search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
build: fix path to pidl/config.m4
[Samba.git] / source4 / setup / provision_users.ldif
blob854c42d07c4f037bd583a92b406f065fb9bb528d
1 dn: CN=Administrator,CN=Users,${DOMAINDN}
2 objectClass: user
3 cn: Administrator
4 description: Built-in account for administering the computer/domain
5 userAccountControl: 66048
6 objectSid: ${DOMAINSID}-500
7 adminCount: 1
8 accountExpires: 9223372036854775807
9 sAMAccountName: Administrator
10 isCriticalSystemObject: TRUE
11 userPassword:: ${ADMINPASS_B64}
12
13 dn: CN=Guest,CN=Users,${DOMAINDN}
14 objectClass: user
15 cn: Guest
16 description: Built-in account for guest access to the computer/domain
17 userAccountControl: 66082
18 primaryGroupID: 514
19 objectSid: ${DOMAINSID}-501
20 sAMAccountName: Guest
21 isCriticalSystemObject: TRUE
22
23 dn: CN=Enterprise Admins,CN=Users,${DOMAINDN}
24 objectClass: top
25 objectClass: group
26 cn: Enterprise Admins
27 description: Designated administrators of the enterprise
28 member: CN=Administrator,CN=Users,${DOMAINDN}
29 objectSid: ${DOMAINSID}-519
30 adminCount: 1
31 sAMAccountName: Enterprise Admins
32 isCriticalSystemObject: TRUE
33
34 dn: CN=krbtgt,CN=Users,${DOMAINDN}
35 objectClass: top
36 objectClass: person
37 objectClass: organizationalPerson
38 objectClass: user
39 cn: krbtgt
40 description: Key Distribution Center Service Account
41 showInAdvancedViewOnly: TRUE
42 userAccountControl: 514
43 objectSid: ${DOMAINSID}-502
44 adminCount: 1
45 accountExpires: 9223372036854775807
46 sAMAccountName: krbtgt
47 servicePrincipalName: kadmin/changepw
48 isCriticalSystemObject: TRUE
49 userPassword:: ${KRBTGTPASS_B64}
50
51 dn: CN=Domain Computers,CN=Users,${DOMAINDN}
52 objectClass: top
53 objectClass: group
54 cn: Domain Computers
55 description: All workstations and servers joined to the domain
56 objectSid: ${DOMAINSID}-515
57 sAMAccountName: Domain Computers
58 isCriticalSystemObject: TRUE
59
60 dn: CN=Domain Controllers,CN=Users,${DOMAINDN}
61 objectClass: top
62 objectClass: group
63 cn: Domain Controllers
64 description: All domain controllers in the domain
65 objectSid: ${DOMAINSID}-516
66 adminCount: 1
67 sAMAccountName: Domain Controllers
68 isCriticalSystemObject: TRUE
69
70 dn: CN=Schema Admins,CN=Users,${DOMAINDN}
71 objectClass: top
72 objectClass: group
73 cn: Schema Admins
74 description: Designated administrators of the schema
75 member: CN=Administrator,CN=Users,${DOMAINDN}
76 objectSid: ${DOMAINSID}-518
77 adminCount: 1
78 sAMAccountName: Schema Admins
79 isCriticalSystemObject: TRUE
80
81 dn: CN=Cert Publishers,CN=Users,${DOMAINDN}
82 objectClass: top
83 objectClass: group
84 cn: Cert Publishers
85 description: Members of this group are permitted to publish certificates to the Active Directory
86 groupType: -2147483644
87 objectSid: ${DOMAINSID}-517
88 sAMAccountName: Cert Publishers
89 isCriticalSystemObject: TRUE
90
91 dn: CN=Domain Admins,CN=Users,${DOMAINDN}
92 objectClass: top
93 objectClass: group
94 cn: Domain Admins
95 description: Designated administrators of the domain
96 member: CN=Administrator,CN=Users,${DOMAINDN}
97 objectSid: ${DOMAINSID}-512
98 adminCount: 1
99 sAMAccountName: Domain Admins
100 isCriticalSystemObject: TRUE
101
102 dn: CN=Domain Users,CN=Users,${DOMAINDN}
103 objectClass: top
104 objectClass: group
105 cn: Domain Users
106 description: All domain users
107 objectSid: ${DOMAINSID}-513
108 sAMAccountName: Domain Users
109 isCriticalSystemObject: TRUE
