3 @IDXATTR: sAMAccountName
12 userPrincipalName: CASE_INSENSITIVE
13 servicePrincipalName: CASE_INSENSITIVE
14 dnsDomain: CASE_INSENSITIVE
15 dnsRoot: CASE_INSENSITIVE
18 name: CASE_INSENSITIVE
22 sAMAccountName: CASE_INSENSITIVE
23 sAMAccountName: WILDCARD
24 objectClass: CASE_INSENSITIVE
30 createTimestamp: HIDDEN
31 modifyTimestamp: HIDDEN
33 sAMAccountType: INTEGER
35 userAccountControl: INTEGER
43 person: organizationalPerson
44 organizationalPerson: user
46 template: userTemplate
47 template: groupTemplate
49 #Add modules to the list to activate them by default
50 #beware often order is important
52 @LIST: samldb,timestamps
54 ###############################
55 # Domain Naming Context
56 ###############################
60 objectClass: domainDNS
63 dnsDomain: ${DNSDOMAIN}
65 objectGUID: ${DOMAINGUID}
66 creationTime: ${NTTIME}
67 forceLogoff: 0x8000000000000000
68 lockoutDuration: -18000000000
69 lockOutObservationWindow: -18000000000
71 whenCreated: ${LDAPTIME}
72 whenChanged: ${LDAPTIME}
75 maxPwdAge: -37108517437440
78 modifiedCountAtLastProm: 0
82 objectSid: ${DOMAINSID}
85 msDS-Behavior-Version: 0
86 ridManagerReference: CN=RID Manager$,CN=System,${BASEDN}
89 objectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,${BASEDN}
90 isCriticalSystemObject: TRUE
91 subRefs: CN=Configuration,${BASEDN}
92 subRefs: CN=Schema,CN=Configuration,${BASEDN}
93 canonicalName: ${REALM}/
95 dn: CN=Users,${BASEDN}
97 objectClass: container
99 description: Default container for upgraded user accounts
101 whenCreated: ${LDAPTIME}
102 whenChanged: ${LDAPTIME}
105 showInAdvancedViewOnly: FALSE
107 objectGUID: ${NEWGUID}
108 systemFlags: 0x8c000000
109 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
110 isCriticalSystemObject: TRUE
112 dn: CN=Computers,${BASEDN}
114 objectClass: container
116 description: Default container for upgraded computer accounts
118 whenCreated: ${LDAPTIME}
119 whenChanged: ${LDAPTIME}
122 showInAdvancedViewOnly: FALSE
124 objectGUID: ${NEWGUID}
125 systemFlags: 0x8c000000
126 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
127 isCriticalSystemObject: TRUE
129 dn: OU=Domain Controllers,${BASEDN}
131 objectClass: organizationalUnit
132 ou: Domain Controllers
133 description: Default container for domain controllers
135 whenCreated: ${LDAPTIME}
136 whenChanged: ${LDAPTIME}
139 showInAdvancedViewOnly: FALSE
140 name: Domain Controllers
141 objectGUID: ${NEWGUID}
142 systemFlags: 0x8c000000
143 objectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,${BASEDN}
144 isCriticalSystemObject: TRUE
146 dn: CN=ForeignSecurityPrincipals,${BASEDN}
148 objectClass: container
149 cn: ForeignSecurityPrincipals
150 description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
152 whenCreated: ${LDAPTIME}
153 whenChanged: ${LDAPTIME}
156 showInAdvancedViewOnly: FALSE
157 name: ForeignSecurityPrincipals
158 objectGUID: ${NEWGUID}
159 systemFlags: 0x8c000000
160 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
161 isCriticalSystemObject: TRUE
163 dn: CN=System,${BASEDN}
165 objectClass: container
167 description: Builtin system settings
169 whenCreated: ${LDAPTIME}
170 whenChanged: ${LDAPTIME}
173 showInAdvancedViewOnly: TRUE
175 objectGUID: ${NEWGUID}
176 systemFlags: 0x8c000000
177 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
178 isCriticalSystemObject: TRUE
180 dn: CN=RID Manager$,CN=System,${BASEDN}
182 objectclass: rIDManager
185 whenCreated: ${LDAPTIME}
186 whenChanged: ${LDAPTIME}
189 showInAdvancedViewOnly: TRUE
