r8660: Use templates for the initial provision of user and computer accounts.
[kai/samba.git] / source / setup / provision.ldif
1 ###############################
2 # Domain Naming Context
3 ###############################
4 dn: ${BASEDN}
5 objectClass: top
6 objectClass: domain
7 objectClass: domainDNS
8 name: ${DOMAIN}
9 flatname: ${DOMAIN}
10 dnsDomain: ${DNSDOMAIN}
11 dc: ${DOMAIN}
12 objectGUID: ${DOMAINGUID}
13 creationTime: ${NTTIME}
14 forceLogoff: 0x8000000000000000
15 lockoutDuration: -18000000000
16 lockOutObservationWindow: -18000000000
17 lockoutThreshold: 0
18 uSNCreated: 1
19 uSNChanged: 1
20 maxPwdAge: -37108517437440
21 minPwdAge: 0
22 minPwdLength: 7
23 modifiedCountAtLastProm: 0
24 nextRid: 1001
25 pwdProperties: 1
26 pwdHistoryLength: 24
27 objectSid: ${DOMAINSID}
28 serverState: 1
29 nTMixedDomain: 1
30 msDS-Behavior-Version: 0
31 ridManagerReference: CN=RID Manager$,CN=System,${BASEDN}
32 uASCompat: 1
33 modifiedCount: 1
34 objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN}
35 isCriticalSystemObject: TRUE
36 subRefs: CN=Configuration,${BASEDN}
37 subRefs: CN=Schema,CN=Configuration,${BASEDN}
38 canonicalName: ${REALM}/
39
40 dn: CN=Users,${BASEDN}
41 objectClass: top
42 objectClass: container
43 cn: Users
44 description: Default container for upgraded user accounts
45 instanceType: 4
46 uSNCreated: 1
47 uSNChanged: 1
48 showInAdvancedViewOnly: FALSE
49 name: Users
50 systemFlags: 0x8c000000
51 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
52 isCriticalSystemObject: TRUE
53
54 dn: CN=Computers,${BASEDN}
55 objectClass: top
56 objectClass: container
57 cn: Computers
58 description: Default container for upgraded computer accounts
59 instanceType: 4
60 uSNCreated: 1
61 uSNChanged: 1
62 showInAdvancedViewOnly: FALSE
63 name: Computers
64 systemFlags: 0x8c000000
65 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
66 isCriticalSystemObject: TRUE
67
68 dn: OU=Domain Controllers,${BASEDN}
69 objectClass: top
70 objectClass: organizationalUnit
71 ou: Domain Controllers
72 description: Default container for domain controllers
73 instanceType: 4
74 uSNCreated: 1
75 uSNChanged: 1
76 showInAdvancedViewOnly: FALSE
77 name: Domain Controllers
78 systemFlags: 0x8c000000
79 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN}
80 isCriticalSystemObject: TRUE
81
82 dn: CN=ForeignSecurityPrincipals,${BASEDN}
83 objectClass: top
84 objectClass: container
85 cn: ForeignSecurityPrincipals
86 description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
87 instanceType: 4
88 uSNCreated: 1
89 uSNChanged: 1
90 showInAdvancedViewOnly: FALSE
91 name: ForeignSecurityPrincipals
92 systemFlags: 0x8c000000
93 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
94 isCriticalSystemObject: TRUE
95
96 dn: CN=System,${BASEDN}
97 objectClass: top
98 objectClass: container
99 cn: System
100 description: Builtin system settings
101 instanceType: 4
102 uSNCreated: 1
103 uSNChanged: 1
104 showInAdvancedViewOnly: TRUE
105 name: System
106 systemFlags: 0x8c000000
107 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
108 isCriticalSystemObject: TRUE
109
110 dn: CN=RID Manager$,CN=System,${BASEDN}
111 objectclass: top
112 objectclass: rIDManager
113 cn: RID Manager$
114 instanceType: 4
115 uSNCreated: 1
116 uSNChanged: 1
117 showInAdvancedViewOnly: TRUE
118 name: RID Manager$
119 systemFlags: 0x8c000000
120 objectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,${BASEDN}
121 isCriticalSystemObject: TRUE
122 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
123 rIDAvailablePool: 4611686014132423217
124
125 dn: CN=DomainUpdates,CN=System,${BASEDN}
126 objectClass: top
127 objectClass: container
128 cn: DomainUpdates
129 instanceType: 4
130 uSNCreated: 1
131 uSNChanged: 1
132 showInAdvancedViewOnly: TRUE