110
111 dn: CN=Domain Guests,CN=Users,${DOMAINDN}
112 objectClass: top
113 objectClass: group
114 cn: Domain Guests
115 description: All domain guests
116 objectSid: ${DOMAINSID}-514
117 sAMAccountName: Domain Guests
118 isCriticalSystemObject: TRUE
119
120 dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN}
121 objectClass: top
122 objectClass: group
123 cn: Group Policy Creator Owners
124 description: Members in this group can modify group policy for the domain
125 member: CN=Administrator,CN=Users,${DOMAINDN}
126 objectSid: ${DOMAINSID}-520
127 sAMAccountName: Group Policy Creator Owners
128 isCriticalSystemObject: TRUE
129
130 dn: CN=RAS and IAS Servers,CN=Users,${DOMAINDN}
131 objectClass: top
132 objectClass: group
133 cn: RAS and IAS Servers
134 description: Servers in this group can access remote access properties of users
135 objectSid: ${DOMAINSID}-553
136 sAMAccountName: RAS and IAS Servers
137 groupType: -2147483644
138 isCriticalSystemObject: TRUE
139
140 dn: CN=Administrators,CN=Builtin,${DOMAINDN}
141 objectClass: top
142 objectClass: group
143 cn: Administrators
144 description: Administrators have complete and unrestricted access to the computer/domain
145 member: CN=Domain Admins,CN=Users,${DOMAINDN}
146 member: CN=Enterprise Admins,CN=Users,${DOMAINDN}
147 member: CN=Administrator,CN=Users,${DOMAINDN}
148 objectSid: S-1-5-32-544
149 adminCount: 1
150 sAMAccountName: Administrators
151 systemFlags: 2348810240
152 groupType: -2147483643
153 isCriticalSystemObject: TRUE
154 privilege: SeSecurityPrivilege
155 privilege: SeBackupPrivilege
156 privilege: SeRestorePrivilege
157 privilege: SeSystemtimePrivilege
158 privilege: SeShutdownPrivilege
159 privilege: SeRemoteShutdownPrivilege
160 privilege: SeTakeOwnershipPrivilege
161 privilege: SeDebugPrivilege
162 privilege: SeSystemEnvironmentPrivilege
163 privilege: SeSystemProfilePrivilege
164 privilege: SeProfileSingleProcessPrivilege
165 privilege: SeIncreaseBasePriorityPrivilege
166 privilege: SeLoadDriverPrivilege
167 privilege: SeCreatePagefilePrivilege
168 privilege: SeIncreaseQuotaPrivilege
169 privilege: SeChangeNotifyPrivilege
170 privilege: SeUndockPrivilege
171 privilege: SeManageVolumePrivilege
172 privilege: SeImpersonatePrivilege
173 privilege: SeCreateGlobalPrivilege
174 privilege: SeEnableDelegationPrivilege
175 privilege: SeInteractiveLogonRight
176 privilege: SeNetworkLogonRight
177 privilege: SeRemoteInteractiveLogonRight
178
179 dn: CN=Users,CN=Builtin,${DOMAINDN}
180 objectClass: top
181 objectClass: group
182 cn: Users
183 description: Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications
184 member: CN=Domain Users,CN=Users,${DOMAINDN}
185 objectSid: S-1-5-32-545
186 sAMAccountName: Users
187 systemFlags: 2348810240
188 groupType: -2147483643
189 isCriticalSystemObject: TRUE
190
191 dn: CN=Guests,CN=Builtin,${DOMAINDN}
192 objectClass: top
193 objectClass: group
194 cn: Guests
195 description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
196 member: CN=Domain Guests,CN=Users,${DOMAINDN}
197 member: CN=Guest,CN=Users,${DOMAINDN}
198 objectSid: S-1-5-32-546
199 sAMAccountName: Guests
200 systemFlags: 2348810240
201 groupType: -2147483643
202 isCriticalSystemObject: TRUE
203
204 dn: CN=Print Operators,CN=Builtin,${DOMAINDN}
205 objectClass: top
206 objectClass: group
207 cn: Print Operators
208 description: Members can administer domain printers
209 objectSid: S-1-5-32-550
210 adminCount: 1
211 sAMAccountName: Print Operators
