Patches for SAMBA 4
Matthias Dieter Wallnöfer
mwallnoefer at yahoo.de
Fri Jul 10 01:28:21 MDT 2009
Here the patches
-------------- next part --------------
>From 4f0de98974f4cfc0159746fe9ff497f478ce679f Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Matthias=20Dieter=20Walln=C3=B6fer?= <mwallnoefer at yahoo.de>
Date: Thu, 9 Jul 2009 22:59:07 +0200
Subject: [SAMBA 4 directory] Cleans up "provision.ldif"
Enhances and restructures "provision.ldif" according to Microsoft Windows Server
---
source4/setup/provision.ldif | 171 ++++++++++++++++++++++++++++++++----------
1 files changed, 131 insertions(+), 40 deletions(-)
diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif
index e5b20d0..8b4a06f 100644
--- a/source4/setup/provision.ldif
+++ b/source4/setup/provision.ldif
@@ -1,7 +1,28 @@
+dn: CN=Builtin,${DOMAINDN}
+objectClass: top
+objectClass: builtinDomain
+forceLogoff: -9223372036854775808
+lockoutDuration: -18000000000
+lockOutObservationWindow: -18000000000
+lockoutThreshold: 0
+maxPwdAge: -37108517437440
+minPwdAge: 0
+minPwdLength: 0
+modifiedCountAtLastProm: 0
+nextRid: 1000
+pwdProperties: 0
+pwdHistoryLength: 0
+objectSid: S-1-5-32
+serverState: 1
+uASCompat: 1
+modifiedCount: 1
+isCriticalSystemObject: TRUE
+showInAdvancedViewOnly: FALSE
+systemFlags: -1946157056
+
dn: OU=Domain Controllers,${DOMAINDN}
objectClass: top
objectClass: organizationalUnit
-cn: Domain Controllers
description: Default container for domain controllers
systemFlags: -1946157056
isCriticalSystemObject: TRUE
@@ -10,82 +31,152 @@ showInAdvancedViewOnly: FALSE
dn: CN=ForeignSecurityPrincipals,${DOMAINDN}
objectClass: top
objectClass: container
-cn: ForeignSecurityPrincipals
description: Default container for security identifiers (SIDs) associated with objects from external, trusted domains
systemFlags: -1946157056
isCriticalSystemObject: TRUE
showInAdvancedViewOnly: FALSE
+dn: CN=Infrastructure,${DOMAINDN}
+objectClass: top
+objectClass: infrastructureUpdate
+systemFlags: -1946157056
+isCriticalSystemObject: TRUE
+fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
+
+dn: CN=LostAndFound,${DOMAINDN}
+objectClass: top
+objectClass: lostAndFound
+description: Default container for orphaned objects
+systemFlags: -1946157056
+isCriticalSystemObject: TRUE
+showInAdvancedViewOnly: TRUE
+
+dn: CN=NTDS Quotas,${DOMAINDN}
+objectClass: top
+objectClass: msDS-QuotaContainer
+description: Quota specifications container
+msDS-TombstoneQuotaFactor: 100
+systemFlags: -1946157056
+isCriticalSystemObject: TRUE
+showInAdvancedViewOnly: TRUE
+
+dn: CN=Program Data,${DOMAINDN}
+objectClass: top
+objectClass: container
+description: Default location for storage of application data.
+showInAdvancedViewOnly: TRUE
+
+dn: CN=Microsoft,CN=Program Data,${DOMAINDN}
+objectClass: top
+objectClass: container
+description: Defualt location for storage of Microsoft application data.
