mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
3f2ca10d2d
Templates just don't belong in the sam.ldb, as they don't obey any of
the other rules. This moves them to a seperate templates.ldb.
In samldb, this patch reworks the duplicate SID and Name detection
code, to use ldb_search_exp_fmt() rather than gendb_search. This
returns far more useful errors, which we now handle and report better.
The call to samdb_search_for_parent_domain() has been moved in samldb,
to allow both the account and SID uniqueness checks to be in the same
domain. This function also returns better errors.
dcesrv_drsuapi.c is updated for the new prototype of
samdb_search_for_parent_domain()
Andrew Bartlett
(This used to be commit f1ab90c88c)
80 lines
1.5 KiB
Plaintext
80 lines
1.5 KiB
Plaintext
###
|
|
# Templates to be put in templates.ldb. Not part of main samdb any more.
|
|
###
|
|
|
|
dn: @OPTIONS
|
|
checkBaseOnSearch: TRUE
|
|
|
|
dn: @INDEXLIST
|
|
@IDXATTR: cn
|
|
|
|
dn: @ATTRIBUTES
|
|
cn: CASE_INSENSITIVE
|
|
dn: CASE_INSENSITIVE
|
|
|
|
dn: CN=Templates
|
|
objectClass: top
|
|
objectClass: container
|
|
description: Container for SAM account templates
|
|
|
|
dn: CN=TemplateUser,CN=Templates
|
|
userAccountControl: 514
|
|
badPwdCount: 0
|
|
codePage: 0
|
|
countryCode: 0
|
|
badPasswordTime: 0
|
|
lastLogoff: 0
|
|
lastLogon: 0
|
|
pwdLastSet: 0
|
|
primaryGroupID: 513
|
|
accountExpires: -1
|
|
logonCount: 0
|
|
sAMAccountType: 805306368
|
|
|
|
dn: CN=TemplateComputer,CN=Templates
|
|
userAccountControl: 4098
|
|
badPwdCount: 0
|
|
codePage: 0
|
|
countryCode: 0
|
|
badPasswordTime: 0
|
|
lastLogoff: 0
|
|
lastLogon: 0
|
|
pwdLastSet: 0
|
|
primaryGroupID: 513
|
|
accountExpires: -1
|
|
logonCount: 0
|
|
sAMAccountType: 805306369
|
|
|
|
dn: CN=TemplateTrustingDomain,CN=Templates
|
|
userAccountControl: 2080
|
|
badPwdCount: 0
|
|
codePage: 0
|
|
countryCode: 0
|
|
badPasswordTime: 0
|
|
lastLogoff: 0
|
|
lastLogon: 0
|
|
primaryGroupID: 513
|
|
accountExpires: -1
|
|
logonCount: 0
|
|
sAMAccountType: 805306370
|
|
|
|
dn: CN=TemplateGroup,CN=Templates
|
|
groupType: -2147483646
|
|
sAMAccountType: 268435456
|
|
|
|
# Currently this isn't used, we don't have a way to detect it different from an incoming alias
|
|
#
|
|
# dn: CN=TemplateAlias,CN=Templates
|
|
# cn: TemplateAlias
|
|
# instanceType: 4
|
|
# groupType: -2147483644
|
|
# sAMAccountType: 268435456
|
|
|
|
dn: CN=TemplateForeignSecurityPrincipal,CN=Templates
|
|
showInAdvancedViewOnly: TRUE
|
|
|
|
dn: CN=TemplateSecret,CN=Templates
|
|
|
|
dn: CN=TemplateTrustedDomain,CN=Templates
|
|
|