mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
5c3ef6dbae
The schema needs to be loaded above the extended_dn_out modules as otherwise we don't get an extended DN in the search results. The reference split is to ensure we create references after the objects they reference exist. Andrew Bartlett
101 lines
2.0 KiB
Plaintext
101 lines
2.0 KiB
Plaintext
###############################
|
|
# Domain Naming Context
|
|
###############################
|
|
dn: ${DOMAINDN}
|
|
changetype: modify
|
|
-
|
|
# This should be 0x0001, but the 0 byte is not allowed - therefore encoded
|
|
replace: auditingPolicy
|
|
auditingPolicy:: AAE=
|
|
-
|
|
replace: creationTime
|
|
creationTime: ${CREATTIME}
|
|
-
|
|
replace: forceLogoff
|
|
forceLogoff: -9223372036854775808
|
|
-
|
|
# "fSMORoleOwner" filled in later
|
|
replace: gPLink
|
|
gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0]
|
|
-
|
|
replace: isCriticalSystemObject
|
|
isCriticalSystemObject: TRUE
|
|
-
|
|
replace: lockoutDuration
|
|
lockoutDuration: -18000000000
|
|
-
|
|
replace: lockOutObservationWindow
|
|
lockOutObservationWindow: -18000000000
|
|
-
|
|
replace: lockoutThreshold
|
|
lockoutThreshold: 0
|
|
-
|
|
# "masteredBy" filled in later
|
|
replace: maxPwdAge
|
|
maxPwdAge: -37108517437440
|
|
-
|
|
# FIXME: This should be "-864000000000" when we fully comply with passwords pol.
|
|
replace: minPwdAge
|
|
minPwdAge: 0
|
|
-
|
|
replace: minPwdLength
|
|
minPwdLength: 7
|
|
-
|
|
replace: modifiedCount
|
|
modifiedCount: 1
|
|
-
|
|
replace: modifiedCountAtLastProm
|
|
modifiedCountAtLastProm: 0
|
|
-
|
|
replace: msDS-AllUsersTrustQuota
|
|
msDS-AllUsersTrustQuota: 1000
|
|
-
|
|
replace: msDS-Behavior-Version
|
|
msDS-Behavior-Version: ${DOMAIN_FUNCTIONALITY}
|
|
-
|
|
replace: ms-DS-MachineAccountQuota
|
|
ms-DS-MachineAccountQuota: 10
|
|
-
|
|
# "msDs-masteredBy" filled in later
|
|
replace: msDS-PerUserTrustQuota
|
|
msDS-PerUserTrustQuota: 1
|
|
-
|
|
replace: msDS-PerUserTrustTombstonesQuota
|
|
msDS-PerUserTrustTombstonesQuota: 10
|
|
-
|
|
replace: nextRid
|
|
nextRid: 1000
|
|
-
|
|
replace: nTMixedDomain
|
|
nTMixedDomain: 0
|
|
-
|
|
replace: objectSid
|
|
objectSid: ${DOMAINSID}
|
|
-
|
|
# This exists only in SAMBA
|
|
replace: oEMInformation
|
|
oEMInformation: Provisioned by SAMBA ${SAMBA_VERSION_STRING}
|
|
-
|
|
replace: pwdProperties
|
|
pwdProperties: 1
|
|
-
|
|
replace: pwdHistoryLength
|
|
pwdHistoryLength: 24
|
|
-
|
|
replace: rIDManagerReference
|
|
rIDManagerReference: CN=RID Manager$,CN=System,${DOMAINDN}
|
|
-
|
|
replace: serverState
|
|
serverState: 1
|
|
-
|
|
replace: subRefs
|
|
subRefs: ${CONFIGDN}
|
|
-
|
|
replace: systemFlags
|
|
systemFlags: -1946157056
|
|
-
|
|
replace: uASCompat
|
|
uASCompat: 1
|
|
-
|
|
|