1 # Accounts for selfjoin (joins DC to itself)
3 # Object under "Domain Controllers"
4 dn: CN=$
{NETBIOSNAME
},OU=Domain Controllers
,$
{DOMAINDN
}
7 objectClass: organizationalPerson
10 accountExpires
: 9223372036854775807
11 dNSHostName
: $
{DNSNAME
}
12 # "frsComputerReferenceBL" doesn't exist since we still miss FRS support
13 isCriticalSystemObject
: TRUE
15 operatingSystem
: Samba
16 operatingSystemVersion
: $
{SAMBA_VERSION_STRING
}
18 rIDSetReferences
: CN=RID Set
,CN=$
{NETBIOSNAME
},OU=Domain Controllers
,$
{DOMAINDN
}
19 sAMAccountName
: $
{NETBIOSNAME
}$
20 # "servicePrincipalName" for FRS doesn't exit since we still miss FRS support
21 # "servicePrincipalName"s for DNS ("ldap/../ForestDnsZones",
22 # "ldap/../DomainDnsZones", "DNS/..") don't exist since we don't support AD DNS
23 servicePrincipalName
: GC
/$
{DNSNAME
}/$
{REALM
}
24 servicePrincipalName
: HOST
/$
{DNSNAME
}/$
{DOMAIN
}
25 servicePrincipalName
: HOST
/$
{NETBIOSNAME
}
26 servicePrincipalName
: HOST
/$
{DNSNAME
}
27 servicePrincipalName
: HOST
/$
{DNSNAME
}/$
{REALM
}
28 # "servicePrincipalName"s with GUIDs are located in
29 # "provision_self_join_modify.ldif"
30 servicePrincipalName
: ldap
/$
{DNSNAME
}/$
{DOMAIN
}
31 servicePrincipalName
: ldap
/$
{NETBIOSNAME
}
32 servicePrincipalName
: ldap
/$
{DNSNAME
}
33 servicePrincipalName
: ldap
/$
{DNSNAME
}/$
{REALM
}
34 userAccountControl
: 532480
35 userPassword:: $
{MACHINEPASS_B64
}
37 dn: CN=RID Set
,CN=$
{NETBIOSNAME
},OU=Domain Controllers
,$
{DOMAINDN
}
40 rIDAllocationPool
: 1000-1499
41 rIDPreviousAllocationPool
: 1000-1499
46 # Here are missing the objects for the NTFRS subscription and the RID set since
47 # we don't support those techniques (FRS, distributed RIDs) yet.
49 # Objects under "Configuration/Sites/<Default sitename>/Servers"
54 systemFlags
: 1375731712
55 dNSHostName
: $
{DNSNAME
}
56 serverReference
: CN=$
{NETBIOSNAME
},OU=Domain Controllers
,$
{DOMAINDN
}
58 dn: CN=NTDS Settings
,$
{SERVERDN
}
60 objectClass: applicationSettings
62 dMDLocation
: $
{SCHEMADN
}
63 hasMasterNCs
: $
{CONFIGDN
}
64 hasMasterNCs
: $
{SCHEMADN
}
65 hasMasterNCs
: $
{DOMAINDN
}
66 invocationId
: $
{INVOCATIONID
}
67 msDS
-Behavior
-Version
: $
{DOMAIN_CONTROLLER_FUNCTIONALITY
}
68 msDS
-HasDomainNCs
: $
{DOMAINDN
}
69 # "msDS-HasInstantiatedNCs"s for DNS don't exist since we don't support AD DNS
70 msDS
-HasInstantiatedNCs
: B
:8:0000000D
:$
{CONFIGDN
}
71 msDS
-HasInstantiatedNCs
: B
:8:0000000D
:$
{SCHEMADN
}
72 msDS
-HasInstantiatedNCs
: B
:8:00000005:$
{DOMAINDN
}
73 # "msDS-hasMasterNCs"s for DNS don't exist since we don't support AD DNS
74 msDS
-hasMasterNCs
: $
{CONFIGDN
}
75 msDS
-hasMasterNCs
: $
{SCHEMADN
}
76 msDS
-hasMasterNCs
: $
{DOMAINDN
}
81 # Provides an account for DNS keytab export
82 dn: CN=dns
,CN=Users
,$
{DOMAINDN
}
85 objectClass: organizationalPerson
87 description: DNS Service Account
88 userAccountControl
: 514
89 accountExpires
: 9223372036854775807
91 servicePrincipalName
: DNS
/$
{DNSDOMAIN
}
92 userPassword:: $
{DNSPASS_B64
}
93 isCriticalSystemObject
: TRUE