191 objectGUID: ${NEWGUID}
192 systemFlags: 0x8c000000
193 objectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,${BASEDN}
194 isCriticalSystemObject: TRUE
195 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
196 rIDAvailablePool: 4611686014132423217
198 dn: CN=DomainUpdates,CN=System,${BASEDN}
200 objectClass: container
203 whenCreated: ${LDAPTIME}
204 whenChanged: ${LDAPTIME}
207 showInAdvancedViewOnly: TRUE
209 objectGUID: ${NEWGUID}
210 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
212 dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${BASEDN}
214 objectClass: container
215 cn: Windows2003Update
217 whenCreated: ${LDAPTIME}
218 whenChanged: ${LDAPTIME}
221 showInAdvancedViewOnly: TRUE
222 name: Windows2003Update
223 objectGUID: ${NEWGUID}
224 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
227 dn: CN=Infrastructure,${BASEDN}
229 objectclass: infrastructureUpdate
232 whenCreated: ${LDAPTIME}
233 whenChanged: ${LDAPTIME}
236 showInAdvancedViewOnly: TRUE
238 objectGUID: ${NEWGUID}
239 systemFlags: 0x8c000000
240 objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,${BASEDN}
241 isCriticalSystemObject: TRUE
242 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
244 dn: CN=Builtin,${BASEDN}
246 objectClass: builtinDomain
249 showInAdvancedViewOnly: FALSE
251 forceLogoff: 0x8000000000000000
252 lockoutDuration: -18000000000
253 lockOutObservationWindow: -18000000000
255 maxPwdAge: -37108517437440
258 modifiedCountAtLastProm: 0
266 objectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,${BASEDN}
267 isCriticalSystemObject: TRUE
269 dn: CN=Administrator,CN=Users,${BASEDN}
272 objectClass: organizationalPerson
275 description: Built-in account for administering the computer/domain
277 whenCreated: ${LDAPTIME}
278 whenChanged: ${LDAPTIME}
280 memberOf: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
281 memberOf: CN=Domain Admins,CN=Users,${BASEDN}
282 memberOf: CN=Enterprise Admins,CN=Users,${BASEDN}
283 memberOf: CN=Schema Admins,CN=Users,${BASEDN}
284 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
287 objectGUID: ${NEWGUID}
288 userAccountControl: 0x10200
297 objectSid: ${DOMAINSID}-500
301 sAMAccountName: Administrator
302 sAMAccountType: 0x30000000
303 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
304 isCriticalSystemObject: TRUE
305 unicodePwd: ${ADMINPASS}
308 dn: CN=Guest,CN=Users,${BASEDN}
311 objectClass: organizationalPerson
314 description: Built-in account for guest access to the computer/domain
316 whenCreated: ${LDAPTIME}
317 whenChanged: ${LDAPTIME}
319 memberOf: CN=Guests,CN=Builtin,${BASEDN}
322 objectGUID: ${NEWGUID}
323 userAccountControl: 0x10222
332 objectSid: ${DOMAINSID}-501
335 sAMAccountName: Guest
336 sAMAccountType: 0x30000000
337 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
338 isCriticalSystemObject: TRUE
340 dn: CN=Administrators,CN=Builtin,${BASEDN}
344 description: Administrators have complete and unrestricted access to the computer/domain
345 member: CN=Domain Admins,CN=Users,${BASEDN}
346 member: CN=Enterprise Admins,CN=Users,${BASEDN}
347 member: CN=Administrator,CN=Users,${BASEDN}
349 whenCreated: ${LDAPTIME}
350 whenChanged: ${LDAPTIME}
354 objectGUID: ${NEWGUID}
355 objectSid: S-1-5-32-544
357 sAMAccountName: Administrators
358 sAMAccountType: 0x20000000
359 systemFlags: 0x8c000000
360 groupType: 0x80000005
361 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
362 isCriticalSystemObject: TRUE
364 privilege: SeSecurityPrivilege
