mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
13a10d4314
According to [MS-SAMR] 3.1.5.7 Delete Pattern we should not allow deletion of security objects with RID < 1000. This patch will prevent deletion of well-known accounts and groups. Signed-off-by: Nadezhda Ivanova <nivanova@symas.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date(master): Mon Oct 14 13:31:50 CEST 2013 on sn-devel-104
207 lines
6.0 KiB
Plaintext
207 lines
6.0 KiB
Plaintext
dn: sambaDomainName=TESTS,${BASEDN}
|
|
objectclass: sambaDomain
|
|
objectclass: top
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739
|
|
sambaNextRid: 2000
|
|
sambaDomainName: TESTS
|
|
|
|
dn: ou=Users,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: organizationalUnit
|
|
ou: Users
|
|
|
|
dn: ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: organizationalUnit
|
|
ou: Groups
|
|
|
|
dn: uid=nobody,ou=Users,sambaDomainName=TESTS,${BASEDN}
|
|
cn: nobody
|
|
sn: nobody
|
|
objectClass: inetOrgPerson
|
|
objectClass: sambaSAMAccount
|
|
objectClass: posixAccount
|
|
objectClass: shadowAccount
|
|
gidNumber: 514
|
|
uid: nobody
|
|
uidNumber: 999
|
|
homeDirectory: /dev/null
|
|
sambaPwdLastSet: 0
|
|
sambaLogonTime: 0
|
|
sambaLogoffTime: 2147483647
|
|
sambaKickoffTime: 2147483647
|
|
sambaPwdCanChange: 0
|
|
sambaPwdMustChange: 2147483647
|
|
sambaHomePath: \\PDC-SMB3\home\%U
|
|
sambaHomeDrive: H:
|
|
sambaProfilePath: \\PDC-SMB3\profiles\%U\nobody
|
|
sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-514
|
|
sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
|
|
sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
|
|
sambaAcctFlags: [NU ]
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-2998
|
|
loginShell: /bin/false
|
|
|
|
dn: cn=Domain Admins,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 512
|
|
cn: Domain Admins
|
|
memberUid: Administrator
|
|
description: Netbios Domain Administrators
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-512
|
|
sambaGroupType: 2
|
|
displayName: Domain Admins
|
|
|
|
dn: cn=Domain Users,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 513
|
|
cn: Domain Users
|
|
description: Netbios Domain Users
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-513
|
|
sambaGroupType: 2
|
|
displayName: Domain Users
|
|
|
|
dn: cn=Domain Guests,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 514
|
|
cn: Domain Guests
|
|
description: Netbios Domain Guests Users
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-514
|
|
sambaGroupType: 2
|
|
displayName: Domain Guests
|
|
|
|
dn: cn=Print Operators,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 550
|
|
cn: Print Operators
|
|
description: Netbios Domain Print Operators
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-550
|
|
sambaGroupType: 2
|
|
displayName: Print Operators
|
|
|
|
dn: cn=Backup Operators,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 551
|
|
cn: Backup Operators
|
|
description: Netbios Domain Members can bypass file security to back up files
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-551
|
|
sambaGroupType: 2
|
|
displayName: Backup Operators
|
|
|
|
dn: cn=Replicator,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 1052
|
|
cn: Replicator
|
|
description: Netbios Domain Supports file replication in a sambaDomainName
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-1052
|
|
sambaGroupType: 2
|
|
displayName: Replicator
|
|
|
|
dn: cn=Domain Computers,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 553
|
|
cn: Domain Computers
|
|
description: Netbios Domain Computers accounts
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-553
|
|
sambaGroupType: 2
|
|
displayName: Domain Computers
|
|
|
|
dn: cn=Administrators,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 544
|
|
cn: Administrators
|
|
description: Netbios Domain Members can fully administer the computer/sambaDomainName
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-544
|
|
sambaGroupType: 2
|
|
displayName: Administrators
|
|
|
|
dn: cn=Users,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 545
|
|
cn: Users
|
|
description: Netbios Domain Ordinary users
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-545
|
|
sambaGroupType: 2
|
|
displayName: users
|
|
|
|
dn: cn=Guests,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 546
|
|
cn: Guests
|
|
memberUid: nobody
|
|
description: Netbios Domain Users granted guest access to the computer/sambaDomainName
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-546
|
|
sambaGroupType: 2
|
|
displayName: Guests
|
|
|
|
dn: cn=Power Users,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 547
|
|
cn: Power Users
|
|
description: Netbios Domain Members can share directories and printers
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-547
|
|
sambaGroupType: 2
|
|
displayName: Power Users
|
|
|
|
dn: cn=Account Operators,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 548
|
|
cn: Account Operators
|
|
description: Netbios Domain Users to manipulate users accounts
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-548
|
|
sambaGroupType: 2
|
|
displayName: Account Operators
|
|
|
|
dn: cn=Server Operators,ou=Groups,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: posixGroup
|
|
objectClass: sambaGroupMapping
|
|
gidNumber: 549
|
|
cn: Server Operators
|
|
description: Netbios Domain Server Operators
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-549
|
|
sambaGroupType: 2
|
|
displayName: Server Operators
|
|
|
|
dn: ou=Computers,sambaDomainName=TESTS,${BASEDN}
|
|
objectClass: organizationalUnit
|
|
ou: Computers
|
|
|
|
dn: uid=Administrator,ou=Users,sambaDomainName=TESTS,${BASEDN}
|
|
cn: Administrator
|
|
sn: Administrator
|
|
objectClass: inetOrgPerson
|
|
objectClass: sambaSAMAccount
|
|
objectClass: posixAccount
|
|
objectClass: shadowAccount
|
|
gidNumber: 512
|
|
uid: Administrator
|
|
uidNumber: 0
|
|
homeDirectory: /home/%U
|
|
sambaPwdLastSet: 0
|
|
sambaLogonTime: 0
|
|
sambaLogoffTime: 2147483647
|
|
sambaKickoffTime: 2147483647
|
|
sambaPwdCanChange: 0
|
|
sambaPwdMustChange: 2147483647
|
|
sambaHomePath: \\PDC-SMB3\home\%U
|
|
sambaHomeDrive: H:
|
|
sambaProfilePath: \\PDC-SMB3\profiles\%U\Administrator
|
|
sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-512
|
|
sambaLMPassword: 193130B61A7F81C0AAD3B435B51404EE
|
|
sambaNTPassword: C2AE1FE6E648846352453E816F2AEB93
|
|
sambaAcctFlags: [U ]
|
|
sambaSID: S-1-5-21-4231626423-2410014848-2360679739-2996
|
|
loginShell: /bin/false
|
|
gecos: Netbios Domain Administrator
|
|
|