[cifs-protocol] What elements of the DIT are required for AD to operate?

Hongwei Sun hongweis at microsoft.com
Fri Jan 22 17:31:47 MST 2010 

Andrew,

   We complied the list based on the documentation and the product team spent quite some time to manually review and confirm it.  I attached the lists of the DNs we removed from clean initial LDIF dumps.  We also used them to review from the both ways (kept and removed).   

Thanks!

Hongwei
     

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Friday, January 22, 2010 6:15 PM
To: Hongwei Sun
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: What elements of the DIT are required for AD to operate?

On Thu, 2010-01-21 at 23:20 +0000, Hongwei Sun wrote:
> Andrew,
> 
>    I attached the file with the list  initially required DIT elements
> for Windows 2008R2 function level.   All the required DIT elements
> should be all documented in section 7 of MS-ADTS.  Therefore , we 
> manually reviewed the LDIF dump of a DC and compared with MS-ADTS to
> decide which elements should be kept.   Please review it and give us
> feedback.  

Thanks!  We look forward to testing this out.  

What I'm wondering is how did you verify that an element was not required - just that it isn't mentioned in the doc, or did you delete it from a running windows DC and try repetitive DCpromo (or something else)?

Do you have a list of the DN values that may be found in the normal provision of a Windows DC that are not required (ie, those you removed)?
If you have this, it would help our validation by being able to look at this from both directions.

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Domain-NC-Removed.txt
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20100123/e1470cfa/attachment-0002.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Configuration-NC-Remove.txt
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20100123/e1470cfa/attachment-0003.txt>

More information about the cifs-protocol mailing list