3 @IDXATTR: sAMAccountName
6 @IDXATTR: objectCategory
15 userPrincipalName: CASE_INSENSITIVE
16 servicePrincipalName: CASE_INSENSITIVE
17 dnsDomain: CASE_INSENSITIVE
18 dnsRoot: CASE_INSENSITIVE
19 nETBIOSName: CASE_INSENSITIVE
22 name: CASE_INSENSITIVE
24 sAMAccountName: CASE_INSENSITIVE
25 objectClass: CASE_INSENSITIVE
29 sambaNTPwdHistory: HIDDEN
31 sambaLMPwdHistory: HIDDEN
32 createTimestamp: HIDDEN
33 modifyTimestamp: HIDDEN
35 sAMAccountType: INTEGER
37 userAccountControl: INTEGER
45 person: organizationalPerson
46 organizationalPerson: user
48 template: userTemplate
49 template: groupTemplate
52 passwordAttribute: sambaPassword
53 passwordAttribute: ntPwdHash
54 passwordAttribute: sambaNTPwdHistory
55 passwordAttribute: lmPwdHash
56 passwordAttribute: sambaLMPwdHistory
57 passwordAttribute: krb5key
59 # the rootDSE module looks in this record for its base data
61 subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,${BASEDN}
62 dsServiceName: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,${BASEDN}
63 defaultNamingContext: ${BASEDN}
64 rootDomainNamingContext: ${BASEDN}
65 configurationNamingContext: CN=Configuration,${BASEDN}
66 schemaNamingContext: CN=Schema,CN=Configuration,${BASEDN}
67 supportedLDAPVersion: 3
68 dnsHostName: ${DNSNAME}
69 ldapServiceName: ${DNSDOMAIN}:${NETBIOSNAME}$@${REALM}
70 serverName: CN=${NETBIOSNAME},CN=Servers,CN=Default-First-Site,CN=Sites,CN=Configuration,${BASEDN}
71 domainFunctionality: 0
72 forestFunctionality: 0
73 domainControllerFunctionality: 2
75 vendorName: Samba Team (http://samba.org)
76 vendorVersion: ${VERSION}
80 objectClass: container
82 description: Container for SAM account templates
84 showInAdvancedViewOnly: TRUE
85 systemFlags: 2348810240
86 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
87 isCriticalSystemObject: TRUE
90 # note! the template users must not match normal searches. Be careful
91 # with what classes you put them in
94 dn: CN=TemplateUser,CN=Templates
97 objectClass: organizationalPerson
99 objectClass: userTemplate
102 userAccountControl: 514
113 sAMAccountType: 805306368
114 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
116 dn: CN=TemplateComputer,CN=Templates
119 objectClass: organizationalPerson
120 objectClass: Template
121 objectClass: userTemplate
124 userAccountControl: 4098
135 sAMAccountType: 805306369
136 objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
138 dn: CN=TemplateTrustingDomain,CN=Templates
140 objectClass: Template
141 objectClass: userTemplate
142 cn: TemplateTrustingDomain
144 userAccountControl: 2080
154 sAMAccountType: 805306370
156 dn: CN=TemplateGroup,CN=Templates
158 objectClass: Template
159 objectClass: groupTemplate
162 groupType: -2147483646
163 sAMAccountType: 268435456
164 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
166 # Currently this isn't used, we don't have a way to detect it different from an incoming alias
168 # dn: CN=TemplateAlias,CN=Templates
170 # objectClass: Template
171 # objectClass: aliasTemplate
174 # groupType: -2147483644
175 # sAMAccountType: 268435456
177 dn: CN=TemplateForeignSecurityPrincipal,CN=Templates
179 objectClass: Template
180 objectClass: foreignSecurityPrincipalTemplate
181 cn: TemplateForeignSecurityPrincipal
183 showInAdvancedViewOnly: TRUE
184 objectCategory: CN=Foreign-Security-Principal,CN=Schema,CN=Configuration,${BASEDN}
186 dn: CN=TemplateSecret,CN=Templates
189 objectClass: Template
190 objectClass: secretTemplate
194 dn: CN=TemplateTrustedDomain,CN=Templates
197 objectClass: Template
198 objectClass: trustedDomainTemplate
199 cn: TemplateTrustedDomain