mirror of
https://github.com/samba-team/samba.git
synced 2025-01-22 22:04:08 +03:00
s4:provision.ldif - add IP security objects as they exist on Windows Server
This commit is contained in:
Matthias Dieter Wallnöfer
parent
44e05dfb73
commit
f57bcc92b5
@ -488,11 +488,293 @@ objectClass: linkTrackVolumeTable
|
||||
systemFlags: -1946157056
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
# IP security objects
|
||||
|
||||
dn: CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: container
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecPolicy{72385230-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecPolicy
|
||||
description: For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to request.
|
||||
ipsecName: Server (Request Security)
|
||||
ipsecID: {72385230-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: YyEgIkxP0RGGOwCgJI0wIQQAAAAwKgAAAA==
|
||||
ipsecISAKMPReference: CN=ipsecISAKMPPolicy{72385231-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNFAReference: CN=ipsecNFA{594272E2-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNFAReference: CN=ipsecNFA{59319BE2-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNFAReference: CN=ipsecNFA{72385232-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecISAKMPPolicy{72385231-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecISAKMPPolicy
|
||||
ipsecID: {72385231-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uCDcgMgu0RGongCgJI0wIUABAABo0hlRHQfTEa0iAGCw7MoXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAADNzQMAAABAAAAACAAAAAIAAABAAAAAAAAAAAAAAAAAAAAAAAAAAADNzc0CAAAAAAAAAAAAAACAcAAAzc3NzQAAzc0DAAAAQAAAAAgAAAABAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAzc3NAgAAAAAAAAAAAAAAgHAAAM3Nzc0AAM3NAQAAAEAAAAAIAAAAAgAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAM3NzQEAAAAAAAAAAAAAAIBwAADNzc3NAADNzQEAAABAAAAACAAAAAEAAABAAAAAAAAAAAAAAAAAAAAAAAAAAADNzc0BAAAAAAAAAAAAAACAcAAAzc3NzQA=
|
||||
ipsecOwnersReference: CN=ipsecPolicy{72385230-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNFA{72385232-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
description: For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to request.
|
||||
ipsecName: Request Security (Optional) Rule
|
||||
ipsecID: {72385232-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: AKy7EY1J0RGGOQCgJI0wISoAAAABAAAABQAAAAIAAAAAAP3///8CAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAA
|
||||
ipsecOwnersReference: CN=ipsecPolicy{72385230-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNegotiationPolicyReference: CN=ipsecNegotiationPolicy{72385233-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecFilterReference: CN=ipsecFilter{7238523A-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNFA{59319BE2-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
ipsecID: {59319BE2-5EE3-11D2-ACE8-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: AKy7EY1J0RGGOQCgJI0wISoAAAABAAAABQAAAAIAAAAAAP3///8CAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAA
|
||||
ipsecOwnersReference: CN=ipsecPolicy{72385230-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNegotiationPolicyReference: CN=ipsecNegotiationPolicy{59319BDF-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNFA{594272E2-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
description: Permit unsecure ICMP packets to pass through.
|
||||
ipsecName: Permit unsecure ICMP packets to pass through.
|
||||
ipsecID: {594272E2-071D-11D3-AD22-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: AKy7EY1J0RGGOQCgJI0wISoAAAABAAAABQAAAAIAAAAAAP3///8CAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAA
|
||||
ipsecOwnersReference: CN=ipsecPolicy{72385230-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNegotiationPolicyReference: CN=ipsecNegotiationPolicy{7238523B-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecFilterReference: CN=ipsecFilter{72385235-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNegotiationPolicy{72385233-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNegotiationPolicy
|
||||
description: Accepts unsecured communication, but requests clients to establish trust and security methods. Will communicate insecurely to untrusted clients if they do not respond to request.
