| 1 | ###############################
|
|---|
| 2 | # Domain Naming Context
|
|---|
| 3 | ###############################
|
|---|
| 4 | dn: ${DOMAINDN}
|
|---|
| 5 | changetype: modify
|
|---|
| 6 | -
|
|---|
| 7 | # This should be 0x0001, but the 0 byte is not allowed - therefore encoded
|
|---|
| 8 | replace: auditingPolicy
|
|---|
| 9 | auditingPolicy:: AAE=
|
|---|
| 10 | -
|
|---|
| 11 | replace: creationTime
|
|---|
| 12 | creationTime: ${CREATTIME}
|
|---|
| 13 | -
|
|---|
| 14 | # "dSCorePropagationDate" should contain the provision data
|
|---|
| 15 | replace: forceLogoff
|
|---|
| 16 | forceLogoff: -9223372036854775808
|
|---|
| 17 | -
|
|---|
| 18 | # "fSMORoleOwner" filled in later
|
|---|
| 19 | replace: gPLink
|
|---|
| 20 | gPLink: [LDAP://CN={${POLICYGUID}},CN=Policies,CN=System,${DOMAINDN};0]
|
|---|
| 21 | -
|
|---|
| 22 | replace: isCriticalSystemObject
|
|---|
| 23 | isCriticalSystemObject: TRUE
|
|---|
| 24 | -
|
|---|
| 25 | replace: lockoutDuration
|
|---|
| 26 | lockoutDuration: -18000000000
|
|---|
| 27 | -
|
|---|
| 28 | replace: lockOutObservationWindow
|
|---|
| 29 | lockOutObservationWindow: -18000000000
|
|---|
| 30 | -
|
|---|
| 31 | replace: lockoutThreshold
|
|---|
| 32 | lockoutThreshold: 0
|
|---|
| 33 | -
|
|---|
| 34 | # "masteredBy" filled in later
|
|---|
| 35 | replace: maxPwdAge
|
|---|
| 36 | maxPwdAge: -36288000000000
|
|---|
| 37 | -
|
|---|
| 38 | replace: minPwdAge
|
|---|
| 39 | minPwdAge: -864000000000
|
|---|
| 40 | -
|
|---|
| 41 | replace: minPwdLength
|
|---|
| 42 | minPwdLength: 7
|
|---|
| 43 | -
|
|---|
| 44 | replace: modifiedCount
|
|---|
| 45 | modifiedCount: 1
|
|---|
| 46 | -
|
|---|
| 47 | replace: modifiedCountAtLastProm
|
|---|
| 48 | modifiedCountAtLastProm: 0
|
|---|
| 49 | -
|
|---|
| 50 | replace: msDS-AllUsersTrustQuota
|
|---|
| 51 | msDS-AllUsersTrustQuota: 1000
|
|---|
| 52 | -
|
|---|
| 53 | replace: msDS-Behavior-Version
|
|---|
| 54 | msDS-Behavior-Version: ${DOMAIN_FUNCTIONALITY}
|
|---|
| 55 | -
|
|---|
| 56 | replace: ms-DS-MachineAccountQuota
|
|---|
| 57 | ms-DS-MachineAccountQuota: 10
|
|---|
| 58 | -
|
|---|
| 59 | # "msDs-masteredBy" filled in later
|
|---|
| 60 | replace: msDS-NcType
|
|---|
| 61 | msDS-NcType: 0
|
|---|
| 62 | -
|
|---|
| 63 | replace: msDS-PerUserTrustQuota
|
|---|
| 64 | msDS-PerUserTrustQuota: 1
|
|---|
| 65 | -
|
|---|
| 66 | replace: msDS-PerUserTrustTombstonesQuota
|
|---|
| 67 | msDS-PerUserTrustTombstonesQuota: 10
|
|---|
| 68 | -
|
|---|
| 69 | replace: nextRid
|
|---|
| 70 | nextRid: ${NEXTRID}
|
|---|
| 71 | -
|
|---|
| 72 | replace: nTMixedDomain
|
|---|
| 73 | nTMixedDomain: 0
|
|---|
| 74 | -
|
|---|
| 75 | # This does only exist in SAMBA
|
|---|
| 76 | replace: oEMInformation
|
|---|
| 77 | oEMInformation: Provisioned by SAMBA ${SAMBA_VERSION_STRING}
|
|---|
| 78 | -
|
|---|
| 79 | replace: pwdProperties
|
|---|
| 80 | pwdProperties: 1
|
|---|
| 81 | -
|
|---|
| 82 | replace: pwdHistoryLength
|
|---|
| 83 | pwdHistoryLength: 24
|
|---|
| 84 | -
|
|---|
| 85 | replace: rIDManagerReference
|
|---|
| 86 | rIDManagerReference: CN=RID Manager$,CN=System,${DOMAINDN}
|
|---|
| 87 | -
|
|---|
| 88 | replace: serverState
|
|---|
| 89 | serverState: 1
|
|---|
| 90 | -
|
|---|
| 91 | replace: subRefs
|
|---|
| 92 | subRefs: ${CONFIGDN}
|
|---|
| 93 | -
|
|---|
| 94 | replace: systemFlags
|
|---|
| 95 | systemFlags: -1946157056
|
|---|
| 96 | -
|
|---|
| 97 | replace: uASCompat
|
|---|
| 98 | uASCompat: 1
|
|---|
| 99 | -
|
|---|
| 100 |
|
|---|