133 name: DomainUpdates
134 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
135
136 dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN}
137 objectClass: top
138 objectClass: container
139 cn: Windows2003Update
140 instanceType: 4
141 uSNCreated: 1
142 uSNChanged: 1
143 showInAdvancedViewOnly: TRUE
144 name: Windows2003Update
145 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
146 revision: 8
147
148 dn: CN=Infrastructure,${BASEDN}
149 objectclass: top
150 objectclass: infrastructureUpdate
151 cn: Infrastructure
152 instanceType: 4
153 uSNCreated: 1
154 uSNChanged: 1
155 showInAdvancedViewOnly: TRUE
156 name: Infrastructure
157 systemFlags: 0x8c000000
158 objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,${BASEDN}
159 isCriticalSystemObject: TRUE
160 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
161
162 dn: CN=Builtin,${BASEDN}
163 objectClass: top
164 objectClass: builtinDomain
165 cn: Builtin
166 instanceType: 4
167 showInAdvancedViewOnly: FALSE
168 name: Builtin
169 forceLogoff: 0x8000000000000000
170 lockoutDuration: -18000000000
171 lockOutObservationWindow: -18000000000
172 lockoutThreshold: 0
173 maxPwdAge: -37108517437440
174 minPwdAge: 0
175 minPwdLength: 0
176 modifiedCountAtLastProm: 0
177 nextRid: 1000
178 pwdProperties: 0
179 pwdHistoryLength: 0
180 objectSid: S-1-5-32
181 serverState: 1
182 uASCompat: 1
183 modifiedCount: 1
184 objectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,${BASEDN}
185 isCriticalSystemObject: TRUE
186
187 dn: CN=Administrator,CN=Users,${BASEDN}
188 objectClass: top
189 objectClass: person
190 objectClass: organizationalPerson
191 objectClass: user
192 cn: Administrator
193 description: Built-in account for administering the computer/domain
194 uSNCreated: 1
195 memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
196 memberOf: CN=Domain Admins,CN=Users,${BASEDN}
197 memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
198 memberOf: CN=Schema Admins,CN=Users,${BASEDN}
199 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
200 uSNChanged: 1
201 name: Administrator
202 userAccountControl: 0x10200
203 objectSid: ${DOMAINSID}-500
204 adminCount: 1
205 accountExpires: -1
206 sAMAccountName: Administrator
207 isCriticalSystemObject: TRUE
208 unicodePwd: ${ADMINPASS}
209 unixName: ${ROOT}
210
211 dn: CN=Guest,CN=Users,${BASEDN}
212 objectClass: top
213 objectClass: person
214 objectClass: organizationalPerson
215 objectClass: user
216 cn: Guest
217 description: Built-in account for guest access to the computer/domain
218 uSNCreated: 1
219 memberOf: CN=Guests,CN=Builtin,${BASEDN}
220 uSNChanged: 1
221 name: Guest
222 userAccountControl: 0x10222
223 primaryGroupID: 514
224 objectSid: ${DOMAINSID}-501
225 sAMAccountName: Guest
226 isCriticalSystemObject: TRUE
227
228 dn: CN=Administrators,CN=Builtin,${BASEDN}
229 objectClass: top
230 objectClass: group
231 cn: Administrators
232 description: Administrators have complete and unrestricted access to the computer/domain
233 member: CN=Domain Admins,CN=Users,${BASEDN}
234 member: CN=Enterprise Admins,CN=Users,${BASEDN}
235 member: CN=Administrator,CN=Users,${BASEDN}
236 uSNCreated: 1
237 uSNChanged: 1
238 name: Administrators
239 objectSid: S-1-5-32-544
240 adminCount: 1
241 sAMAccountName: Administrators
242 sAMAccountType: 0x20000000
243 systemFlags: 0x8c000000
244 groupType: 0x80000005
245 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
246 isCriticalSystemObject: TRUE
247 unixName: ${WHEEL}
248 privilege: SeSecurityPrivilege
249 privilege: SeBackupPrivilege
250 privilege: SeRestorePrivilege
251 privilege: SeSystemtimePrivilege
252 privilege: SeShutdownPrivilege
253 privilege: SeRemoteShutdownPrivilege
254 privilege: SeTakeOwnershipPrivilege
255 privilege: SeDebugPrivilege
