search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3 net: i18n support for net cache
[Samba.git] / source4 / setup / provision_users.ldif
blob47240a9d0789da75e8c8603a8690ba0ad47f25bb
1 dn: CN=Administrator,CN=Users,${DOMAINDN}
2 objectClass: user
3 cn: Administrator
4 description: Built-in account for administering the computer/domain
5 userAccountControl: 66048
6 objectSid: ${DOMAINSID}-500
7 adminCount: 1
8 accountExpires: 9223372036854775807
9 sAMAccountName: Administrator
10 userPassword:: ${ADMINPASS_B64}
11 isCriticalSystemObject: TRUE
12
13 dn: CN=Guest,CN=Users,${DOMAINDN}
14 objectClass: user
15 cn: Guest
16 description: Built-in account for guest access to the computer/domain
17 userAccountControl: 66082
18 primaryGroupID: 514
19 objectSid: ${DOMAINSID}-501
20 sAMAccountName: Guest
21 isCriticalSystemObject: TRUE
22
23 dn: CN=Enterprise Admins,CN=Users,${DOMAINDN}
24 objectClass: top
25 objectClass: group
26 cn: Enterprise Admins
27 description: Designated administrators of the enterprise
28 member: CN=Administrator,CN=Users,${DOMAINDN}
29 objectSid: ${DOMAINSID}-519
30 adminCount: 1
31 sAMAccountName: Enterprise Admins
32 isCriticalSystemObject: TRUE
33
34 dn: CN=krbtgt,CN=Users,${DOMAINDN}
35 objectClass: top
36 objectClass: person
37 objectClass: organizationalPerson
38 objectClass: user
39 cn: krbtgt
40 description: Key Distribution Center Service Account
41 showInAdvancedViewOnly: TRUE
42 userAccountControl: 514
43 objectSid: ${DOMAINSID}-502
44 adminCount: 1
45 accountExpires: 9223372036854775807
46 sAMAccountName: krbtgt
47 servicePrincipalName: kadmin/changepw
48 userPassword:: ${KRBTGTPASS_B64}
49 isCriticalSystemObject: TRUE
50
51 dn: CN=Domain Computers,CN=Users,${DOMAINDN}
52 objectClass: top
53 objectClass: group
54 cn: Domain Computers
55 description: All workstations and servers joined to the domain
56 objectSid: ${DOMAINSID}-515
57 sAMAccountName: Domain Computers
58 isCriticalSystemObject: TRUE
59
60 dn: CN=Domain Controllers,CN=Users,${DOMAINDN}
61 objectClass: top
62 objectClass: group
63 cn: Domain Controllers
64 description: All domain controllers in the domain
65 objectSid: ${DOMAINSID}-516
66 adminCount: 1
67 sAMAccountName: Domain Controllers
68 isCriticalSystemObject: TRUE
69
70 dn: CN=Schema Admins,CN=Users,${DOMAINDN}
71 objectClass: top
72 objectClass: group
73 cn: Schema Admins
74 description: Designated administrators of the schema
75 member: CN=Administrator,CN=Users,${DOMAINDN}
76 objectSid: ${DOMAINSID}-518
77 adminCount: 1
78 sAMAccountName: Schema Admins
79 isCriticalSystemObject: TRUE
80
81 dn: CN=Cert Publishers,CN=Users,${DOMAINDN}
82 objectClass: top
83 objectClass: group
84 cn: Cert Publishers
85 description: Members of this group are permitted to publish certificates to the Active Directory
86 groupType: -2147483644
87 objectSid: ${DOMAINSID}-517
88 sAMAccountName: Cert Publishers
89 isCriticalSystemObject: TRUE
90
91 dn: CN=Domain Admins,CN=Users,${DOMAINDN}
92 objectClass: top
93 objectClass: group
94 cn: Domain Admins
95 description: Designated administrators of the domain
96 member: CN=Administrator,CN=Users,${DOMAINDN}
97 objectSid: ${DOMAINSID}-512
98 adminCount: 1
99 sAMAccountName: Domain Admins