365 privilege: SeBackupPrivilege
366 privilege: SeRestorePrivilege
367 privilege: SeSystemtimePrivilege
368 privilege: SeShutdownPrivilege
369 privilege: SeRemoteShutdownPrivilege
370 privilege: SeTakeOwnershipPrivilege
371 privilege: SeDebugPrivilege
372 privilege: SeSystemEnvironmentPrivilege
373 privilege: SeSystemProfilePrivilege
374 privilege: SeProfileSingleProcessPrivilege
375 privilege: SeIncreaseBasePriorityPrivilege
376 privilege: SeLoadDriverPrivilege
377 privilege: SeCreatePagefilePrivilege
378 privilege: SeIncreaseQuotaPrivilege
379 privilege: SeChangeNotifyPrivilege
380 privilege: SeUndockPrivilege
381 privilege: SeManageVolumePrivilege
382 privilege: SeImpersonatePrivilege
383 privilege: SeCreateGlobalPrivilege
384 privilege: SeEnableDelegationPrivilege
385 privilege: SeInteractiveLogonRight
386 privilege: SeNetworkLogonRight
387 privilege: SeRemoteInteractiveLogonRight
390 dn: CN=Users,CN=Builtin,${BASEDN}
394 description: Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications
395 member: CN=Domain Users,CN=Users,${BASEDN}
397 whenCreated: ${LDAPTIME}
398 whenChanged: ${LDAPTIME}
402 objectGUID: ${NEWGUID}
403 objectSid: S-1-5-32-545
404 sAMAccountName: Users
405 sAMAccountType: 0x20000000
406 systemFlags: 0x8c000000
407 groupType: 0x80000005
408 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
409 isCriticalSystemObject: TRUE
411 dn: CN=Guests,CN=Builtin,${BASEDN}
415 description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
416 member: CN=Domain Guests,CN=Users,${BASEDN}
417 member: CN=Guest,CN=Users,${BASEDN}
419 whenCreated: ${LDAPTIME}
420 whenChanged: ${LDAPTIME}
424 objectGUID: ${NEWGUID}
425 objectSid: S-1-5-32-546
426 sAMAccountName: Guests
427 sAMAccountType: 0x20000000
428 systemFlags: 0x8c000000
429 groupType: 0x80000005
430 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
431 isCriticalSystemObject: TRUE
434 dn: CN=Print Operators,CN=Builtin,${BASEDN}
438 description: Members can administer domain printers
440 whenCreated: ${LDAPTIME}
441 whenChanged: ${LDAPTIME}
444 name: Print Operators
445 objectGUID: ${NEWGUID}
446 objectSid: S-1-5-32-550
448 sAMAccountName: Print Operators
449 sAMAccountType: 0x20000000
450 systemFlags: 0x8c000000
451 groupType: 0x80000005
452 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
453 isCriticalSystemObject: TRUE
454 privilege: SeLoadDriverPrivilege
455 privilege: SeShutdownPrivilege
456 privilege: SeInteractiveLogonRight
458 dn: CN=Backup Operators,CN=Builtin,${BASEDN}
462 description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
464 whenCreated: ${LDAPTIME}
465 whenChanged: ${LDAPTIME}
468 name: Backup Operators
469 objectGUID: ${NEWGUID}
470 objectSid: S-1-5-32-551
472 sAMAccountName: Backup Operators
473 sAMAccountType: 0x20000000
474 systemFlags: 0x8c000000
475 groupType: 0x80000005
476 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
477 isCriticalSystemObject: TRUE
478 privilege: SeBackupPrivilege
479 privilege: SeRestorePrivilege
480 privilege: SeShutdownPrivilege
481 privilege: SeInteractiveLogonRight
483 dn: CN=Replicator,CN=Builtin,${BASEDN}
487 description: Supports file replication in a domain
489 whenCreated: ${LDAPTIME}
490 whenChanged: ${LDAPTIME}
494 objectGUID: ${NEWGUID}
495 objectSid: S-1-5-32-552
497 sAMAccountName: Replicator
498 sAMAccountType: 0x20000000
499 systemFlags: 0x8c000000
500 groupType: 0x80000005
501 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
502 isCriticalSystemObject: TRUE
