mirror of
https://github.com/samba-team/samba.git
synced 2025-01-26 10:04:02 +03:00
271b5af92e
Rather than have the functional levels scattered in 4 different, unconnected locations, the provision script now sets it, and the rootdse module maintains it's copy only as a cached view onto the original values. We also use the functional level to determine if we should store AES Kerberos keys. Andrew Bartlett
67 lines
1.8 KiB
Plaintext
67 lines
1.8 KiB
Plaintext
#Join the DC to itself by default
|
|
|
|
dn: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: person
|
|
objectClass: organizationalPerson
|
|
objectClass: user
|
|
objectClass: computer
|
|
cn: ${NETBIOSNAME}
|
|
userAccountControl: 532480
|
|
localPolicyFlags: 0
|
|
primaryGroupID: 516
|
|
accountExpires: 9223372036854775807
|
|
sAMAccountName: ${NETBIOSNAME}$
|
|
operatingSystem: Samba
|
|
operatingSystemVersion: ${SAMBA_VERSION_STRING}
|
|
dNSHostName: ${DNSNAME}
|
|
isCriticalSystemObject: TRUE
|
|
userPassword:: ${MACHINEPASS_B64}
|
|
servicePrincipalName: HOST/${DNSNAME}
|
|
servicePrincipalName: HOST/${NETBIOSNAME}
|
|
servicePrincipalName: HOST/${DNSNAME}/${REALM}
|
|
servicePrincipalName: HOST/${NETBIOSNAME}/${REALM}
|
|
servicePrincipalName: HOST/${DNSNAME}/${DOMAIN}
|
|
servicePrincipalName: HOST/${NETBIOSNAME}/${DOMAIN}
|
|
|
|
#Provide a account for DNS keytab export
|
|
dn: CN=dns,CN=Users,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: person
|
|
objectClass: organizationalPerson
|
|
objectClass: user
|
|
cn: dns
|
|
description: DNS Service Account
|
|
userAccountControl: 514
|
|
accountExpires: 9223372036854775807
|
|
sAMAccountName: dns
|
|
servicePrincipalName: DNS/${DNSDOMAIN}
|
|
isCriticalSystemObject: TRUE
|
|
userPassword:: ${DNSPASS_B64}
|
|
showInAdvancedViewOnly: TRUE
|
|
|
|
dn: ${SERVERDN}
|
|
objectClass: top
|
|
objectClass: server
|
|
cn: ${NETBIOSNAME}
|
|
systemFlags: 1375731712
|
|
dNSHostName: ${DNSNAME}
|
|
serverReference: CN=${NETBIOSNAME},OU=Domain Controllers,${DOMAINDN}
|
|
|
|
dn: CN=NTDS Settings,${SERVERDN}
|
|
objectClass: top
|
|
objectClass: applicationSettings
|
|
objectClass: nTDSDSA
|
|
cn: NTDS Settings
|
|
options: 1
|
|
systemFlags: 33554432
|
|
dMDLocation: ${SCHEMADN}
|
|
invocationId: ${INVOCATIONID}
|
|
msDS-Behavior-Version: ${DOMAIN_CONTROLLER_FUNCTIONALITY}
|
|
msDS-hasMasterNCs: ${CONFIGDN}
|
|
msDS-hasMasterNCs: ${SCHEMADN}
|
|
msDS-hasMasterNCs: ${DOMAINDN}
|
|
hasMasterNCs: ${CONFIGDN}
|
|
hasMasterNCs: ${SCHEMADN}
|
|
hasMasterNCs: ${DOMAINDN}
|