100 isCriticalSystemObject: TRUE
101
102 dn: CN=Domain Users,CN=Users,${DOMAINDN}
103 objectClass: top
104 objectClass: group
105 cn: Domain Users
106 description: All domain users
107 objectSid: ${DOMAINSID}-513
108 sAMAccountName: Domain Users
109 isCriticalSystemObject: TRUE
110
111 dn: CN=Domain Guests,CN=Users,${DOMAINDN}
112 objectClass: top
113 objectClass: group
114 cn: Domain Guests
115 description: All domain guests
116 objectSid: ${DOMAINSID}-514
117 sAMAccountName: Domain Guests
118 isCriticalSystemObject: TRUE
119
120 dn: CN=Group Policy Creator Owners,CN=Users,${DOMAINDN}
121 objectClass: top
122 objectClass: group
123 cn: Group Policy Creator Owners
124 description: Members in this group can modify group policy for the domain
125 member: CN=Administrator,CN=Users,${DOMAINDN}
126 objectSid: ${DOMAINSID}-520
127 sAMAccountName: Group Policy Creator Owners
128 isCriticalSystemObject: TRUE
129
130 dn: CN=RAS and IAS Servers,CN=Users,${DOMAINDN}
131 objectClass: top
132 objectClass: group
133 cn: RAS and IAS Servers
134 description: Servers in this group can access remote access properties of users
135 objectSid: ${DOMAINSID}-553
136 sAMAccountName: RAS and IAS Servers
137 groupType: -2147483644
138 isCriticalSystemObject: TRUE
139
140 dn: CN=Read-Only Domain Controllers,CN=Users,${DOMAINDN}
141 objectClass: top
142 objectClass: group
143 cn: Read-Only Domain Controllers
144 description: read-only domain controllers
145 objectSid: ${DOMAINSID}-521
146 sAMAccountName: Read-Only Domain Controllers
147 groupType: -2147483644
148 isCriticalSystemObject: TRUE
149
150 dn: CN=Enterprise Read-Only Domain Controllers,CN=Users,${DOMAINDN}
151 objectClass: top
152 objectClass: group
153 cn: Enterprise Read-Only Domain Controllers
154 description: enterprise read-only domain controllers
155 objectSid: ${DOMAINSID}-498
156 sAMAccountName: Enterprise Read-Only Domain Controllers
157 groupType: -2147483644
158 isCriticalSystemObject: TRUE
159
160 dn: CN=Certificate Service DCOM Access,CN=Users,${DOMAINDN}
161 objectClass: top
162 objectClass: group
163 cn: Certificate Service DCOM Access
164 description: Certificate Service DCOM Access
165 objectSid: ${DOMAINSID}-574
166 sAMAccountName: Certificate Service DCOM Access
167 groupType: -2147483644
168 isCriticalSystemObject: TRUE
169
170 dn: CN=Cryptographic Operators,CN=Users,${DOMAINDN}
171 objectClass: top
172 objectClass: group
173 cn: Cryptographic Operators
174 description: Cryptographic Operators
175 objectSid: ${DOMAINSID}-569
176 sAMAccountName: Cryptographic Operators
177 groupType: -2147483644
178 isCriticalSystemObject: TRUE
179
180 dn: CN=Event Log Readers,CN=Users,${DOMAINDN}
181 objectClass: top
182 objectClass: group
183 cn: Event Log Readers
184 description: Event Log Readers
185 objectSid: ${DOMAINSID}-573
186 sAMAccountName: Event Log Readers
187 groupType: -2147483644
188 isCriticalSystemObject: TRUE
189
190 dn: CN=Administrators,CN=Builtin,${DOMAINDN}
191 objectClass: top
192 objectClass: group
193 cn: Administrators
194 description: Administrators have complete and unrestricted access to the computer/domain
195 member: CN=Domain Admins,CN=Users,${DOMAINDN}
196 member: CN=Enterprise Admins,CN=Users,${DOMAINDN}
