mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
provision: fix nTSecurityDescriptor of CN={LostAndFound,System},${DOMAINDN} (bug #9481)
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
4775f9ab34
commit
1de5c2f785
@ -1344,6 +1344,8 @@ def fill_samdb(samdb, lp, names, logger, domainsid, domainguid, policyguid,
|
||||
"DOMAINDN": names.domaindn})
|
||||
logger.info("Setting up sam.ldb data")
|
||||
infrastructure_desc = b64encode(get_domain_infrastructure_descriptor(domainsid))
|
||||
lostandfound_desc = b64encode(get_domain_delete_protected2_descriptor(domainsid))
|
||||
system_desc = b64encode(get_domain_delete_protected1_descriptor(domainsid))
|
||||
builtin_desc = b64encode(get_domain_builtin_descriptor(domainsid))
|
||||
controllers_desc = b64encode(get_domain_controllers_descriptor(domainsid))
|
||||
setup_add_ldif(samdb, setup_path("provision.ldif"), {
|
||||
@ -1356,6 +1358,8 @@ def fill_samdb(samdb, lp, names, logger, domainsid, domainguid, policyguid,
|
||||
"RIDAVAILABLESTART": str(next_rid + 600),
|
||||
"POLICYGUID_DC": policyguid_dc,
|
||||
"INFRASTRUCTURE_DESCRIPTOR": infrastructure_desc,
|
||||
"LOSTANDFOUND_DESCRIPTOR": lostandfound_desc,
|
||||
"SYSTEM_DESCRIPTOR": system_desc,
|
||||
"BUILTIN_DESCRIPTOR": builtin_desc,
|
||||
"DOMAIN_CONTROLLERS_DESCRIPTOR": controllers_desc,
|
||||
})
|
||||
|
@ -73,6 +73,7 @@ objectClass: lostAndFound
|
||||
description: Default container for orphaned objects
|
||||
systemFlags: -1946157056
|
||||
isCriticalSystemObject: TRUE
|
||||
nTSecurityDescriptor:: ${LOSTANDFOUND_DESCRIPTOR}
|
||||
|
||||
dn: CN=NTDS Quotas,${DOMAINDN}
|
||||
objectClass: top
|
||||
@ -98,6 +99,7 @@ objectClass: container
|
||||
description: Builtin system settings
|
||||
systemFlags: -1946157056
|
||||
isCriticalSystemObject: TRUE
|
||||
nTSecurityDescriptor:: ${SYSTEM_DESCRIPTOR}
|
||||
|
||||
dn: CN=AdminSDHolder,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
|
Loading…
Reference in New Issue
Block a user