|
||||
ipsecName: Request Security (Optional)
|
||||
ipsecID: {72385233-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uSDcgMgu0RGongCgJI0wIZQBAAAFAAAAhAMAAKCGAQAAAAAAAAAAAAEAAAADAAAAAgAAAAIAAABAAAAACAAAAFwAUwBlAHIAdgBpAGMAZQBzAFwAUABvAGwAaQBjAHkAQQBnAGUAbgCEAwAAoIYBAAAAAAAAAAAAAQAAAAEAAAACAAAAAgAAAEAAAAAIAAAAAAAAAFX0sjdcAEwAbwBjABUADwABAAgAIAJlACACZQBYxHYF+M54BSwBAACghgEAAAAAAAAAAAABAAAAAgAAAAAAAAABAAAAQAAAAAgAAAAtADkAQQBDADEALQA0AEQANgBEAC0AQQAxAEIAMAAtADEANQA4ADcALAEAAKCGAQAAAAAAAAAAAAEAAAABAAAAAAAAAAEAAABAAAAACAAAAGUAdABcAFMAZQByAHYAaQBjAGUAcwBcAFAAbwBsAGkAYwB5AEEAZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAABAAAAAgAAAEAAAAAIAAAANgBDAC0AMwBCADkANwAtADQANQA1ADIALQA4AEUANAA1AC0AOQA5AAA=
|
||||
ipsecOwnersReference: CN=ipsecNFA{72385232-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
iPSECNegotiationPolicyType: {62F49E10-6C37-11D1-864C-14A300000000}
|
||||
iPSECNegotiationPolicyAction: {3F91A81A-7647-11D1-864D-D46A00000000}
|
||||
|
||||
dn: CN=ipsecFilter{7238523A-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecFilter
|
||||
description: Matches all IP packets from this computer to any other computer, except broadcast, multicast, Kerberos, RSVP and ISAKMP (IKE).
|
||||
ipsecName: All IP Traffic
|
||||
ipsecID: {7238523A-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: tSDcgMgu0RGongCgJI0wIUoAAAABAAAAAgAAAAAAAgAAAAAAAgAAAAAA3ZsxWeNe0hGs6ABgsOzKFwEAAAAAAAAA/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
|
||||
ipsecOwnersReference: CN=ipsecNFA{72385232-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecOwnersReference: CN=ipsecNFA{7238523E-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNegotiationPolicy{59319BDF-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNegotiationPolicy
|
||||
ipsecID: {59319BDF-5EE3-11D2-ACE8-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uSDcgMgu0RGongCgJI0wIeQBAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAADAAAAAgAAAAIAAABAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAMAAAABAAAAAgAAAEAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAQAAAAIAAAACAAAAQAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAABAAAAAQAAAAIAAABAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAIAAAAAAAAAAQAAAEAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAQAAAAAAAAABAAAAQAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
|
||||
ipsecOwnersReference: CN=ipsecNFA{59319BE2-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
iPSECNegotiationPolicyType: {62F49E13-6C37-11D1-864C-14A300000000}
|
||||
iPSECNegotiationPolicyAction: {8A171DD3-77E3-11D1-8659-A04F00000000}
|
||||
|
||||
dn: CN=ipsecNegotiationPolicy{7238523B-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNegotiationPolicy
|
||||
description: Permit unsecured IP packets to pass through.
|
||||
ipsecName: Permit
|
||||
ipsecID: {7238523B-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uSDcgMgu0RGongCgJI0wIQQAAAAAAAAAAA==
|
||||
ipsecOwnersReference: CN=ipsecNFA{594272E2-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecOwnersReference: CN=ipsecNFA{594272FD-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
iPSECNegotiationPolicyType: {62F49E10-6C37-11D1-864C-14A300000000}
|
||||
iPSECNegotiationPolicyAction: {8A171DD2-77E3-11D1-8659-A04F00000000}
|
||||
|
||||
dn: CN=ipsecFilter{72385235-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecFilter
|
||||
description: Matches all ICMP packets between this computer and any other computer.
|
||||
ipsecName: All ICMP Traffic
|
||||
ipsecID: {72385235-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: tSDcgMgu0RGongCgJI0wIVIAAAABAAAAAgAAAAAAAgAAAAAACgAAAEkAQwBNAFAAAABj0hlRHQfTEa0iAGCw7MoXAQAAAAAAAAD/////AAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAA==
|
||||
ipsecOwnersReference: CN=ipsecNFA{594272E2-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecOwnersReference: CN=ipsecNFA{594272FD-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecPolicy{72385236-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecPolicy
|
||||
description: Communicate normally (unsecured). Use the default response rule to negotiate with servers that request security. Only the requested protocol and port traffic with that server is secured.