504 dn: CN=Remote Desktop Users,CN=Builtin,${BASEDN}
507 cn: Remote Desktop Users
508 description: Members in this group are granted the right to logon remotely
510 whenCreated: ${LDAPTIME}
511 whenChanged: ${LDAPTIME}
514 name: Remote Desktop Users
515 objectGUID: ${NEWGUID}
516 objectSid: S-1-5-32-555
517 sAMAccountName: Remote Desktop Users
518 sAMAccountType: 0x20000000
519 systemFlags: 0x8c000000
520 groupType: 0x80000005
521 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
522 isCriticalSystemObject: TRUE
524 dn: CN=Network Configuration Operators,CN=Builtin,${BASEDN}
527 cn: Network Configuration Operators
528 description: Members in this group can have some administrative privileges to manage configuration of networking features
530 whenCreated: ${LDAPTIME}
531 whenChanged: ${LDAPTIME}
534 name: Network Configuration Operators
535 objectGUID: ${NEWGUID}
536 objectSid: S-1-5-32-556
537 sAMAccountName: Network Configuration Operators
538 sAMAccountType: 0x20000000
539 systemFlags: 0x8c000000
540 groupType: 0x80000005
541 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
542 isCriticalSystemObject: TRUE
544 dn: CN=Performance Monitor Users,CN=Builtin,${BASEDN}
547 cn: Performance Monitor Users
548 description: Members of this group have remote access to monitor this computer
550 whenCreated: ${LDAPTIME}
551 whenChanged: ${LDAPTIME}
554 name: Performance Monitor Users
555 objectGUID: ${NEWGUID}
556 objectSid: S-1-5-32-558
557 sAMAccountName: Performance Monitor Users
558 sAMAccountType: 0x20000000
559 systemFlags: 0x8c000000
560 groupType: 0x80000005
561 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
562 isCriticalSystemObject: TRUE
564 dn: CN=Performance Log Users,CN=Builtin,${BASEDN}
567 cn: Performance Log Users
568 description: Members of this group have remote access to schedule logging of performance counters on this computer
570 whenCreated: ${LDAPTIME}
571 whenChanged: ${LDAPTIME}
574 name: Performance Log Users
575 objectGUID: ${NEWGUID}
576 objectSid: S-1-5-32-559
577 sAMAccountName: Performance Log Users
578 sAMAccountType: 0x20000000
579 systemFlags: 0x8c000000
580 groupType: 0x80000005
581 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
582 isCriticalSystemObject: TRUE
584 dn: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
587 objectClass: organizationalPerson
589 objectClass: computer
592 whenCreated: ${LDAPTIME}
593 whenChanged: ${LDAPTIME}
597 objectGUID: ${HOSTGUID}
598 userAccountControl: 532480
604 lastLogon: 127273269057298624
606 pwdLastSet: 127258826171655328
608 objectSid: ${DOMAINSID}-1000
609 accountExpires: 9223372036854775807
611 sAMAccountName: ${NETBIOSNAME}$
612 sAMAccountType: 805306369
613 operatingSystem: Samba
614 operatingSystemVersion: 4.0
615 dNSHostName: ${DNSNAME}
616 objectCategory: CN=Computer,CN=Schema,CN=Configuration,${BASEDN}
617 isCriticalSystemObject: TRUE
618 unicodePwd: ${MACHINEPASS}
619 servicePrincipalName: HOST/${DNSNAME}
620 servicePrincipalName: HOST/${NETBIOSNAME}
621 msDS-KeyVersionNumber: 1
623 dn: CN=krbtgt,CN=Users,${BASEDN}
626 objectClass: organizationalPerson
629 description: Key Distribution Center Service Account
631 whenCreated: ${LDAPTIME}
632 whenChanged: ${LDAPTIME}
635 showInAdvancedViewOnly: TRUE
637 objectGUID: ${NEWGUID}
638 userAccountControl: 514
645 pwdLastSet: 127258826179466560
647 objectSid: ${DOMAINSID}-502
649 accountExpires: 9223372036854775807
651 sAMAccountName: krbtgt
652 sAMAccountType: 805306368
653 servicePrincipalName: kadmin/changepw
