s4:provision - Some rework (continuation)
[ira/wip.git] / source4 / setup / provision_self_join.ldif
1 # Accounts for selfjoin (joins DC to itself)
2
3 # Object under "Domain Controllers"
4 dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
5 objectClass: top
6 objectClass: person
7 objectClass: organizationalPerson
8 objectClass: user
9 objectClass: computer
10 accountExpires: 9223372036854775807
11 dNSHostName: ${DNSNAME}
12 # "frsComputerReferenceBL" doesn't exist since we still miss FRS support
13 isCriticalSystemObject: TRUE
14 localPolicyFlags: 0
15 operatingSystem: Samba
16 operatingSystemVersion: ${SAMBA_VERSION_STRING}
17 primaryGroupID: 516
18 # "rIDSetReferences" doesn't exist since we still miss distributed RIDs
19 sAMAccountName: ${NETBIOSNAME}$
20 # "servicePrincipalName" for FRS doesn't exit since we still miss FRS support
21 # "servicePrincipalName"s for DNS ("ldap/../ForestDnsZones",
22 # "ldap/../DomainDnsZones", "DNS/..") don't exist since we don't support AD DNS
23 servicePrincipalName: GC/${DNSNAME}/${REALM}
24 servicePrincipalName: HOST/${DNSNAME}/${DOMAIN}
25 servicePrincipalName: HOST/${NETBIOSNAME}
26 servicePrincipalName: HOST/${DNSNAME}
27 servicePrincipalName: HOST/${DNSNAME}/${REALM}
28 # "servicePrincipalName"s with GUIDs are located in
29 # "provision_self_join_modify.ldif"
30 servicePrincipalName: ldap/${DNSNAME}/${DOMAIN}
31 servicePrincipalName: ldap/${NETBIOSNAME}
32 servicePrincipalName: ldap/${DNSNAME}
33 servicePrincipalName: ldap/${DNSNAME}/${REALM}
34 userAccountControl: 532480
35 userPassword:: ${MACHINEPASS_B64}
36
37 # Here are missing the objects for the NTFRS subscription and the RID set since
38 # we don't support those techniques (FRS, distributed RIDs) yet.
39
40 # Objects under "Configuration/Sites/<Default sitename>/Servers"
41
42 dn: ${SERVERDN}
43 objectClass: top
44 objectClass: server
45 systemFlags: 1375731712
46 dNSHostName: ${DNSNAME}
47 serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
48
49 dn: CN=NTDS Settings,${SERVERDN}
50 objectClass: top
51 objectClass: applicationSettings
52 objectClass: nTDSDSA
53 dMDLocation: ${SCHEMADN}
54 hasMasterNCs: ${CONFIGDN}
55 hasMasterNCs: ${SCHEMADN}
56 hasMasterNCs: ${DOMAINDN}
57 invocationId: ${INVOCATIONID}
58 msDS-Behavior-Version: ${DOMAIN_CONTROLLER_FUNCTIONALITY}
59 msDS-HasDomainNCs: ${DOMAINDN}
60 # "msDS-HasInstantiatedNCs"s for DNS don't exist since we don't support AD DNS
61 msDS-HasInstantiatedNCs: B:8:0000000D:${CONFIGDN}
62 msDS-HasInstantiatedNCs: B:8:0000000D:${SCHEMADN}
63 msDS-HasInstantiatedNCs: B:8:00000005:${DOMAINDN}
64 # "msDS-hasMasterNCs"s for DNS don't exist since we don't support AD DNS
65 msDS-hasMasterNCs: ${CONFIGDN}
66 msDS-hasMasterNCs: ${SCHEMADN}
67 msDS-hasMasterNCs: ${DOMAINDN}
68 options: 1
69 systemFlags: 33554432
70
71 # Provides an account for DNS keytab export
72 dn: CN=dns,CN=Users,${DOMAINDN}
73 objectClass: top
74 objectClass: person
75 objectClass: organizationalPerson
76 objectClass: user
77 description: DNS Service Account
78 userAccountControl: 514
79 accountExpires: 9223372036854775807
80 sAMAccountName: dns
81 servicePrincipalName: DNS/${DNSDOMAIN}
82 userPassword:: ${DNSPASS_B64}
83 isCriticalSystemObject: TRUE