-instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
-uSNCreated: 1
-uSNChanged: 1
-showInAdvancedViewOnly: TRUE
-name: Templates
-objectGUID: ${NEWGUID}
-systemFlags: 0x8c000000
-objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
-isCriticalSystemObject: TRUE
-
-###
-# note! the template users must not match normal searches. Be careful
-# with what classes you put them in
-###
-
-dn: CN=TemplateUser,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: person
-objectClass: organizationalPerson
-objectClass: Template
-objectClass: userTemplate
-cn: TemplateUser
-name: TemplateUser
-instanceType: 4
-userAccountControl: 0x202
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 0
-pwdLastSet: 0
-primaryGroupID: 513
-accountExpires: -1
-logonCount: 0
-sAMAccountType: 0x30000000
-
-dn: CN=TemplateMemberServer,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: Template
-objectClass: userTemplate
-cn: TemplateMemberServer
-name: TemplateMemberServer
-instanceType: 4
-userAccountControl: 0x1002
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 0
-pwdLastSet: 0
-primaryGroupID: 513
-accountExpires: -1
-logonCount: 0
-sAMAccountType: 0x30000001
-
-dn: CN=TemplateDomainController,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: Template
-objectClass: userTemplate
-cn: TemplateDomainController
-name: TemplateDomainController
-instanceType: 4
-userAccountControl: 0x2002
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 0
-pwdLastSet: 0
-primaryGroupID: 513
-accountExpires: -1
-logonCount: 0
-sAMAccountType: 0x30000001
-
-dn: CN=TemplateTrustingDomain,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: Template
-objectClass: userTemplate
-cn: TemplateTrustingDomain
-name: TemplateTrustingDomain
-instanceType: 4
-userAccountControl: 0x820
-badPwdCount: 0
-codePage: 0
-countryCode: 0
-badPasswordTime: 0
-lastLogoff: 0
-lastLogon: 0
-pwdLastSet: 0
-primaryGroupID: 513
-accountExpires: -1
-logonCount: 0
-sAMAccountType: 0x30000002
-
-dn: CN=TemplateGroup,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: Template
-objectClass: groupTemplate
-cn: TemplateGroup
-name: TemplateGroup
-instanceType: 4
-groupType: 0x80000002
-sAMAccountType: 0x10000000
-
-dn: CN=TemplateAlias,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: Template
-objectClass: aliasTemplate
-cn: TemplateAlias
-name: TemplateAlias
-instanceType: 4
-groupType: 0x80000004
-sAMAccountType: 0x10000000
-
-dn: CN=TemplateForeignSecurityPrincipal,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: Template
-objectClass: foreignSecurityPrincipalTemplate
-cn: TemplateForeignSecurityPrincipal
-name: TemplateForeignSecurityPrincipal
-
-dn: CN=TemplateSecret,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: leaf
-objectClass: Template
-objectClass: secretTemplate
-cn: TemplateSecret
-name: TemplateSecret
-instanceType: 4
-
-dn: CN=TemplateTrustedDomain,CN=Templates,${BASEDN}
-objectClass: top
-objectClass: leaf
-objectClass: Template
-objectClass: trustedDomainTemplate
-cn: TemplateTrustedDomain
-name: TemplateTrustedDomain
-instanceType: 4
-
 ###############################
 # Configuration Naming Context
 ###############################
@@ -1063,13 +181,9 @@ objectClass: top
 objectClass: configuration
 cn: Configuration
 instanceType: 13
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Configuration
-objectGUID: ${NEWGUID}
 objectCategory: CN=Configuration,CN=Schema,CN=Configuration,${BASEDN}
 subRefs: CN=Schema,CN=Configuration,${BASEDN}
 masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
@@ -1080,13 +194,9 @@ objectClass: top
 objectClass: crossRefContainer
 cn: Partitions
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Partitions
-objectGUID: ${NEWGUID}
 systemFlags: 0x80000000
 objectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,${BASEDN}
 msDS-Behavior-Version: 0
@@ -1097,13 +207,9 @@ objectClass: top
 objectClass: crossRef
 cn: Enterprise Configuration
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Enterprise Configuration
-objectGUID: ${NEWGUID}
 systemFlags: 0x00000001
 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
 nCName: CN=Configuration,${BASEDN}
@@ -1114,13 +220,9 @@ objectClass: top
 objectClass: crossRef
 cn: Enterprise Schema
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Enterprise Schema
-objectGUID: ${NEWGUID}
 systemFlags: 0x00000001
 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
 nCName: CN=Schema,CN=Configuration,${BASEDN}
@@ -1131,13 +233,9 @@ objectClass: top
 objectClass: crossRef
 cn: ${DOMAIN}
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: ${DOMAIN}
-objectGUID: ${NEWGUID}
 systemFlags: 0x00000003
 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
 nCName: ${BASEDN}
@@ -1149,28 +247,20 @@ objectClass: top
 objectClass: sitesContainer
 cn: Sites
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Sites
-objectGUID: ${NEWGUID}
 systemFlags: 0x82000000
 objectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,${BASEDN}
 