654 objectCategory: CN=Person,CN=Schema,CN=Configuration,${BASEDN}
655 isCriticalSystemObject: TRUE
656 unicodePwd: ${KRBTGTPASS}
658 dn: CN=Domain Computers,CN=Users,${BASEDN}
662 description: All workstations and servers joined to the domain
664 whenCreated: ${LDAPTIME}
665 whenChanged: ${LDAPTIME}
668 name: Domain Computers
669 objectGUID: ${NEWGUID}
670 objectSid: ${DOMAINSID}-515
671 sAMAccountName: Domain Computers
672 sAMAccountType: 0x10000000
673 groupType: 0x80000002
674 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
675 isCriticalSystemObject: TRUE
677 dn: CN=Domain Controllers,CN=Users,${BASEDN}
680 cn: Domain Controllers
681 description: All domain controllers in the domain
683 whenCreated: ${LDAPTIME}
684 whenChanged: ${LDAPTIME}
687 name: Domain Controllers
688 objectGUID: ${NEWGUID}
689 objectSid: ${DOMAINSID}-516
691 sAMAccountName: Domain Controllers
692 sAMAccountType: 0x10000000
693 groupType: 0x80000002
694 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
695 isCriticalSystemObject: TRUE
697 dn: CN=Schema Admins,CN=Users,${BASEDN}
701 description: Designated administrators of the schema
702 member: CN=Administrator,CN=Users,${BASEDN}
704 whenCreated: ${LDAPTIME}
705 whenChanged: ${LDAPTIME}
709 objectGUID: ${NEWGUID}
710 objectSid: ${DOMAINSID}-518
712 sAMAccountName: Schema Admins
713 sAMAccountType: 0x10000000
714 groupType: 0x80000002
715 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
716 isCriticalSystemObject: TRUE
719 dn: CN=Enterprise Admins,CN=Users,${BASEDN}
722 cn: Enterprise Admins
723 description: Designated administrators of the enterprise
724 member: CN=Administrator,CN=Users,${BASEDN}
726 whenCreated: ${LDAPTIME}
727 whenChanged: ${LDAPTIME}
729 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
731 name: Enterprise Admins
732 objectGUID: ${NEWGUID}
733 objectSid: ${DOMAINSID}-519
735 sAMAccountName: Enterprise Admins
736 sAMAccountType: 0x10000000
737 groupType: 0x80000002
738 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
739 isCriticalSystemObject: TRUE
742 dn: CN=Cert Publishers,CN=Users,${BASEDN}
746 description: Members of this group are permitted to publish certificates to the Active Directory
748 whenCreated: ${LDAPTIME}
749 whenChanged: ${LDAPTIME}
752 name: Cert Publishers
753 objectGUID: ${NEWGUID}
754 objectSid: ${DOMAINSID}-517
755 sAMAccountName: Cert Publishers
756 sAMAccountType: 0x20000000
757 groupType: 0x80000004
758 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
759 isCriticalSystemObject: TRUE
761 dn: CN=Domain Admins,CN=Users,${BASEDN}
765 description: Designated administrators of the domain
766 member: CN=Administrator,CN=Users,${BASEDN}
768 whenCreated: ${LDAPTIME}
769 whenChanged: ${LDAPTIME}
771 memberOf: CN=Administrators,CN=Builtin,${BASEDN}
774 objectGUID: ${NEWGUID}
775 objectSid: ${DOMAINSID}-512
777 sAMAccountName: Domain Admins
778 sAMAccountType: 0x10000000
779 groupType: 0x80000002
780 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
781 isCriticalSystemObject: TRUE
784 dn: CN=Domain Users,CN=Users,${BASEDN}
788 description: All domain users
790 whenCreated: ${LDAPTIME}
791 whenChanged: ${LDAPTIME}
793 memberOf: CN=Users,CN=Builtin,${BASEDN}
796 objectGUID: ${NEWGUID}
797 objectSid: ${DOMAINSID}-513
798 sAMAccountName: Domain Users
799 sAMAccountType: 0x10000000
800 groupType: 0x80000002
801 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
802 isCriticalSystemObject: TRUE
805 dn: CN=Domain Guests,CN=Users,${BASEDN}