|
||||
ipsecName: Client (Respond Only)
|
||||
ipsecID: {72385236-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: YyEgIkxP0RGGOwCgJI0wIQQAAAAwKgAAAA==
|
||||
ipsecISAKMPReference: CN=ipsecISAKMPPolicy{72385237-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNFAReference: CN=ipsecNFA{59319C04-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecISAKMPPolicy{72385237-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecISAKMPPolicy
|
||||
ipsecID: {72385237-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uCDcgMgu0RGongCgJI0wIUABAABz7EFfHQfTEa0iAGCw7MoXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAADNzQMAAABAAAAACAAAAAIAAABAAAAAAAAAAAAAAAAAAAAAAAAAAADNzc0CAAAAAAAAAAAAAACAcAAAzc3NzQAAzc0DAAAAQAAAAAgAAAABAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAzc3NAgAAAAAAAAAAAAAAgHAAAM3Nzc0AAM3NAQAAAEAAAAAIAAAAAgAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAM3NzQEAAAAAAAAAAAAAAIBwAADNzc3NAADNzQEAAABAAAAACAAAAAEAAABAAAAAAAAAAAAAAAAAAAAAAAAAAADNzc0BAAAAAAAAAAAAAACAcAAAzc3NzQA=
|
||||
ipsecOwnersReference: CN=ipsecPolicy{72385236-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNFA{59319C04-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
ipsecID: {59319C04-5EE3-11D2-ACE8-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: AKy7EY1J0RGGOQCgJI0wISoAAAABAAAABQAAAAIAAAAAAP3///8CAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAA
|
||||
ipsecOwnersReference: CN=ipsecPolicy{72385236-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNegotiationPolicyReference: CN=ipsecNegotiationPolicy{59319C01-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNegotiationPolicy{59319C01-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNegotiationPolicy
|
||||
ipsecID: {59319C01-5EE3-11D2-ACE8-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uSDcgMgu0RGongCgJI0wIeQBAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAADAAAAAgAAAAIAAABAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAMAAAABAAAAAgAAAEAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAQAAAAIAAAACAAAAQAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAABAAAAAQAAAAIAAABAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAIAAAAAAAAAAQAAAEAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAQAAAAAAAAABAAAAQAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
|
||||
ipsecOwnersReference: CN=ipsecNFA{59319C04-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
iPSECNegotiationPolicyType: {62F49E13-6C37-11D1-864C-14A300000000}
|
||||
iPSECNegotiationPolicyAction: {8A171DD3-77E3-11D1-8659-A04F00000000}
|
||||
|
||||
dn: CN=ipsecPolicy{7238523C-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecPolicy
|
||||
description: For all IP traffic, always require security using Kerberos trust. Do NOT allow unsecured communication with untrusted clients.
|
||||
ipsecName: Secure Server (Require Security)
|
||||
ipsecID: {7238523C-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: YyEgIkxP0RGGOwCgJI0wIQQAAAAwKgAAAA==
|
||||
ipsecISAKMPReference: CN=ipsecISAKMPPolicy{7238523D-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNFAReference: CN=ipsecNFA{594272FD-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNFAReference: CN=ipsecNFA{59319BF3-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNFAReference: CN=ipsecNFA{7238523E-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecISAKMPPolicy{7238523D-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecISAKMPPolicy
|
||||
ipsecID: {7238523D-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uCDcgMgu0RGongCgJI0wIUABAAD5ckJZHQfTEa0iAGCw7MoXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAADNzQMAAABAAAAACAAAAAIAAABAAAAAAAAAAAAAAAAAAAAAAAAAAADNzc0CAAAAAAAAAAAAAACAcAAAzc3NzQAAzc0DAAAAQAAAAAgAAAABAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAzc3NAgAAAAAAAAAAAAAAgHAAAM3Nzc0AAM3NAQAAAEAAAAAIAAAAAgAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAM3NzQEAAAAAAAAAAAAAAIBwAADNzc3NAADNzQEAAABAAAAACAAAAAEAAABAAAAAAAAAAAAAAAAAAAAAAAAAAADNzc0BAAAAAAAAAAAAAACAcAAAzc3NzQA=
|
||||
ipsecOwnersReference: CN=ipsecPolicy{7238523C-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNFA{7238523E-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
description: Accepts unsecured communication, but always requires clients to establish trust and security methods. Will NOT communicate with untrusted clients.
|
||||
ipsecName: Require Security
|
||||
ipsecID: {7238523E-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: AKy7EY1J0RGGOQCgJI0wISoAAAABAAAABQAAAAIAAAAAAP3///8CAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAA
|
||||
ipsecOwnersReference: CN=ipsecPolicy{7238523C-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNegotiationPolicyReference: CN=ipsecNegotiationPolicy{7238523F-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecFilterReference: CN=ipsecFilter{7238523A-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNFA{59319BF3-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
ipsecID: {59319BF3-5EE3-11D2-ACE8-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: AKy7EY1J0RGGOQCgJI0wISoAAAABAAAABQAAAAIAAAAAAP3///8CAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAA
|
||||
ipsecOwnersReference: CN=ipsecPolicy{7238523C-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNegotiationPolicyReference: CN=ipsecNegotiationPolicy{59319BF0-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNFA{594272FD-071D-11D3-AD22-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
description: Permit unsecure ICMP packets to pass through.