197 member: CN=Administrator,CN=Users,${DOMAINDN}
198 objectSid: S-1-5-32-544
199 adminCount: 1
200 sAMAccountName: Administrators
201 systemFlags: -1946157056
202 groupType: -2147483643
203 privilege: SeSecurityPrivilege
204 privilege: SeBackupPrivilege
205 privilege: SeRestorePrivilege
206 privilege: SeSystemtimePrivilege
207 privilege: SeShutdownPrivilege
208 privilege: SeRemoteShutdownPrivilege
209 privilege: SeTakeOwnershipPrivilege
210 privilege: SeDebugPrivilege
211 privilege: SeSystemEnvironmentPrivilege
212 privilege: SeSystemProfilePrivilege
213 privilege: SeProfileSingleProcessPrivilege
214 privilege: SeIncreaseBasePriorityPrivilege
215 privilege: SeLoadDriverPrivilege
216 privilege: SeCreatePagefilePrivilege
217 privilege: SeIncreaseQuotaPrivilege
218 privilege: SeChangeNotifyPrivilege
219 privilege: SeUndockPrivilege
220 privilege: SeManageVolumePrivilege
221 privilege: SeImpersonatePrivilege
222 privilege: SeCreateGlobalPrivilege
223 privilege: SeEnableDelegationPrivilege
224 privilege: SeInteractiveLogonRight
225 privilege: SeNetworkLogonRight
226 privilege: SeRemoteInteractiveLogonRight
227 isCriticalSystemObject: TRUE
228
229 dn: CN=Users,CN=Builtin,${DOMAINDN}
230 objectClass: top
231 objectClass: group
232 cn: Users
233 description: Users are prevented from making accidental or intentional system-wide changes. Thus, Users can run certified applications, but not most legacy applications
234 member: CN=Domain Users,CN=Users,${DOMAINDN}
235 objectSid: S-1-5-32-545
236 sAMAccountName: Users
237 systemFlags: -1946157056
238 groupType: -2147483643
239 isCriticalSystemObject: TRUE
240
241 dn: CN=Guests,CN=Builtin,${DOMAINDN}
242 objectClass: top
243 objectClass: group
244 cn: Guests
245 description: Guests have the same access as members of the Users group by default, except for the Guest account which is further restricted
246 member: CN=Domain Guests,CN=Users,${DOMAINDN}
247 member: CN=Guest,CN=Users,${DOMAINDN}
248 objectSid: S-1-5-32-546
249 sAMAccountName: Guests
250 systemFlags: -1946157056
251 groupType: -2147483643
252 isCriticalSystemObject: TRUE
253
254 dn: CN=Print Operators,CN=Builtin,${DOMAINDN}
255 objectClass: top
256 objectClass: group
257 cn: Print Operators
258 description: Members can administer domain printers
259 objectSid: S-1-5-32-550
260 adminCount: 1
261 sAMAccountName: Print Operators
262 systemFlags: -1946157056
263 groupType: -2147483643
264 privilege: SeLoadDriverPrivilege
265 privilege: SeShutdownPrivilege
266 privilege: SeInteractiveLogonRight
267 isCriticalSystemObject: TRUE
268
269 dn: CN=Backup Operators,CN=Builtin,${DOMAINDN}
270 objectClass: top
271 objectClass: group
272 cn: Backup Operators
273 description: Backup Operators can override security restrictions for the sole purpose of backing up or restoring files
274 objectSid: S-1-5-32-551
275 adminCount: 1
276 sAMAccountName: Backup Operators
277 systemFlags: -1946157056
278 groupType: -2147483643
279 privilege: SeBackupPrivilege
280 privilege: SeRestorePrivilege
281 privilege: SeShutdownPrivilege
282 privilege: SeInteractiveLogonRight
283 isCriticalSystemObject: TRUE
284
285 dn: CN=Replicator,CN=Builtin,${DOMAINDN}
286 objectClass: top
287 objectClass: group
