source4/setup/provision_dns_add.ldif

   1 dn: CN=DnsAdmins,CN=Users,${DOMAINDN}
   2 objectClass: group
   3 description: DNS Administrators Group
   4 sAMAccountName: DnsAdmins
   5 groupType: -2147483644
   6
   7 dn: CN=DnsUpdateProxy,CN=Users,${DOMAINDN}
   8 objectClass: group
   9 description: DNS clients who are permitted to perform dynamic updates on behal
  10  f of some other clients (such as DHCP servers).
  11 sAMAccountName: DnsUpdateProxy
  12 groupType: -2147483646
  13
  14 dn: CN=MicrosoftDNS,CN=System,${DOMAINDN}
  15 objectClass: container
  16 displayName: DNS Servers
  17
  18 dn: DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  19 objectClass: dnsZone
  20
  21 dn: DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  22 objectClass: dnsNode
  23 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBagxyb290LXNlcnZlcnMDbmV0AA==
  24 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBZAxyb290LXNlcnZlcnMDbmV0AA==
  25 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBYgxyb290LXNlcnZlcnMDbmV0AA==
  26 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBYQxyb290LXNlcnZlcnMDbmV0AA==
  27 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBaQxyb290LXNlcnZlcnMDbmV0AA==
  28 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBbAxyb290LXNlcnZlcnMDbmV0AA==
  29 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBbQxyb290LXNlcnZlcnMDbmV0AA==
  30 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBZwxyb290LXNlcnZlcnMDbmV0AA==
  31 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBZQxyb290LXNlcnZlcnMDbmV0AA==
  32 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBawxyb290LXNlcnZlcnMDbmV0AA==
  33 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBZgxyb290LXNlcnZlcnMDbmV0AA==
  34 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBYwxyb290LXNlcnZlcnMDbmV0AA==
  35 dnsRecord:: FgACAAUIAAAAAAAAAAAAAAAAAAAAAAAAFAMBaAxyb290LXNlcnZlcnMDbmV0AA==
  36
  37 dn: DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  38 objectClass: dnsNode
  39 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAgD8CNQ==
  40
  41 dn: DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  42 objectClass: dnsNode
  43 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwCEEDA==
  44
  45 dn: DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  46 objectClass: dnsNode
  47 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwAUF8Q==
  48
  49 dn: DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  50 objectClass: dnsNode
  51 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwQAOgQ==
  52
  53 dn: DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  54 objectClass: dnsNode
  55 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwMvmCg==
  56
  57 dn: DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  58 objectClass: dnsNode
  59 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwHAkBA==
  60
  61 dn: DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  62 objectClass: dnsNode
  63 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAygwbIQ==
  64
  65 dn: DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  66 objectClass: dnsNode
  67 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAxwdTKg==
  68
  69 dn: DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  70 objectClass: dnsNode
  71 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwCSUEQ==
  72
  73 dn: DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  74 objectClass: dnsNode
  75 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAxikABA==
  76
  77 dn: DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  78 objectClass: dnsNode
  79 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwORPyQ==
  80
  81 dn: DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  82 objectClass: dnsNode
  83 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAgAgKWg==
  84
  85 dn: DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,${DOMAINDN}
  86 objectClass: dnsNode
  87 dnsRecord:: BAABAAUIAAAAAAAAAAAAAAAAAAAAAAAAwDqAHg==
  88
  89
  90 # NOTE: This account is SAMBA4 specific!
  91 # we have it to avoid the need for the bind daemon to
  92 # have access to the whole secrets.keytab for the domain,
  93 # otherwise bind could impersonate any user
  94 dn: CN=dns-${HOSTNAME},CN=Users,${DOMAINDN}
  95 objectClass: top
  96 objectClass: person
  97 objectClass: organizationalPerson
  98 objectClass: user
  99 description: DNS Service Account for ${HOSTNAME}
 100 userAccountControl: 514
 101 accountExpires: 9223372036854775807
 102 sAMAccountName: dns-${HOSTNAME}
 103 servicePrincipalName: DNS/${DNSNAME}
 104 servicePrincipalName: DNS/${DNSDOMAIN}
 105 clearTextPassword:: ${DNSPASS_B64}
 106 isCriticalSystemObject: TRUE
 107