s4:provision_users.ldif - Fix memberships regarding the denied password RODC replicat...
[ira/wip.git] / source4 / setup / provision_users.ldif
index 1fc0936560f8046de82e1139c01515cbb3a35b69..934fc0538e702b5a069f8dcfc19bc6b9ee9a3722 100644 (file)
@@ -165,6 +165,14 @@ dn: CN=Denied RODC Password Replication Group,CN=Users,${DOMAINDN}
 objectClass: top
 objectClass: group
 description: Members in this group cannot have their passwords replicated to any read-only domain controllers in the domain.
+member: CN=Read-Only Domain Controllers,CN=Users,${DOMAINDN}
+member: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN}
+member: CN=Domain Admins,CN=Users,${DOMAINDN}
+member: CN=Cert Publishers,CN=Users,${DOMAINDN}
+member: CN=Enterprise Admins,CN=Users,${DOMAINDN}
+member: CN=Schema Admins,CN=Users,${DOMAINDN}
+member: CN=Domain Controllers,CN=Users,${DOMAINDN}
+member: CN=krbtgt,CN=Users,${DOMAINDN}
 objectSid: ${DOMAINSID}-572
 sAMAccountName: Denied RODC Password Replication Group
 groupType: -2147483644