256 privilege: SeSystemEnvironmentPrivilege
257 privilege: SeSystemProfilePrivilege
258 privilege: SeProfileSingleProcessPrivilege
259 privilege: SeIncreaseBasePriorityPrivilege
260 privilege: SeLoadDriverPrivilege
261 privilege: SeCreatePagefilePrivilege
262 privilege: SeIncreaseQuotaPrivilege
263 privilege: SeChangeNotifyPrivilege
264 privilege: SeUndockPrivilege
265 privilege: SeManageVolumePrivilege
266 privilege: SeImpersonatePrivilege
267 privilege: SeCreateGlobalPrivilege
268 privilege: SeEnableDelegationPrivilege
269 privilege: SeInteractiveLogonRight
270 privilege: SeNetworkLogonRight
271 privilege: SeRemoteInteractiveLogonRight
272
273
274 dn: CN=Users,CN=Builtin,${BASEDN}
275 objectClass: top
276 objectClass: group
277 cn: Users
278 description: Users are prevented from making accidental or intentional system-wide changes.  Thus, Users can run certified applications, but not most legacy applications
279 member: CN=Domain Users,CN=Users,${BASEDN}
280 uSNCreated: 1
281 uSNChanged: 1
282 name: Users
283 objectSid: S-1-5-32-545
284 sAMAccountName: Users
285 sAMAccountType: 0x20000000
286 systemFlags: 0x8c000000
287 groupType: 0x80000005
288 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
289 isCriticalSystemObject: TRUE
290
291 dn: CN=Guests,CN=Builtin,${BASEDN}
292 objectClass: top
293 objectClass: group
294 cn: Guests
295 description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
296 member: CN=Domain Guests,CN=Users,${BASEDN}
297 member: CN=Guest,CN=Users,${BASEDN}
298 uSNCreated: 1
299 uSNChanged: 1
300 name: Guests
301 objectSid: S-1-5-32-546
302 sAMAccountName: Guests
303 sAMAccountType: 0x20000000
304 systemFlags: 0x8c000000
305 groupType: 0x80000005
306 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
307 isCriticalSystemObject: TRUE
308 unixName: ${NOGROUP}
309
310 dn: CN=Print Operators,CN=Builtin,${BASEDN}
311 objectClass: top
312 objectClass: group
313 cn: Print Operators
314 description: Members can administer domain printers
315 uSNCreated: 1
316 uSNChanged: 1
317 name: Print Operators
318 objectSid: S-1-5-32-550
319 adminCount: 1
320 sAMAccountName: Print Operators
321 sAMAccountType: 0x20000000
322 systemFlags: 0x8c000000
323 groupType: 0x80000005
324 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
325 isCriticalSystemObject: TRUE
326 privilege: SeLoadDriverPrivilege
327 privilege: SeShutdownPrivilege
328 privilege: SeInteractiveLogonRight
329
330 dn: CN=Backup Operators,CN=Builtin,${BASEDN}
331 objectClass: top
332 objectClass: group
333 cn: Backup Operators
334 description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
335 uSNCreated: 1
336 uSNChanged: 1
337 name: Backup Operators
338 objectSid: S-1-5-32-551
339 adminCount: 1
340 sAMAccountName: Backup Operators
341 sAMAccountType: 0x20000000
342 systemFlags: 0x8c000000
343 groupType: 0x80000005
344 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
345 isCriticalSystemObject: TRUE
346 privilege: SeBackupPrivilege
347 privilege: SeRestorePrivilege
348 privilege: SeShutdownPrivilege
349 privilege: SeInteractiveLogonRight
350
351 dn: CN=Replicator,CN=Builtin,${BASEDN}
352 objectClass: top
353 objectClass: group
354 cn: Replicator
355 description: Supports file replication in a domain
356 uSNCreated: 1
357 uSNChanged: 1
358 name: Replicator
359 objectSid: S-1-5-32-552
360 adminCount: 1
361 sAMAccountName: Replicator
362 sAMAccountType: 0x20000000
363 systemFlags: 0x8c000000
364 groupType: 0x80000005
365 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
366 isCriticalSystemObject: TRUE
367
368 dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN}
369 objectClass: top
370 objectClass: group
371 cn: Remote Desktop Users
372 description: Members in this group are granted the right to logon remotely
373 uSNCreated: 1