212 systemFlags: 2348810240
213 groupType: -2147483643
214 isCriticalSystemObject: TRUE
215 privilege: SeLoadDriverPrivilege
216 privilege: SeShutdownPrivilege
217 privilege: SeInteractiveLogonRight
218
219 dn: CN=Backup Operators,CN=Builtin,${DOMAINDN}
220 objectClass: top
221 objectClass: group
222 cn: Backup Operators
223 description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
224 objectSid: S-1-5-32-551
225 adminCount: 1
226 sAMAccountName: Backup Operators
227 systemFlags: 2348810240
228 groupType: -2147483643
229 isCriticalSystemObject: TRUE
230 privilege: SeBackupPrivilege
231 privilege: SeRestorePrivilege
232 privilege: SeShutdownPrivilege
233 privilege: SeInteractiveLogonRight
234
235 dn: CN=Replicator,CN=Builtin,${DOMAINDN}
236 objectClass: top
237 objectClass: group
238 cn: Replicator
239 description: Supports file replication in a domain
240 objectSid: S-1-5-32-552
241 adminCount: 1
242 sAMAccountName: Replicator
243 systemFlags: 2348810240
244 groupType: -2147483643
245 isCriticalSystemObject: TRUE
246
247 dn: CN=Remote Desktop Users,CN=Builtin,${DOMAINDN}
248 objectClass: top
249 objectClass: group
250 cn: Remote Desktop Users
251 description: Members in this group are granted the right to logon remotely
252 objectSid: S-1-5-32-555
253 sAMAccountName: Remote Desktop Users
254 systemFlags: 2348810240
255 groupType: -2147483643
256 isCriticalSystemObject: TRUE
257
258 dn: CN=Network Configuration Operators,CN=Builtin,${DOMAINDN}
259 objectClass: top
260 objectClass: group
261 cn: Network Configuration Operators
262 description: Members in this group can have some administrative privileges to manage configuration of networking features
263 objectSid: S-1-5-32-556
264 sAMAccountName: Network Configuration Operators
265 systemFlags: 2348810240
266 groupType: -2147483643
267 isCriticalSystemObject: TRUE
268
269 dn: CN=Performance Monitor Users,CN=Builtin,${DOMAINDN}
270 objectClass: top
271 objectClass: group
272 cn: Performance Monitor Users
273 description: Members of this group have remote access to monitor this computer
274 objectSid: S-1-5-32-558
275 sAMAccountName: Performance Monitor Users
276 systemFlags: 2348810240
277 groupType: -2147483643
278 isCriticalSystemObject: TRUE
279
280 dn: CN=Performance Log Users,CN=Builtin,${DOMAINDN}
281 objectClass: top
282 objectClass: group
283 cn: Performance Log Users
284 description: Members of this group have remote access to schedule logging of performance counters on this computer
285 objectSid: S-1-5-32-559
286 sAMAccountName: Performance Log Users
287 systemFlags: 2348810240
288 groupType: -2147483643
289 isCriticalSystemObject: TRUE
290
291 dn: CN=Server Operators,CN=Builtin,${DOMAINDN}
292 objectClass: top
293 objectClass: group
294 cn: Server Operators
295 description: Members can administer domain servers
296 objectSid: S-1-5-32-549
297 adminCount: 1
298 sAMAccountName: Server Operators
299 systemFlags: 2348810240
300 groupType: -2147483643
301 isCriticalSystemObject: TRUE
302 privilege: SeBackupPrivilege
303 privilege: SeSystemtimePrivilege
304 privilege: SeRemoteShutdownPrivilege
305 privilege: SeRestorePrivilege
306 privilege: SeShutdownPrivilege
307 privilege: SeInteractiveLogonRight
308
309 dn: CN=Account Operators,CN=Builtin,${DOMAINDN}
310 objectClass: top
311 objectClass: group
312 cn: Account Operators
313 description: Members can administer domain user and group accounts
314 objectSid: S-1-5-32-548
315 adminCount: 1
