- This changes the attribute "forceLogoff" to its' default
values according to Windows Server 2003 R2
- Also this corrects the "subRefs" attribute of the base-DN which only refers
to direct child partitions (and therefore not to the complete transitive closure)
changetype: modify
-
replace: forceLogoff
-forceLogoff: 9223372036854775808
+forceLogoff: -9223372036854775808
-
replace: lockoutDuration
lockoutDuration: -18000000000
replace: fSMORoleOwner
fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
-
+replace: systemFlags
+systemFlags: -1946157056
+-
replace: isCriticalSystemObject
isCriticalSystemObject: TRUE
-
replace: subRefs
subRefs: ${CONFIGDN}
-subRefs: ${SCHEMADN}
-
replace: gPLink
gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0]