809 description: All domain guests
811 whenCreated: ${LDAPTIME}
812 whenChanged: ${LDAPTIME}
814 memberOf: CN=Guests,CN=Builtin,${BASEDN}
817 objectGUID: ${NEWGUID}
818 objectSid: ${DOMAINSID}-514
819 sAMAccountName: Domain Guests
820 sAMAccountType: 0x10000000
821 groupType: 0x80000002
822 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
823 isCriticalSystemObject: TRUE
825 dn: CN=Group Policy Creator Owners,CN=Users,${BASEDN}
828 cn: Group Policy Creator Owners
829 description: Members in this group can modify group policy for the domain
830 member: CN=Administrator,CN=Users,${BASEDN}
832 whenCreated: ${LDAPTIME}
833 whenChanged: ${LDAPTIME}
836 name: Group Policy Creator Owners
837 objectGUID: ${NEWGUID}
838 objectSid: ${DOMAINSID}-520
839 sAMAccountName: Group Policy Creator Owners
840 sAMAccountType: 0x10000000
841 groupType: 0x80000002
842 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
843 isCriticalSystemObject: TRUE
846 dn: CN=RAS and IAS Servers,CN=Users,${BASEDN}
849 cn: RAS and IAS Servers
850 description: Servers in this group can access remote access properties of users
852 whenCreated: ${LDAPTIME}
853 whenChanged: ${LDAPTIME}
856 name: RAS and IAS Servers
857 objectGUID: ${NEWGUID}
858 objectSid: ${DOMAINSID}-553
859 sAMAccountName: RAS and IAS Servers
860 sAMAccountType: 0x20000000
861 groupType: 0x80000004
862 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
863 isCriticalSystemObject: TRUE
865 dn: CN=Server Operators,CN=Builtin,${BASEDN}
869 description: Members can administer domain servers
871 whenCreated: ${LDAPTIME}
872 whenChanged: ${LDAPTIME}
875 name: Server Operators
876 objectGUID: ${NEWGUID}
877 objectSid: S-1-5-32-549
879 sAMAccountName: Server Operators
880 sAMAccountType: 0x20000000
881 systemFlags: 0x8c000000
882 groupType: 0x80000005
883 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
884 isCriticalSystemObject: TRUE
885 privilege: SeBackupPrivilege
886 privilege: SeSystemtimePrivilege
887 privilege: SeRemoteShutdownPrivilege
888 privilege: SeRestorePrivilege
889 privilege: SeShutdownPrivilege
890 privilege: SeInteractiveLogonRight
892 dn: CN=Account Operators,CN=Builtin,${BASEDN}
895 cn: Account Operators
896 description: Members can administer domain user and group accounts
898 whenCreated: ${LDAPTIME}
899 whenChanged: ${LDAPTIME}
902 name: Account Operators
903 objectGUID: ${NEWGUID}
904 objectSid: S-1-5-32-548
906 sAMAccountName: Account Operators
907 sAMAccountType: 0x20000000
908 systemFlags: 0x8c000000
909 groupType: 0x80000005
910 objectCategory: CN=Group,CN=Schema,CN=Configuration,${BASEDN}
911 isCriticalSystemObject: TRUE
912 privilege: SeInteractiveLogonRight
914 dn: CN=Templates,${BASEDN}
916 objectClass: container
918 description: Container for SAM account templates
920 whenCreated: ${LDAPTIME}
921 whenChanged: ${LDAPTIME}
924 showInAdvancedViewOnly: TRUE
926 objectGUID: ${NEWGUID}
927 systemFlags: 0x8c000000
928 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
929 isCriticalSystemObject: TRUE
932 # note! the template users must not match normal searches. Be careful
933 # with what classes you put them in
936 dn: CN=TemplateUser,CN=Templates,${BASEDN}
939 objectClass: organizationalPerson
940 objectClass: Template
941 objectClass: userTemplate
945 userAccountControl: 0x202
956 sAMAccountType: 0x30000000
958 dn: CN=TemplateMemberServer,CN=Templates,${BASEDN}
960 objectClass: Template
961 objectClass: userTemplate
962 cn: TemplateMemberServer
963 name: TemplateMemberServer