316 sAMAccountName: Account Operators
317 systemFlags: 2348810240
318 groupType: -2147483643
319 isCriticalSystemObject: TRUE
320 privilege: SeInteractiveLogonRight
321
322 dn: CN=Pre-Windows 2000 Compatible Access,CN=Builtin,${DOMAINDN}
323 objectClass: top
324 objectClass: group
325 cn: Pre-Windows 2000 Compatible Access
326 description: A backward compatibility group which allows read access on all users and groups in the domain
327 objectSid: S-1-5-32-554
328 sAMAccountName: Pre-Windows 2000 Compatible Access
329 systemFlags: 2348810240
330 groupType: -2147483643
331 isCriticalSystemObject: TRUE
332 privilege: SeRemoteInteractiveLogonRight
333 privilege: SeChangeNotifyPrivilege
334
335 dn: CN=Incoming Forest Trust Builders,CN=Builtin,${DOMAINDN}
336 objectClass: top
337 objectClass: group
338 cn: Incoming Forest Trust Builders
339 description: Members of this group can create incoming, one-way trusts to this forest
340 objectSid: S-1-5-32-557
341 sAMAccountName: Incoming Forest Trust Builders
342 systemFlags: 2348810240
343 groupType: -2147483643
344 isCriticalSystemObject: TRUE
345
346 dn: CN=Windows Authorization Access Group,CN=Builtin,${DOMAINDN}
347 objectClass: top
348 objectClass: group
349 cn: Windows Authorization Access Group
350 description: Members of this group have access to the computed tokenGroupsGlobalAndUniversal attribute on User objects
351 objectSid: S-1-5-32-560
352 sAMAccountName: Windows Authorization Access Group
353 systemFlags: 2348810240
354 groupType: -2147483643
355 isCriticalSystemObject: TRUE
356
357 dn: CN=Terminal Server License Servers,CN=Builtin,${DOMAINDN}
358 objectClass: top
359 objectClass: group
360 cn: Terminal Server License Servers
361 description: Terminal Server License Servers
362 objectSid: S-1-5-32-561
363 sAMAccountName: Terminal Server License Servers
364 systemFlags: 2348810240
365 groupType: -2147483643
366 isCriticalSystemObject: TRUE
367
368 dn: CN=Distributed COM Users,CN=Builtin,${DOMAINDN}
369 objectClass: top
370 objectClass: group
371 cn: Distributed COM Users
372 description: Members are allowed to launch, activate and use Distributed COM objects on this machine.
373 objectSid: S-1-5-32-562
374 sAMAccountName: Distributed COM Users
375 systemFlags: 2348810240
376 groupType: -2147483643
377 isCriticalSystemObject: TRUE
378
379 dn: CN=WellKnown Security Principals,${CONFIGDN}
380 objectClass: top
381 objectClass: container
382 cn: WellKnown Security Principals
383 systemFlags: 2147483648
384
385 dn: CN=Anonymous Logon,CN=WellKnown Security Principals,${CONFIGDN}
386 objectClass: top
387 objectClass: foreignSecurityPrincipal
388 cn: Anonymous Logon
389 objectSid: S-1-5-7
390
391 dn: CN=Authenticated Users,CN=WellKnown Security Principals,${CONFIGDN}
392 objectClass: top
393 objectClass: foreignSecurityPrincipal
394 cn: Authenticated Users
395 objectSid: S-1-5-11
396
397 dn: CN=Batch,CN=WellKnown Security Principals,${CONFIGDN}
398 objectClass: top
399 objectClass: foreignSecurityPrincipal
400 cn: Batch
401 objectSid: S-1-5-3
402
403 dn: CN=Creator Group,CN=WellKnown Security Principals,${CONFIGDN}
404 objectClass: top
405 objectClass: foreignSecurityPrincipal
406 cn: Creator Group
407 objectSid: S-1-3-1
408
409 dn: CN=Creator Owner,CN=WellKnown Security Principals,${CONFIGDN}
410 objectClass: top
411 objectClass: foreignSecurityPrincipal
412 cn: Creator Owner
413 objectSid: S-1-3-0
414
415 dn: CN=Dialup,CN=WellKnown Security Principals,${CONFIGDN}
416 objectClass: top
