mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
10833f641a
This patches fixes the last difference between s4 and Windows Server regarding group policy objects: we hadn't the domain controller policy. - Adds the domain controller policy as it is found in the "original" AD - Adds also the right version number in the GPT.INI file for the domain group policy (was missing)
239 lines
5.8 KiB
Plaintext
239 lines
5.8 KiB
Plaintext
###############################
|
|
# Default Naming Context
|
|
###############################
|
|
|
|
dn: CN=Builtin,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: builtinDomain
|
|
forceLogoff: -9223372036854775808
|
|
lockoutDuration: -18000000000
|
|
lockOutObservationWindow: -18000000000
|
|
lockoutThreshold: 0
|
|
maxPwdAge: -37108517437440
|
|
minPwdAge: 0
|
|
minPwdLength: 0
|
|
modifiedCountAtLastProm: 0
|
|
nextRid: 1000
|
|
pwdProperties: 0
|
|
pwdHistoryLength: 0
|
|
objectSid: S-1-5-32
|
|
serverState: 1
|
|
uASCompat: 1
|
|
modifiedCount: 1
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
showInAdvancedViewOnly: FALSE
|
|
|
|
# Computers located in "provision_computers*.ldif"
|
|
# Users/Groups located in "provision_users*.ldif"
|
|
|
|
dn: OU=Domain Controllers,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: organizationalUnit
|
|
description: Default container for domain controllers
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
showInAdvancedViewOnly: FALSE
|
|
gPLink: [LDAP://CN={${POLICYGUID_DC}},CN=Policies,CN=System,${DOMAINDN};0]
|
|
|
|
# Joined DC located in "provision_self_join.ldif"
|
|
|
|
dn: CN=ForeignSecurityPrincipals,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
showInAdvancedViewOnly: FALSE
|
|
|
|
# Foreign security principals located in "provision_users.ldif"
|
|
|
|
dn: CN=Infrastructure,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: infrastructureUpdate
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=LostAndFound,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: lostAndFound
|
|
description: Default container for orphaned objects
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=NTDS Quotas,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: msDS-QuotaContainer
|
|
description: Quota specifications container
|
|
msDS-TombstoneQuotaFactor: 100
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=Program Data,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
description: Default location for storage of application data.
|
|
|
|
dn: CN=Microsoft,CN=Program Data,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
description: Default location for storage of Microsoft application data.
|
|
|
|
dn: CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
description: Builtin system settings
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=AdminSDHolder,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=ComPartitions,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=ComPartitionSets,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=Default Domain Policy,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: leaf
|
|
objectClass: domainPolicy
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=AppCategories,CN=Default Domain Policy,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: classStore
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=Dfs-Configuration,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: dfsConfiguration
|
|
isCriticalSystemObject: TRUE
|
|
showInAdvancedViewOnly: FALSE
|
|
|
|
dn: CN=DomainUpdates,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
|
|
dn: CN=Operations,CN=DomainUpdates,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
|
|
dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
revision: 8
|
|
|
|
dn: CN=File Replication Service,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: applicationSettings
|
|
objectClass: nTFRSSettings
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=FileLinks,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: fileLinkTracking
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=ObjectMoveTable,CN=FileLinks,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: fileLinkTracking
|
|
objectClass: linkTrackObjectMoveTable
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=VolumeTable,CN=FileLinks,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: fileLinkTracking
|
|
objectClass: linkTrackVolumeTable
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=IP Security,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=Meetings,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=MicrosoftDNS,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
displayName: DNS Servers
|
|
|
|
dn: CN=Policies,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
# Group policies located in "provision_group_policy.ldif"
|
|
|
|
dn: CN=RAS and IAS Servers Access Check,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=RID Manager$,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: rIDManager
|
|
systemFlags: -1946157056
|
|
rIDAvailablePool: 4611686014132423217
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=RpcServices,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
objectClass: rpcContainer
|
|
systemFlags: -1946157056
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=Server,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: securityObject
|
|
objectClass: samServer
|
|
systemFlags: -1946157056
|
|
revision: 65543
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=WinsockServices,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
isCriticalSystemObject: TRUE
|
|
|
|
dn: CN=WMIPolicy,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
|
|
dn: CN=PolicyTemplate,CN=WMIPolicy,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
|
|
dn: CN=PolicyType,CN=WMIPolicy,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
|
|
dn: CN=SOM,CN=WMIPolicy,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|
|
|
|
dn: CN=WMIGPO,CN=WMIPolicy,CN=System,${DOMAINDN}
|
|
objectClass: top
|
|
objectClass: container
|