965 userAccountControl: 0x1002
976 sAMAccountType: 0x30000001
978 dn: CN=TemplateDomainController,CN=Templates,${BASEDN}
980 objectClass: Template
981 objectClass: userTemplate
982 cn: TemplateDomainController
983 name: TemplateDomainController
985 userAccountControl: 0x2002
996 sAMAccountType: 0x30000001
998 dn: CN=TemplateTrustingDomain,CN=Templates,${BASEDN}
1000 objectClass: Template
1001 objectClass: userTemplate
1002 cn: TemplateTrustingDomain
1003 name: TemplateTrustingDomain
1005 userAccountControl: 0x820
1016 sAMAccountType: 0x30000002
1018 dn: CN=TemplateGroup,CN=Templates,${BASEDN}
1020 objectClass: Template
1021 objectClass: groupTemplate
1025 groupType: 0x80000002
1026 sAMAccountType: 0x10000000
1028 dn: CN=TemplateAlias,CN=Templates,${BASEDN}
1030 objectClass: Template
1031 objectClass: aliasTemplate
1035 groupType: 0x80000004
1036 sAMAccountType: 0x10000000
1038 dn: CN=TemplateForeignSecurityPrincipal,CN=Templates,${BASEDN}
1040 objectClass: Template
1041 objectClass: foreignSecurityPrincipalTemplate
1042 cn: TemplateForeignSecurityPrincipal
1043 name: TemplateForeignSecurityPrincipal
1045 dn: CN=TemplateSecret,CN=Templates,${BASEDN}
1048 objectClass: Template
1049 objectClass: secretTemplate
1051 name: TemplateSecret
1054 dn: CN=TemplateTrustedDomain,CN=Templates,${BASEDN}
1057 objectClass: Template
1058 objectClass: trustedDomainTemplate
1059 cn: TemplateTrustedDomain
1060 name: TemplateTrustedDomain
1063 ###############################
1064 # Configuration Naming Context
1065 ###############################
1066 dn: CN=Configuration,${BASEDN}
1068 objectClass: configuration
1071 whenCreated: ${LDAPTIME}
1072 whenChanged: ${LDAPTIME}
1075 showInAdvancedViewOnly: TRUE
1077 objectGUID: ${NEWGUID}
1078 objectCategory: CN=Configuration,CN=Schema,CN=Configuration,${BASEDN}
1079 subRefs: CN=Schema,CN=Configuration,${BASEDN}
1080 masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1081 msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1083 dn: CN=Partitions,CN=Configuration,${BASEDN}
1085 objectClass: crossRefContainer
1088 whenCreated: ${LDAPTIME}
1089 whenChanged: ${LDAPTIME}
1092 showInAdvancedViewOnly: TRUE
1094 objectGUID: ${NEWGUID}
1095 systemFlags: 0x80000000
1096 objectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,${BASEDN}
1097 msDS-Behavior-Version: 0
1098 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1100 dn: CN=Enterprise Configuration,CN=Partitions,CN=Configuration,${BASEDN}
1102 objectClass: crossRef
1103 cn: Enterprise Configuration
1105 whenCreated: ${LDAPTIME}
1106 whenChanged: ${LDAPTIME}
1109 showInAdvancedViewOnly: TRUE
1110 name: Enterprise Configuration
1111 objectGUID: ${NEWGUID}
1112 systemFlags: 0x00000001
1113 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
1114 nCName: CN=Configuration,${BASEDN}
1115 dnsRoot: ${DNSDOMAIN}
1117 dn: CN=Enterprise Schema,CN=Partitions,CN=Configuration,${BASEDN}
1119 objectClass: crossRef
1120 cn: Enterprise Schema
1122 whenCreated: ${LDAPTIME}
1123 whenChanged: ${LDAPTIME}
1126 showInAdvancedViewOnly: TRUE
1127 name: Enterprise Schema
1128 objectGUID: ${NEWGUID}
1129 systemFlags: 0x00000001
1130 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
1131 nCName: CN=Schema,CN=Configuration,${BASEDN}
1132 dnsRoot: ${DNSDOMAIN}
1134 dn: CN=${DOMAIN},CN=Partitions,CN=Configuration,${BASEDN}
1136 objectClass: crossRef
1139 whenCreated: ${LDAPTIME}
1140 whenChanged: ${LDAPTIME}
1143 showInAdvancedViewOnly: TRUE
1145 objectGUID: ${NEWGUID}