417 objectClass: foreignSecurityPrincipal
418 cn: Dialup
419 objectSid: S-1-5-1
420
421 dn: CN=Digest Authentication,CN=WellKnown Security Principals,${CONFIGDN}
422 objectClass: top
423 objectClass: foreignSecurityPrincipal
424 cn: Digest Authentication
425 objectSid: S-1-5-64-21
426
427 dn: CN=Enterprise Domain Controllers,CN=WellKnown Security Principals,${CONFIGDN}
428 objectClass: top
429 objectClass: foreignSecurityPrincipal
430 cn: Enterprise Domain Controllers
431 objectSid: S-1-5-9
432
433 dn: CN=Everyone,CN=WellKnown Security Principals,${CONFIGDN}
434 objectClass: top
435 objectClass: foreignSecurityPrincipal
436 cn: Everyone
437 objectSid: S-1-1-0
438
439 dn: CN=Interactive,CN=WellKnown Security Principals,${CONFIGDN}
440 objectClass: top
441 objectClass: foreignSecurityPrincipal
442 cn: Interactive
443 objectSid: S-1-5-4
444
445 dn: CN=Local Service,CN=WellKnown Security Principals,${CONFIGDN}
446 objectClass: top
447 objectClass: foreignSecurityPrincipal
448 cn: Local Service
449 objectSid: S-1-5-19
450
451 dn: CN=Network,CN=WellKnown Security Principals,${CONFIGDN}
452 objectClass: top
453 objectClass: foreignSecurityPrincipal
454 cn: Network
455 objectSid: S-1-5-2
456
457 dn: CN=Network Service,CN=WellKnown Security Principals,${CONFIGDN}
458 objectClass: top
459 objectClass: foreignSecurityPrincipal
460 cn: Network Service
461 objectSid: S-1-5-20
462
463 dn: CN=NTLM Authentication,CN=WellKnown Security Principals,${CONFIGDN}
464 objectClass: top
465 objectClass: foreignSecurityPrincipal
466 cn: NTLM Authentication
467 objectSid: S-1-5-64-10
468
469 dn: CN=Other Organization,CN=WellKnown Security Principals,${CONFIGDN}
470 objectClass: top
471 objectClass: foreignSecurityPrincipal
472 cn: Other Organization
473 objectSid: S-1-5-1000
474
475 dn: CN=Proxy,CN=WellKnown Security Principals,${CONFIGDN}
476 objectClass: top
477 objectClass: foreignSecurityPrincipal
478 cn: Proxy
479 objectSid: S-1-5-8
480
481 dn: CN=Remote Interactive Logon,CN=WellKnown Security Principals,${CONFIGDN}
482 objectClass: top
483 objectClass: foreignSecurityPrincipal
484 cn: Remote Interactive Logon
485 objectSid: S-1-5-14
486
487 dn: CN=Restricted,CN=WellKnown Security Principals,${CONFIGDN}
488 objectClass: top
489 objectClass: foreignSecurityPrincipal
490 cn: Restricted
491 objectSid: S-1-5-12
492
493 dn: CN=SChannel Authentication,CN=WellKnown Security Principals,${CONFIGDN}
494 objectClass: top
495 objectClass: foreignSecurityPrincipal
496 cn: SChannel Authentication
497 objectSid: S-1-5-64-14
498
499 dn: CN=Self,CN=WellKnown Security Principals,${CONFIGDN}
500 objectClass: top
501 objectClass: foreignSecurityPrincipal
502 cn: Self
503 objectSid: S-1-5-10
504
505 dn: CN=Service,CN=WellKnown Security Principals,${CONFIGDN}
506 objectClass: top
507 objectClass: foreignSecurityPrincipal
508 cn: Service
509 objectSid: S-1-5-6
510
511 dn: CN=Terminal Server User,CN=WellKnown Security Principals,${CONFIGDN}
512 objectClass: top
513 objectClass: foreignSecurityPrincipal
514 cn: Terminal Server User
515 objectSid: S-1-5-13
516
517 dn: CN=This Organization,CN=WellKnown Security Principals,${CONFIGDN}
518 objectClass: top
519 objectClass: foreignSecurityPrincipal
520 cn: This Organization
521 objectSid: S-1-5-15
522
523 dn: CN=Well-Known-Security-Id-System,CN=WellKnown Security Principals,${CONFIGDN}
524 objectClass: top
525 objectClass: foreignSecurityPrincipal
526 cn: Well-Known-Security-Id-System
527 objectSid: S-1-5-18
528
Samba GIT mirror