374 uSNChanged: 1
375 name: Remote Desktop Users
376 objectSid: S-1-5-32-555
377 sAMAccountName: Remote Desktop Users
378 sAMAccountType: 0x20000000
379 systemFlags: 0x8c000000
380 groupType: 0x80000005
381 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
382 isCriticalSystemObject: TRUE
383
384 dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN}
385 objectClass: top
386 objectClass: group
387 cn: Network Configuration Operators
388 description: Members in this group can have some administrative privileges to manage configuration of networking features
389 uSNCreated: 1
390 uSNChanged: 1
391 name: Network Configuration Operators
392 objectSid: S-1-5-32-556
393 sAMAccountName: Network Configuration Operators
394 sAMAccountType: 0x20000000
395 systemFlags: 0x8c000000
396 groupType: 0x80000005
397 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
398 isCriticalSystemObject: TRUE
399
400 dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN}
401 objectClass: top
402 objectClass: group
403 cn: Performance Monitor Users
404 description: Members of this group have remote access to monitor this computer
405 uSNCreated: 1
406 uSNChanged: 1
407 name: Performance Monitor Users
408 objectSid: S-1-5-32-558
409 sAMAccountName: Performance Monitor Users
410 sAMAccountType: 0x20000000
411 systemFlags: 0x8c000000
412 groupType: 0x80000005
413 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
414 isCriticalSystemObject: TRUE
415
416 dn: CN=Performance Log Users,CN=Builtin,${BASEDN}
417 objectClass: top
418 objectClass: group
419 cn: Performance Log Users
420 description: Members of this group have remote access to schedule logging of performance counters on this computer
421 uSNCreated: 1
422 uSNChanged: 1
423 name: Performance Log Users
424 objectSid: S-1-5-32-559
425 sAMAccountName: Performance Log Users
426 sAMAccountType: 0x20000000
427 systemFlags: 0x8c000000
428 groupType: 0x80000005
429 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
430 isCriticalSystemObject: TRUE
431
432 dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
433 objectClass: top
434 objectClass: person
435 objectClass: organizationalPerson
436 objectClass: computer
437 cn: ${NETBIOSNAME}
438 uSNCreated: 1
439 uSNChanged: 1
440 name: ${NETBIOSNAME}
441 objectGUID: ${HOSTGUID}
442 userAccountControl: 532480
443 lastLogon: 127273269057298624
444 localPolicyFlags: 0
445 pwdLastSet: 127258826171655328
446 primaryGroupID: 516
447 objectSid: ${DOMAINSID}-1000
448 accountExpires: 9223372036854775807
449 sAMAccountName: ${NETBIOSNAME}$
450 sAMAccountType: 805306369
451 operatingSystem: Samba
452 operatingSystemVersion: 4.0
453 dNSHostName: ${DNSNAME}
454 isCriticalSystemObject: TRUE
455 unicodePwd: ${MACHINEPASS}
456 servicePrincipalName: HOST/${DNSNAME}
457 servicePrincipalName: HOST/${NETBIOSNAME}
458 msDS-KeyVersionNumber: 1
459
460 dn: CN=krbtgt,CN=Users,${BASEDN}
461 objectClass: top
462 objectClass: person
463 objectClass: organizationalPerson
464 objectClass: user
465 cn: krbtgt
466 description: Key Distribution Center Service Account
467 uSNCreated: 1
468 uSNChanged: 1
469 showInAdvancedViewOnly: TRUE
470 name: krbtgt
471 userAccountControl: 514
472 pwdLastSet: 127258826179466560
473 objectSid: ${DOMAINSID}-502
474 adminCount: 1
475 accountExpires: 9223372036854775807
476 sAMAccountName: krbtgt
477 sAMAccountType: 805306368
478 servicePrincipalName: kadmin/changepw
479 isCriticalSystemObject: TRUE
480 unicodePwd: ${KRBTGTPASS}
481
482 dn: CN=Domain Computers,CN=Users,${BASEDN}
483 objectClass: top
484 objectClass: group
485 cn: Domain Computers
486 description: All workstations and servers joined to the domain
487 uSNCreated: 1
488 uSNChanged: 1
489 name: Domain Computers
490 objectSid: ${DOMAINSID}-515