288 cn: Replicator
289 description: Supports file replication in a domain
290 objectSid: S-1-5-32-552
291 adminCount: 1
292 sAMAccountName: Replicator
293 systemFlags: -1946157056
294 groupType: -2147483643
295 isCriticalSystemObject: TRUE
296
297 dn: CN=Remote Desktop Users,CN=Builtin,${DOMAINDN}
298 objectClass: top
299 objectClass: group
300 cn: Remote Desktop Users
301 description: Members in this group are granted the right to logon remotely
302 objectSid: S-1-5-32-555
303 sAMAccountName: Remote Desktop Users
304 systemFlags: -1946157056
305 groupType: -2147483643
306 isCriticalSystemObject: TRUE
307
308 dn: CN=Network Configuration Operators,CN=Builtin,${DOMAINDN}
309 objectClass: top
310 objectClass: group
311 cn: Network Configuration Operators
312 description: Members in this group can have some administrative privileges to manage configuration of networking features
313 objectSid: S-1-5-32-556
314 sAMAccountName: Network Configuration Operators
315 systemFlags: -1946157056
316 groupType: -2147483643
317 isCriticalSystemObject: TRUE
318
319 dn: CN=Performance Monitor Users,CN=Builtin,${DOMAINDN}
320 objectClass: top
321 objectClass: group
322 cn: Performance Monitor Users
323 description: Members of this group have remote access to monitor this computer
324 objectSid: S-1-5-32-558
325 sAMAccountName: Performance Monitor Users
326 systemFlags: -1946157056
327 groupType: -2147483643
328 isCriticalSystemObject: TRUE
329
330 dn: CN=Performance Log Users,CN=Builtin,${DOMAINDN}
331 objectClass: top
332 objectClass: group
333 cn: Performance Log Users
334 description: Members of this group have remote access to schedule logging of performance counters on this computer
335 objectSid: S-1-5-32-559
336 sAMAccountName: Performance Log Users
337 systemFlags: -1946157056
338 groupType: -2147483643
339 isCriticalSystemObject: TRUE
340
341 dn: CN=Server Operators,CN=Builtin,${DOMAINDN}
342 objectClass: top
343 objectClass: group
344 cn: Server Operators
345 description: Members can administer domain servers
346 objectSid: S-1-5-32-549
347 adminCount: 1
348 sAMAccountName: Server Operators
349 systemFlags: -1946157056
350 groupType: -2147483643
351 privilege: SeBackupPrivilege
352 privilege: SeSystemtimePrivilege
353 privilege: SeRemoteShutdownPrivilege
354 privilege: SeRestorePrivilege
355 privilege: SeShutdownPrivilege
356 privilege: SeInteractiveLogonRight
357 isCriticalSystemObject: TRUE
358
359 dn: CN=Account Operators,CN=Builtin,${DOMAINDN}
360 objectClass: top
361 objectClass: group
362 cn: Account Operators
363 description: Members can administer domain user and group accounts
364 objectSid: S-1-5-32-548
365 adminCount: 1
366 sAMAccountName: Account Operators
367 systemFlags: -1946157056
368 groupType: -2147483643
369 privilege: SeInteractiveLogonRight
370 isCriticalSystemObject: TRUE
371
372 dn: CN=Pre-Windows 2000 Compatible Access,CN=Builtin,${DOMAINDN}
373 objectClass: top
374 objectClass: group
375 cn: Pre-Windows 2000 Compatible Access
376 description: A backward compatibility group which allows read access on all users and groups in the domain
377 objectSid: S-1-5-32-554
378 sAMAccountName: Pre-Windows 2000 Compatible Access
379 systemFlags: -1946157056