1146 systemFlags: 0x00000003
1147 objectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,${BASEDN}
1149 nETBIOSName: ${DOMAIN}
1150 dnsRoot: ${DNSDOMAIN}
1152 dn: CN=Sites,CN=Configuration,${BASEDN}
1154 objectClass: sitesContainer
1157 whenCreated: ${LDAPTIME}
1158 whenChanged: ${LDAPTIME}
1161 showInAdvancedViewOnly: TRUE
1163 objectGUID: ${NEWGUID}
1164 systemFlags: 0x82000000
1165 objectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,${BASEDN}
1167 dn: CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1172 whenCreated: ${LDAPTIME}
1173 whenChanged: ${LDAPTIME}
1176 showInAdvancedViewOnly: TRUE
1178 objectGUID: ${NEWGUID}
1179 systemFlags: 0x82000000
1180 objectCategory: CN=Site,CN=Schema,CN=Configuration,${BASEDN}
1182 dn: CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1184 objectClass: serversContainer
1187 whenCreated: ${LDAPTIME}
1188 whenChanged: ${LDAPTIME}
1191 showInAdvancedViewOnly: TRUE
1193 objectGUID: ${NEWGUID}
1194 systemFlags: 0x82000000
1195 objectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,${BASEDN}
1197 dn: CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1202 whenCreated: ${LDAPTIME}
1203 whenChanged: ${LDAPTIME}
1206 showInAdvancedViewOnly: TRUE
1207 name: ${NETBIOSNAME}
1208 objectGUID: ${NEWGUID}
1209 systemFlags: 0x52000000
1210 objectCategory: CN=Server,CN=Schema,CN=Configuration,${BASEDN}
1211 dNSHostName: ${DNSNAME}
1212 serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${BASEDN}
1214 dn: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1216 objectClass: applicationSettings
1217 objectClass: nTDSDSA
1220 whenCreated: ${LDAPTIME}
1221 whenChanged: ${LDAPTIME}
1224 showInAdvancedViewOnly: TRUE
1226 systemFlags: 0x02000000
1227 objectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,${BASEDN}
1228 dMDLocation: CN=Schema,CN=Configuration,${BASEDN}
1229 objectGUID: ${INVOCATIONID}
1230 invocationId: ${INVOCATIONID}
1231 msDS-Behavior-Version: 2
1233 dn: CN=Services,CN=Configuration,${BASEDN}
1235 objectClass: container
1238 whenCreated: ${LDAPTIME}
1239 whenChanged: ${LDAPTIME}
1242 showInAdvancedViewOnly: TRUE
1244 systemFlags: 0x80000000
1245 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
1246 objectGUID: ${NEWGUID}
1248 dn: CN=Windows NT,CN=Services,CN=Configuration,${BASEDN}
1250 objectClass: container
1253 whenCreated: ${LDAPTIME}
1254 whenChanged: ${LDAPTIME}
1257 showInAdvancedViewOnly: TRUE
1259 objectCategory: CN=Container,CN=Schema,CN=Configuration,${BASEDN}
1260 objectGUID: ${NEWGUID}
1262 dn: CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,${BASEDN}
1264 objectClass: nTDSService
1265 cn: Directory Service
1267 whenCreated: ${LDAPTIME}
1268 whenChanged: ${LDAPTIME}
1271 showInAdvancedViewOnly: TRUE
1272 name: Directory Service
1273 objectCategory: CN=NTDS-Service,CN=Schema,CN=Configuration,${BASEDN}
1274 objectGUID: ${NEWGUID}
1275 sPNMappings: host=ldap,dns,cifs
1278 ###############################
1279 # Schema Naming Context
1280 ###############################
1281 dn: CN=Schema,CN=Configuration,${BASEDN}
1286 whenCreated: ${LDAPTIME}
1287 whenChanged: ${LDAPTIME}
1290 showInAdvancedViewOnly: TRUE
1292 objectGUID: ${NEWGUID}
1293 objectCategory: CN=DMD,CN=Schema,CN=Configuration,${BASEDN}
1294 masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1295 msDs-masteredBy: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}
1296 fSMORoleOwner: CN=NTDS Settings,CN=${NETBIOSNAME},CN=Servers,CN=${DEFAULTSITE},CN=Sites,CN=Configuration,${BASEDN}