|
||||
ipsecName: Permit unsecure ICMP packets to pass through.
|
||||
ipsecID: {594272FD-071D-11D3-AD22-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: AKy7EY1J0RGGOQCgJI0wISoAAAABAAAABQAAAAIAAAAAAP3///8CAAAAAAAAAAAAAAAAAAEAAAACAAAAAAAA
|
||||
ipsecOwnersReference: CN=ipsecPolicy{7238523C-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecNegotiationPolicyReference: CN=ipsecNegotiationPolicy{7238523B-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
ipsecFilterReference: CN=ipsecFilter{72385235-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
dn: CN=ipsecNegotiationPolicy{7238523F-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNegotiationPolicy
|
||||
description: Accepts unsecured communication, but always requires clients to establish trust and security methods. Will NOT communicate with untrusted clients.
|
||||
ipsecName: Require Security
|
||||
ipsecID: {7238523F-70FA-11D1-864C-14A300000000}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uSDcgMgu0RGongCgJI0wIUQBAAAEAAAAhAMAAKCGAQAAAAAAAAAAAAEAAAADAAAAAgAAAAIAAABAAAAACAAAAHUAcgByAGUAbgB0AEMAbwBuAHQAcgBvAGwAUwBlAHQAXABTAGUAcgCEAwAAoIYBAAAAAAAAAAAAAQAAAAMAAAABAAAAAgAAAEAAAAAIAAAAcABzAGUAYwBOAEYAQQB7ADcAMgAzADgANQAyADMARQAtADcAMABGAIQDAACghgEAAAAAAAAAAAABAAAAAQAAAAIAAAACAAAAQAAAAAgAAABsAGkAYwB5AFwATABvAGMAYQBsAFwAaQBwAHMAZQBjAE4ARgBBAHsAhAMAAKCGAQAAAAAAAAAAAAEAAAABAAAAAQAAAAIAAABAAAAACAAAAGUAYwBOAEYAQQB7AEIARgBDADcAQwAzADUAQQAtAEIANQA5ADIALQAA
|
||||
ipsecOwnersReference: CN=ipsecNFA{7238523E-70FA-11D1-864C-14A300000000},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
iPSECNegotiationPolicyType: {62F49E10-6C37-11D1-864C-14A300000000}
|
||||
iPSECNegotiationPolicyAction: {3F91A81A-7647-11D1-864D-D46A00000000}
|
||||
|
||||
dn: CN=ipsecNegotiationPolicy{59319BF0-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNegotiationPolicy
|
||||
ipsecID: {59319BF0-5EE3-11D2-ACE8-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: uSDcgMgu0RGongCgJI0wIeQBAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAADAAAAAgAAAAIAAABAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAMAAAABAAAAAgAAAEAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAQAAAAIAAAACAAAAQAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAABAAAAAQAAAAIAAABAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAIAAAAAAAAAAQAAAEAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAQAAAAAAAAABAAAAQAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
|
||||
ipsecOwnersReference: CN=ipsecNFA{59319BF3-5EE3-11D2-ACE8-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
isCriticalSystemObject: TRUE
|
||||
iPSECNegotiationPolicyType: {62F49E13-6C37-11D1-864C-14A300000000}
|
||||
iPSECNegotiationPolicyAction: {8A171DD3-77E3-11D1-8659-A04F00000000}
|
||||
|
||||
dn: CN=ipsecNFA{6A1F5C6F-72B7-11D2-ACF0-0060B0ECCA17},CN=IP Security,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: ipsecBase
|
||||
objectClass: ipsecNFA
|
||||
description: Version Information Object
|
||||
ipsecName: Version Information Object
|
||||
ipsecID: {6A1F5C6F-72B7-11D2-ACF0-0060B0ECCA17}
|
||||
ipsecDataType: 598
|
||||
ipsecData:: b1wfardy0hGs8ABgsOzKF1AAAAAAAAEApmamNhoAAABXAGkAbgBkAG8AdwBzACAAMgAwADAAMAAAABwAAABBAGQAbQBpAG4AaQBzAHQAcgBhAHQAbwByAAAABgAAAA0ACgAAAACsuxGNSdERhjkAoCSNMCEqAAAAAQAAAAUAAAACAAAAAAD9////AgAAAAAAAAAAAAAAAAABAAAAAgAAAAAAAA==
|
||||
isCriticalSystemObject: TRUE
|
||||
|
||||
# End IP security objects
|
||||
|
||||
dn: CN=Meetings,CN=System,${DOMAINDN}
|
||||
objectClass: top
|
||||
objectClass: container
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user