+showInAdvancedViewOnly: TRUE
+
dn: CN=System,${DOMAINDN}
objectClass: top
objectClass: container
-cn: System
description: Builtin system settings
systemFlags: -1946157056
isCriticalSystemObject: TRUE
-dn: CN=RID Manager$,CN=System,${DOMAINDN}
-objectclass: top
-objectclass: rIDManager
-cn: RID Manager$
+dn: CN=AdminSDHolder,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
systemFlags: -1946157056
-isCriticalSystemObject: TRUE
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
-rIDAvailablePool: 4611686014132423217
+
+dn: CN=ComPartitions,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
+systemFlags: -1946157056
+
+dn: CN=ComPartitionSets,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
+systemFlags: -1946157056
+
+# "Default Domain policy" is located under provision_group_policy.ldif
+
+dn: CN=Dfs-Configuration,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: dfsConfiguration
+showInAdvancedViewOnly: FALSE
dn: CN=DomainUpdates,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
-cn: DomainUpdates
+
+dn: CN=Operations,CN=DomainUpdates,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
-cn: Windows2003Update
revision: 8
-dn: CN=Infrastructure,${DOMAINDN}
-objectclass: top
-objectclass: infrastructureUpdate
-cn: Infrastructure
+dn: CN=File Replication Service,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: applicationSettings
+objectClass: nTFRSSettings
systemFlags: -1946157056
-isCriticalSystemObject: TRUE
-fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
-dn: CN=Builtin,${DOMAINDN}
+dn: CN=FileLinks,CN=System,${DOMAINDN}
objectClass: top
-objectClass: builtinDomain
-cn: Builtin
-forceLogoff: -9223372036854775808
-lockoutDuration: -18000000000
-lockOutObservationWindow: -18000000000
-lockoutThreshold: 0
-maxPwdAge: -37108517437440
-minPwdAge: 0
-minPwdLength: 0
-modifiedCountAtLastProm: 0
-nextRid: 1000
-pwdProperties: 0
-pwdHistoryLength: 0
-objectSid: S-1-5-32
-serverState: 1
-uASCompat: 1
-modifiedCount: 1
-isCriticalSystemObject: TRUE
-showInAdvancedViewOnly: FALSE
+objectClass: fileLinkTracking
systemFlags: -1946157056
+dn: CN=ObjectMoveTable,CN=FileLinks,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: fileLinkTracking
+objectClass: linkTrackObjectMoveTable
+systemFlags: -1946157056
+
+dn: CN=VolumeTable,CN=FileLinks,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: fileLinkTracking
+objectClass: linkTrackVolumeTable
+systemFlags: -1946157056
+
+dn: CN=IP Security,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
+
+dn: CN=Meetings,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
+
dn: CN=Policies,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
systemFlags: -1946157056
-dn: CN=IP Security,CN=System,${DOMAINDN}
+dn: CN=RAS and IAS Servers Access Check,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
+systemFlags: -1946157056
-dn: CN=ComPartitionSets,CN=System,${DOMAINDN}
+dn: CN=RID Manager$,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: rIDManager
+systemFlags: -1946157056
+isCriticalSystemObject: TRUE
+fSMORoleOwner: CN=NTDS Settings,${SERVERDN}
+rIDAvailablePool: 4611686014132423217
+
+dn: CN=RpcServices,CN=System,${DOMAINDN}
objectClass: top
objectClass: container
+objectClass: rpcContainer
+systemFlags: -1946157056
+
+dn: CN=Server,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: securityObject
+objectClass: samServer
systemFlags: -1946157056
+revision: 65543
+
+dn: CN=WinsockServices,CN=System,${DOMAINDN}
+objectClass: top
+objectClass: container
--
1.5.4.5
-------------- next part --------------
>From 26bbfc0c1dfa6a7ddfbe17dc64ecece7da9394e4 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Matthias=20Dieter=20Walln=C3=B6fer?= <mwallnoefer at yahoo.de>
Date: Thu, 9 Jul 2009 23:00:05 +0200
Subject: [SAMBA 4 directory] Cleans up "schema_samba4.ldif"