491 sAMAccountName: Domain Computers
492 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
493 isCriticalSystemObject: TRUE
494
495 dn: CN=Domain Controllers,CN=Users,${BASEDN}
496 objectClass: top
497 objectClass: group
498 cn: Domain Controllers
499 description: All domain controllers in the domain
500 uSNCreated: 1
501 uSNChanged: 1
502 name: Domain Controllers
503 objectSid: ${DOMAINSID}-516
504 adminCount: 1
505 sAMAccountName: Domain Controllers
506 isCriticalSystemObject: TRUE
507
508 dn: CN=Schema Admins,CN=Users,${BASEDN}
509 objectClass: top
510 objectClass: group
511 cn: Schema Admins
512 description: Designated administrators of the schema
513 member: CN=Administrator,CN=Users,${BASEDN}
514 uSNCreated: 1
515 uSNChanged: 1
516 name: Schema Admins
517 objectSid: ${DOMAINSID}-518
518 adminCount: 1
519 sAMAccountName: Schema Admins
520 isCriticalSystemObject: TRUE
521 unixName: ${WHEEL}
522
523 dn: CN=Enterprise Admins,CN=Users,${BASEDN}
524 objectClass: top
525 objectClass: group
526 cn: Enterprise Admins
527 description: Designated administrators of the enterprise
528 member: CN=Administrator,CN=Users,${BASEDN}
529 uSNCreated: 1
530 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
531 uSNChanged: 1
532 name: Enterprise Admins
533 objectSid: ${DOMAINSID}-519
534 adminCount: 1
535 sAMAccountName: Enterprise Admins
536 isCriticalSystemObject: TRUE
537 unixName: ${WHEEL}
538
539 dn: CN=Cert Publishers,CN=Users,${BASEDN}
540 objectClass: top
541 objectClass: group
542 cn: Cert Publishers
543 description: Members of this group are permitted to publish certificates to the Active Directory
544 uSNCreated: 1
545 uSNChanged: 1
546 name: Cert Publishers
547 objectSid: ${DOMAINSID}-517
548 sAMAccountName: Cert Publishers
549 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
550 isCriticalSystemObject: TRUE
551
552 dn: CN=Domain Admins,CN=Users,${BASEDN}
553 objectClass: top
554 objectClass: group
555 cn: Domain Admins
556 description: Designated administrators of the domain
557 member: CN=Administrator,CN=Users,${BASEDN}
558 uSNCreated: 1
559 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
560 uSNChanged: 1
561 name: Domain Admins
562 objectSid: ${DOMAINSID}-512
563 adminCount: 1
564 sAMAccountName: Domain Admins
565 isCriticalSystemObject: TRUE
566 unixName: ${WHEEL}
567
568 dn: CN=Domain Users,CN=Users,${BASEDN}
569 objectClass: top
570 objectClass: group
571 cn: Domain Users
572 description: All domain users
573 uSNCreated: 1
574 memberOf: CN=Users,CN=Builtin,${BASEDN}
575 uSNChanged: 1
576 name: Domain Users
577 objectSid: ${DOMAINSID}-513
578 sAMAccountName: Domain Users
579 isCriticalSystemObject: TRUE
580 unixName: ${USERS}
581
582 dn: CN=Domain Guests,CN=Users,${BASEDN}
583 objectClass: top
584 objectClass: group
585 cn: Domain Guests
586 description: All domain guests
587 uSNCreated: 1
588 memberOf: CN=Guests,CN=Builtin,${BASEDN}
589 uSNChanged: 1
590 name: Domain Guests
591 objectSid: ${DOMAINSID}-514
592 sAMAccountName: Domain Guests
593 isCriticalSystemObject: TRUE
594
595 dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
596 objectClass: top
597 objectClass: group
598 cn: Group Policy Creator Owners
599 description: Members in this group can modify group policy for the domain
600 member: CN=Administrator,CN=Users,${BASEDN}
601 uSNCreated: 1
602 uSNChanged: 1
603 name: Group Policy Creator Owners
604 objectSid: ${DOMAINSID}-520
605 sAMAccountName: Group Policy Creator Owners
606 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
607 isCriticalSystemObject: TRUE
608 unixName: ${WHEEL}
609
610 dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
611 objectClass: top
612 objectClass: group
613 cn: RAS and IAS Servers
614 description: Servers in this group can access remote access properties of users