 dn: CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
 objectClass: top
 objectClass: site
-cn: Sites
+cn: ${DEFAULTSITE}
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Sites
-objectGUID: ${NEWGUID}
 systemFlags: 0x82000000
 objectCategory: CN=Site,CN=Schema,CN=Configuration,${BASEDN}
 
@@ -1179,13 +269,9 @@ objectClass: top
 objectClass: serversContainer
 cn: Servers
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Servers
-objectGUID: ${NEWGUID}
 systemFlags: 0x82000000
 objectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,${BASEDN}
 
@@ -1194,13 +280,9 @@ objectClass: top
 objectClass: server
 cn: ${NETBIOSNAME}
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: ${NETBIOSNAME}
-objectGUID: ${NEWGUID}
 systemFlags: 0x52000000
 objectCategory: CN=Server,CN=Schema,CN=Configuration,${BASEDN}
 dNSHostName: ${DNSNAME}
@@ -1212,12 +294,9 @@ objectClass: applicationSettings
 objectClass: nTDSDSA
 cn: NTDS Settings
 instanceType: 4
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: NTDS Settings
 systemFlags: 0x02000000
 objectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,${BASEDN}
 dMDLocation: CN=Schema,CN=Configuration,${BASEDN}
@@ -1225,6 +304,39 @@ objectGUID: ${INVOCATIONID}
 invocationId: ${INVOCATIONID}
 msDS-Behavior-Version: 2
 
+dn: CN=Services,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: container
+cn: Services
+instanceType: 4
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+systemFlags: 0x80000000
+objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
+
+dn: CN=Windows NT,CN=Services,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: container
+cn: Windows NT
+instanceType: 4
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
+
+dn: CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,${BASEDN}
+objectClass: top
+objectClass: nTDSService
+cn: Directory Service
+instanceType: 4
+uSNCreated: ${USN}
+uSNChanged: ${USN}
+showInAdvancedViewOnly: TRUE
+objectCategory: CN=NTDS-Service,CN=Schema,CN=Configuration,${BASEDN}
+sPNMappings: host=ldap,dns,cifs
+
+
 ###############################
 # Schema Naming Context
 ###############################
@@ -1233,13 +345,9 @@ objectClass: top
 objectClass: dMD
 cn: Schema
 instanceType: 13
-whenCreated: ${LDAPTIME}
-whenChanged: ${LDAPTIME}
 uSNCreated: ${USN}
 uSNChanged: ${USN}
 showInAdvancedViewOnly: TRUE
-name: Schema
-objectGUID: ${NEWGUID}
 objectCategory: CN=DMD,CN=Schema,CN=Configuration,${BASEDN}
 masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
 msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}