dn: ${DOMAINDN}
changetype: modify
-
+replace: auditingPolicy
+auditingPolicy: \ 1
+-
+replace: creationTime
+creationTime: ${CREATTIME}
+-
replace: forceLogoff
-forceLogoff: 9223372036854775808
+forceLogoff: -9223372036854775808
+-
+# "fSMORoleOwner" filled in later
+replace: gPLink
+gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0]
+-
+replace: isCriticalSystemObject
+isCriticalSystemObject: TRUE
-
replace: lockoutDuration
lockoutDuration: -18000000000
replace: lockoutThreshold
lockoutThreshold: 0
-
+# "masteredBy" filled in later
replace: maxPwdAge
maxPwdAge: -37108517437440
-
+# FIXME: This should be "-864000000000" when we fully comply with passwords pol.
replace: minPwdAge
minPwdAge: 0
-
replace: minPwdLength
minPwdLength: 7
-
+replace: modifiedCount
+modifiedCount: 1
+-
replace: modifiedCountAtLastProm
modifiedCountAtLastProm: 0
-
+replace: msDS-AllUsersTrustQuota
+msDS-AllUsersTrustQuota: 1000
+-
+replace: msDS-Behavior-Version
+msDS-Behavior-Version: ${DOMAIN_FUNCTIONALITY}
+-
+replace: ms-DS-MachineAccountQuota
+ms-DS-MachineAccountQuota: 10
+-
+# "msDs-masteredBy" filled in later
+replace: msDS-PerUserTrustQuota
+msDS-PerUserTrustQuota: 1
+-
+replace: msDS-PerUserTrustTombstonesQuota
+msDS-PerUserTrustTombstonesQuota: 10
+-
replace: nextRid
nextRid: 1000
-
+replace: nTMixedDomain
+nTMixedDomain: 0
+-
+replace: objectSid
+objectSid: ${DOMAINSID}
+-
+# This exists only in SAMBA
+replace: oEMInformation
+oEMInformation: Provisioned by SAMBA ${SAMBA_VERSION_STRING}
+-
replace: pwdProperties
pwdProperties: 1
-
replace: pwdHistoryLength
pwdHistoryLength: 24
-
-replace: objectSid
-objectSid: ${DOMAINSID}
--
-replace: oEMInformation
-oEMInformation: Provisioned by Samba4: ${LDAPTIME}
+replace: rIDManagerReference
+rIDManagerReference: CN=RID Manager$,CN=System,${DOMAINDN}
-
replace: serverState
serverState: 1
-
-replace: nTMixedDomain
-nTMixedDomain: 1
--
-replace: msDS-Behavior-Version
-msDS-Behavior-Version: 0
+replace: subRefs
+subRefs: ${CONFIGDN}
-
-replace: ridManagerReference
-ridManagerReference: CN=RID Manager$,CN=System,${DOMAINDN}
+replace: systemFlags
+systemFlags: -1946157056
-
replace: uASCompat
uASCompat: 1
-
-replace: modifiedCount
-modifiedCount: 1
--
-replace: objectCategory
-objectCategory: CN=Domain-DNS,${SCHEMADN}
--
-replace: fSMORoleOwner
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
--
-replace: isCriticalSystemObject
-isCriticalSystemObject: TRUE
--
-replace: subRefs
-subRefs: ${CONFIGDN}
-subRefs: ${SCHEMADN}
--
-replace: gPLink
-gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0]
+replace: wellKnownObjects
+wellKnownObjects: B:32:6227f0af1fc2410d8e3bb10615bb5b0f:CN=NTDS Quotas,${DOMAINDN}
+wellKnownObjects: B:32:f4be92a4c777485e878e9421d53087db:CN=Microsoft,CN=Program Data,${DOMAINDN}
+wellKnownObjects: B:32:09460c08ae1e4a4ea0f64aee7daa1e5a:CN=Program Data,${DOMAINDN}
+wellKnownObjects: B:32:22b70c67d56e4efb91e9300fca3dc1aa:CN=ForeignSecurityPrincipals,${DOMAINDN}
+wellKnownObjects: B:32:18e2ea80684f11d2b9aa00c04f79f805:CN=Deleted Objects,${DOMAINDN}
+wellKnownObjects: B:32:2fbac1870ade11d297c400c04fd8d5cd:CN=Infrastructure,${DOMAINDN}
+wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,${DOMAINDN}
+wellKnownObjects: B:32:ab1d30f3768811d1aded00c04fd8d5cd:CN=System,${DOMAINDN}
+wellKnownObjects: B:32:a361b2ffffd211d1aa4b00c04fd7d83a:OU=Domain Controllers,${DOMAINDN}
+wellKnownObjects: B:32:aa312825768811d1aded00c04fd8d5cd:CN=Computers,${DOMAINDN}
+wellKnownObjects: B:32:a9d1ca15768811d1aded00c04fd8d5cd:CN=Users,${DOMAINDN}
-
${DOMAINGUID_MOD}
git.samba.org / ira / wip.git / blobdiff