615 instanceType: 4
616 uSNCreated: 1
617 uSNChanged: 1
618 name: RAS and IAS Servers
619 objectSid: ${DOMAINSID}-553
620 sAMAccountName: RAS and IAS Servers
621 sAMAccountType: 0x20000000
622 groupType: 0x80000004
623 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
624 isCriticalSystemObject: TRUE
625
626 dn: CN=Server Operators,CN=Builtin,${BASEDN}
627 objectClass: top
628 objectClass: group
629 cn: Server Operators
630 description: Members can administer domain servers
631 instanceType: 4
632 uSNCreated: 1
633 uSNChanged: 1
634 name: Server Operators
635 objectSid: S-1-5-32-549
636 adminCount: 1
637 sAMAccountName: Server Operators
638 sAMAccountType: 0x20000000
639 systemFlags: 0x8c000000
640 groupType: 0x80000005
641 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
642 isCriticalSystemObject: TRUE
643 privilege: SeBackupPrivilege
644 privilege: SeSystemtimePrivilege
645 privilege: SeRemoteShutdownPrivilege
646 privilege: SeRestorePrivilege
647 privilege: SeShutdownPrivilege
648 privilege: SeInteractiveLogonRight
649
650 dn: CN=Account Operators,CN=Builtin,${BASEDN}
651 objectClass: top
652 objectClass: group
653 cn: Account Operators
654 description: Members can administer domain user and group accounts
655 instanceType: 4
656 uSNCreated: 1
657 uSNChanged: 1
658 name: Account Operators
659 objectSid: S-1-5-32-548
660 adminCount: 1
661 sAMAccountName: Account Operators
662 sAMAccountType: 0x20000000
663 systemFlags: 0x8c000000
664 groupType: 0x80000005
665 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
666 isCriticalSystemObject: TRUE
667 privilege: SeInteractiveLogonRight
668
669 ###############################
670 # Configuration Naming Context
671 ###############################
672 dn: CN=Configuration,${BASEDN}
673 objectClass: top
674 objectClass: configuration
675 cn: Configuration
676 instanceType: 13
677 uSNCreated: ${USN}
678 uSNChanged: ${USN}
679 showInAdvancedViewOnly: TRUE
680 name: Configuration
681 objectCategory: CN=Configuration,CN=Schema,CN=Configuration,${BASEDN}
682 subRefs: CN=Schema,CN=Configuration,${BASEDN}
683 masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
684 msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
685
686 dn: CN=Partitions,CN=Configuration,${BASEDN}
687 objectClass: top
688 objectClass: crossRefContainer
689 cn: Partitions
690 instanceType: 4
691 uSNCreated: ${USN}
692 uSNChanged: ${USN}
693 showInAdvancedViewOnly: TRUE
694 name: Partitions
695 systemFlags: 0x80000000
696 objectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,${BASEDN}
697 msDS-Behavior-Version: 0
698 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
699
700 dn: CN=Enterprise Configuration,CN=Partitions,CN=Configuration,${BASEDN}
701 objectClass: top
702 objectClass: crossRef
703 cn: Enterprise Configuration
704 instanceType: 4
705 uSNCreated: ${USN}
706 uSNChanged: ${USN}
707 showInAdvancedViewOnly: TRUE
708 name: Enterprise Configuration
709 systemFlags: 0x00000001
710 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
711 nCName: CN=Configuration,${BASEDN}
712 dnsRoot: ${DNSDOMAIN}
713
714 dn: CN=Enterprise Schema,CN=Partitions,CN=Configuration,${BASEDN}
715 objectClass: top
716 objectClass: crossRef
717 cn: Enterprise Schema
718 instanceType: 4
719 uSNCreated: ${USN}
720 uSNChanged: ${USN}
721 showInAdvancedViewOnly: TRUE
722 name: Enterprise Schema
723 systemFlags: 0x00000001
724 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
725 nCName: CN=Schema,CN=Configuration,${BASEDN}
726 dnsRoot: ${DNSDOMAIN}
727
728 dn: CN=${DOMAIN},CN=Partitions,CN=Configuration,${BASEDN}
729 objectClass: top
730 objectClass: crossRef
731 cn: ${DOMAIN}
732 instanceType: 4
733 uSNCreated: ${USN}
734 uSNChanged: ${USN}
735 showInAdvancedViewOnly: TRUE
736 name: ${DOMAIN}