380 groupType: -2147483643
381 privilege: SeRemoteInteractiveLogonRight
382 privilege: SeChangeNotifyPrivilege
383 isCriticalSystemObject: TRUE
384
385 dn: CN=Incoming Forest Trust Builders,CN=Builtin,${DOMAINDN}
386 objectClass: top
387 objectClass: group
388 cn: Incoming Forest Trust Builders
389 description: Members of this group can create incoming, one-way trusts to this forest
390 objectSid: S-1-5-32-557
391 sAMAccountName: Incoming Forest Trust Builders
392 systemFlags: -1946157056
393 groupType: -2147483643
394 isCriticalSystemObject: TRUE
395
396 dn: CN=Windows Authorization Access Group,CN=Builtin,${DOMAINDN}
397 objectClass: top
398 objectClass: group
399 cn: Windows Authorization Access Group
400 description: Members of this group have access to the computed tokenGroupsGlobalAndUniversal attribute on User objects
401 objectSid: S-1-5-32-560
402 sAMAccountName: Windows Authorization Access Group
403 systemFlags: -1946157056
404 groupType: -2147483643
405 isCriticalSystemObject: TRUE
406
407 dn: CN=Terminal Server License Servers,CN=Builtin,${DOMAINDN}
408 objectClass: top
409 objectClass: group
410 cn: Terminal Server License Servers
411 description: Terminal Server License Servers
412 objectSid: S-1-5-32-561
413 sAMAccountName: Terminal Server License Servers
414 systemFlags: -1946157056
415 groupType: -2147483643
416 isCriticalSystemObject: TRUE
417
418 dn: CN=Distributed COM Users,CN=Builtin,${DOMAINDN}
419 objectClass: top
420 objectClass: group
421 cn: Distributed COM Users
422 description: Members are allowed to launch, activate and use Distributed COM objects on this machine.
423 objectSid: S-1-5-32-562
424 sAMAccountName: Distributed COM Users
425 systemFlags: -1946157056
426 groupType: -2147483643
427 isCriticalSystemObject: TRUE
428
429 dn: CN=WellKnown Security Principals,${CONFIGDN}
430 objectClass: top
431 objectClass: container
432 cn: WellKnown Security Principals
433 systemFlags: -2147483648
434
435 dn: CN=Anonymous Logon,CN=WellKnown Security Principals,${CONFIGDN}
436 objectClass: top
437 objectClass: foreignSecurityPrincipal
438 cn: Anonymous Logon
439 objectSid: S-1-5-7
440
441 dn: CN=Authenticated Users,CN=WellKnown Security Principals,${CONFIGDN}
442 objectClass: top
443 objectClass: foreignSecurityPrincipal
444 cn: Authenticated Users
445 objectSid: S-1-5-11
446
447 dn: CN=Batch,CN=WellKnown Security Principals,${CONFIGDN}
448 objectClass: top
449 objectClass: foreignSecurityPrincipal
450 cn: Batch
451 objectSid: S-1-5-3
452
453 dn: CN=Creator Group,CN=WellKnown Security Principals,${CONFIGDN}
454 objectClass: top
455 objectClass: foreignSecurityPrincipal
456 cn: Creator Group
457 objectSid: S-1-3-1
458
459 dn: CN=Creator Owner,CN=WellKnown Security Principals,${CONFIGDN}
460 objectClass: top
461 objectClass: foreignSecurityPrincipal
462 cn: Creator Owner
463 objectSid: S-1-3-0
464
465 dn: CN=Dialup,CN=WellKnown Security Principals,${CONFIGDN}
466 objectClass: top
467 objectClass: foreignSecurityPrincipal
468 cn: Dialup
469 objectSid: S-1-5-1
470
471 dn: CN=Digest Authentication,CN=WellKnown Security Principals,${CONFIGDN}
472 objectClass: top
473 objectClass: foreignSecurityPrincipal
474 cn: Digest Authentication
475 objectSid: S-1-5-64-21
