mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
3ed1ba6fed
Some clients (e.g. an exchange server) check operatingSystemVersion in order to check if a domain controller is new enough. So we better use a value matching the dc functional level. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
35 lines
1.2 KiB
Plaintext
35 lines
1.2 KiB
Plaintext
# Accounts for selfjoin (joins DC to itself)
|
|
|
|
# Object under "Domain Controllers"
|
|
dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: person
|
|
objectClass: organizationalPerson
|
|
objectClass: user
|
|
objectClass: computer
|
|
accountExpires: 9223372036854775807
|
|
dNSHostName: ${DNSNAME}
|
|
# "MSDFSR-ComputerReferenceBL" doesn't exist since we still miss DFSR support
|
|
# "isCritcalSystemObject" is now filled in by the samldb LDB module
|
|
localPolicyFlags: 0
|
|
operatingSystem: ${OPERATING_SYSTEM}
|
|
operatingSystemVersion: ${OPERATING_SYSTEM_VERSION}
|
|
sAMAccountName: ${NETBIOSNAME}$
|
|
userAccountControl: 532480
|
|
clearTextPassword:: ${MACHINEPASS_B64}
|
|
objectSid: ${DOMAINSID}-${DCRID}
|
|
# While some "servicePrincipalName" updates might be handled by the
|
|
# "samba_spnupdate" script, we need to get the basics in here before
|
|
# we add any others.
|
|
servicePrincipalName: HOST/${DNSNAME}
|
|
servicePrincipalName: HOST/${NETBIOSNAME}
|
|
servicePrincipalName: HOST/${DNSNAME}/${DNSNAME}
|
|
|
|
|
|
dn: CN=RID Set,CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
|
|
objectClass: rIDSet
|
|
rIDAllocationPool: ${RIDALLOCATIONSTART}-${RIDALLOCATIONEND}
|
|
rIDPreviousAllocationPool: ${RIDALLOCATIONSTART}-${RIDALLOCATIONEND}
|
|
rIDUsedPool: 0
|
|
rIDNextRID: ${RIDALLOCATIONSTART}
|