737 systemFlags: 0x00000003
738 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
739 nCName: ${BASEDN}
740 nETBIOSName: ${DOMAIN}
741 dnsRoot: ${DNSDOMAIN}
742
743 dn: CN=Sites,CN=Configuration,${BASEDN}
744 objectClass: top
745 objectClass: sitesContainer
746 cn: Sites
747 instanceType: 4
748 uSNCreated: ${USN}
749 uSNChanged: ${USN}
750 showInAdvancedViewOnly: TRUE
751 name: Sites
752 systemFlags: 0x82000000
753 objectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,${BASEDN}
754
755 dn: CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
756 objectClass: top
757 objectClass: site
758 cn: Sites
759 instanceType: 4
760 uSNCreated: ${USN}
761 uSNChanged: ${USN}
762 showInAdvancedViewOnly: TRUE
763 name: Sites
764 systemFlags: 0x82000000
765 objectCategory: CN=Site,CN=Schema,CN=Configuration,${BASEDN}
766
767 dn: CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
768 objectClass: top
769 objectClass: serversContainer
770 cn: Servers
771 instanceType: 4
772 uSNCreated: ${USN}
773 uSNChanged: ${USN}
774 showInAdvancedViewOnly: TRUE
775 name: Servers
776 systemFlags: 0x82000000
777 objectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,${BASEDN}
778
779 dn: CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
780 objectClass: top
781 objectClass: server
782 cn: ${NETBIOSNAME}
783 instanceType: 4
784 uSNCreated: ${USN}
785 uSNChanged: ${USN}
786 showInAdvancedViewOnly: TRUE
787 name: ${NETBIOSNAME}
788 systemFlags: 0x52000000
789 objectCategory: CN=Server,CN=Schema,CN=Configuration,${BASEDN}
790 dNSHostName: ${DNSNAME}
791 serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
792
793 dn: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
794 objectClass: top
795 objectClass: applicationSettings
796 objectClass: nTDSDSA
797 cn: NTDS Settings
798 instanceType: 4
799 uSNCreated: ${USN}
800 uSNChanged: ${USN}
801 showInAdvancedViewOnly: TRUE
802 name: NTDS Settings
803 systemFlags: 0x02000000
804 objectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,${BASEDN}
805 dMDLocation: CN=Schema,CN=Configuration,${BASEDN}
806 objectGUID: ${INVOCATIONID}
807 invocationId: ${INVOCATIONID}
808 msDS-Behavior-Version: 2
809
810 dn: CN=Services,CN=Configuration,${BASEDN}
811 objectClass: top
812 objectClass: container
813 cn: Services
814 instanceType: 4
815 uSNCreated: ${USN}
816 uSNChanged: ${USN}
817 showInAdvancedViewOnly: TRUE
818 name: Services
819 systemFlags: 0x80000000
820 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
821
822 dn: CN=Windows NT,CN=Services,CN=Configuration,${BASEDN}
823 objectClass: top
824 objectClass: container
825 cn: Windows NT
826 instanceType: 4
827 uSNCreated: ${USN}
828 uSNChanged: ${USN}
829 showInAdvancedViewOnly: TRUE
830 name: Windows NT
831 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
832
833 dn: CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,${BASEDN}
834 objectClass: top
835 objectClass: nTDSService
836 cn: Directory Service
837 instanceType: 4
838 uSNCreated: ${USN}
839 uSNChanged: ${USN}
840 showInAdvancedViewOnly: TRUE
841 name: Directory Service
842 objectCategory: CN=NTDS-Service,CN=Schema,CN=Configuration,${BASEDN}
843 sPNMappings: host=ldap,dns,cifs
844
845
846 ###############################
847 # Schema Naming Context
848 ###############################
849 dn: CN=Schema,CN=Configuration,${BASEDN}
850 objectClass: top
851 objectClass: dMD
852 cn: Schema
853 instanceType: 13
854 uSNCreated: ${USN}
855 uSNChanged: ${USN}
856 showInAdvancedViewOnly: TRUE
857 name: Schema
858 objectCategory: CN=DMD,CN=Schema,CN=Configuration,${BASEDN}
859 masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
860 msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
861 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
862 objectVersion: 30