476
477 dn: CN=Enterprise Domain Controllers,CN=WellKnown Security Principals,${CONFIGDN}
478 objectClass: top
479 objectClass: foreignSecurityPrincipal
480 cn: Enterprise Domain Controllers
481 objectSid: S-1-5-9
482
483 dn: CN=Everyone,CN=WellKnown Security Principals,${CONFIGDN}
484 objectClass: top
485 objectClass: foreignSecurityPrincipal
486 cn: Everyone
487 objectSid: S-1-1-0
488
489 dn: CN=Interactive,CN=WellKnown Security Principals,${CONFIGDN}
490 objectClass: top
491 objectClass: foreignSecurityPrincipal
492 cn: Interactive
493 objectSid: S-1-5-4
494
495 dn: CN=Local Service,CN=WellKnown Security Principals,${CONFIGDN}
496 objectClass: top
497 objectClass: foreignSecurityPrincipal
498 cn: Local Service
499 objectSid: S-1-5-19
500
501 dn: CN=Network,CN=WellKnown Security Principals,${CONFIGDN}
502 objectClass: top
503 objectClass: foreignSecurityPrincipal
504 cn: Network
505 objectSid: S-1-5-2
506
507 dn: CN=Network Service,CN=WellKnown Security Principals,${CONFIGDN}
508 objectClass: top
509 objectClass: foreignSecurityPrincipal
510 cn: Network Service
511 objectSid: S-1-5-20
512
513 dn: CN=NTLM Authentication,CN=WellKnown Security Principals,${CONFIGDN}
514 objectClass: top
515 objectClass: foreignSecurityPrincipal
516 cn: NTLM Authentication
517 objectSid: S-1-5-64-10
518
519 dn: CN=Other Organization,CN=WellKnown Security Principals,${CONFIGDN}
520 objectClass: top
521 objectClass: foreignSecurityPrincipal
522 cn: Other Organization
523 objectSid: S-1-5-1000
524
525 dn: CN=Proxy,CN=WellKnown Security Principals,${CONFIGDN}
526 objectClass: top
527 objectClass: foreignSecurityPrincipal
528 cn: Proxy
529 objectSid: S-1-5-8
530
531 dn: CN=Remote Interactive Logon,CN=WellKnown Security Principals,${CONFIGDN}
532 objectClass: top
533 objectClass: foreignSecurityPrincipal
534 cn: Remote Interactive Logon
535 objectSid: S-1-5-14
536
537 dn: CN=Restricted,CN=WellKnown Security Principals,${CONFIGDN}
538 objectClass: top
539 objectClass: foreignSecurityPrincipal
540 cn: Restricted
541 objectSid: S-1-5-12
542
543 dn: CN=SChannel Authentication,CN=WellKnown Security Principals,${CONFIGDN}
544 objectClass: top
545 objectClass: foreignSecurityPrincipal
546 cn: SChannel Authentication
547 objectSid: S-1-5-64-14
548
549 dn: CN=Self,CN=WellKnown Security Principals,${CONFIGDN}
550 objectClass: top
551 objectClass: foreignSecurityPrincipal
552 cn: Self
553 objectSid: S-1-5-10
554
555 dn: CN=Service,CN=WellKnown Security Principals,${CONFIGDN}
556 objectClass: top
557 objectClass: foreignSecurityPrincipal
558 cn: Service
559 objectSid: S-1-5-6
560
561 dn: CN=Terminal Server User,CN=WellKnown Security Principals,${CONFIGDN}
562 objectClass: top
563 objectClass: foreignSecurityPrincipal
564 cn: Terminal Server User
565 objectSid: S-1-5-13
566
567 dn: CN=This Organization,CN=WellKnown Security Principals,${CONFIGDN}
568 objectClass: top
569 objectClass: foreignSecurityPrincipal
570 cn: This Organization
571 objectSid: S-1-5-15
572
573 dn: CN=Well-Known-Security-Id-System,CN=WellKnown Security Principals,${CONFIGDN}
574 objectClass: top
575 objectClass: foreignSecurityPrincipal
576 cn: Well-Known-Security-Id-System
577 objectSid: S-1-5-18
578
Samba GIT mirror