Removes unused structures
---
source4/setup/schema_samba4.ldif | 179 +------------------------------------
1 files changed, 5 insertions(+), 174 deletions(-)
diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif
index c11e65e..8024dd7 100644
--- a/source4/setup/schema_samba4.ldif
+++ b/source4/setup/schema_samba4.ldif
@@ -1,125 +1,10 @@
#
# Schema elements which do not exist in AD, but which we use in Samba4
#
-## Samba4 OID allocation from Samba3's examples/LDAP/samba.schema
-## 1.3.6.1.4.1.7165.4.1.x - attributetypes
-
-## 1.3.6.1.4.1.7165.4.2.x - objectclasses
-
-## 1.3.6.1.4.1.7165.4.3.x - LDB/LDAP Controls
-### see dsdb/samdb/samdb.h
-
-## 1.3.6.1.4.1.7165.4.4.x - LDB/LDAP Extended Operations
-### see dsdb/samdb/samdb.h
-
-## 1.3.6.1.4.1.7165.4.255.x - mapped OIDs due to conflicts between AD and standards-track
-#
-#
-
-
-#
-# Not used anymore
-#
-#dn: cn=ntpwdHash,${SCHEMADN}
-#cn: ntpwdHash
-#name: NTPWDHash
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: ntpwdhash
-#isSingleValued: TRUE
-#systemFlags: 17
-#systemOnly: TRUE
-#schemaIDGUID: E961130F-5084-458C-9E9C-DEC16DA08592
-#adminDisplayName: NT-PWD-Hash
-#attributeID: 1.3.6.1.4.1.7165.4.1.1
-#attributeSyntax: 2.5.5.10
-#oMSyntax: 4
#
-# Not used anymore
+# Attribute used to save privileges
#
-#dn: cn=lmpwdHash,${SCHEMADN}
-#cn: lmpwdHash
-#name: lmpwdHash
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: lmpwdhash
-#isSingleValued: TRUE
-#systemFlags: 17
-#systemOnly: TRUE
-#schemaIDGUID: CBD0D18C-9C54-4A77-87C4-5CEEAF781253
-#adminDisplayName: LM-PWD-Hash
-#attributeID: 1.3.6.1.4.1.7165.4.1.2
-#attributeSyntax: 2.5.5.10
-#oMSyntax: 4
-
-#
-# Not used anymore
-#
-#dn: cn=sambaNtPwdHistory,${SCHEMADN}
-#cn: sambaNtPwdHistory
-#name: sambaNtPwdHistory
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: sambaNtPwdHistory
-#isSingleValued: TRUE
-#systemFlags: 17
-#systemOnly: TRUE
-#schemaIDGUID: 8CCD7658-C574-4435-A38C-99572E349E6B
-#adminDisplayName: SAMBA-NT-PWD-History
-#attributeID: 1.3.6.1.4.1.7165.4.1.3
-#attributeSyntax: 2.5.5.10
-#oMSyntax: 4
-
-#
-# Not used anymore
-#
-#dn: cn=sambaLmPwdHistory,${SCHEMADN}
-#cn: sambaLmPwdHistory
-#name: sambaLmPwdHistory
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: sambaLmPwdHistory
-#isSingleValued: FALSE
-#systemFlags: 17
-#systemOnly: TRUE
-#schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4
-#adminDisplayName: SAMBA-LM-PWDHistory
-#attributeID: 1.3.6.1.4.1.7165.4.1.4
-#attributeSyntax: 2.5.5.10
-#oMSyntax: 4
-
-#
-# Not used anymore
-#
-#dn: CN=sambaPassword,${SCHEMADN}
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: sambaPassword
-#isSingleValued: FALSE
-#systemFlags: 17
-#systemOnly: TRUE
-#schemaIDGUID: 87F10301-229A-4E69-B63A-998339ADA37A
-#adminDisplayName: SAMBA-Password
-#attributeID: 1.3.6.1.4.1.7165.4.1.5
-#attributeSyntax: 2.5.5.5
-#oMSyntax: 22
-
-#
-# Not used anymore
-#
-#dn: cn=dnsDomain,${SCHEMADN}
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: dnsDomain
-#isSingleValued: FALSE
-#systemFlags: 17
-#systemOnly: TRUE
-#schemaIDGUID: A40165E6-5E45-44A7-A8FA-186C94333018
-#adminDisplayName: DNS-Domain
-#attributeID: 1.3.6.1.4.1.7165.4.1.6
-#attributeSyntax: 2.5.5.4
-#oMSyntax: 20
dn: cn=privilege,${SCHEMADN}
objectClass: top
@@ -135,66 +20,10 @@ attributeSyntax: 2.5.5.4
oMSyntax: 20
#
-# Not used anymore
+# Fedora DS uses this attribute on access controls and we need to set it via
+# our module stack
#
-#dn: CN=unixName,${SCHEMADN}
-#cn: unixName
-#name: unixName
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: unixName
-#isSingleValued: TRUE
-#systemFlags: 16
-#systemOnly: FALSE
-#schemaIDGUID: bf9679f2-0de6-11d0-a285-00aa003049e2
-#adminDisplayName: Unix-Name
-#attributeID: 1.3.6.1.4.1.7165.4.1.9
-#attributeSyntax: 2.5.5.4
-#oMSyntax: 20
-
-#
-# Not used anymore
-#
-#dn: cn=krb5Key,${SCHEMADN}
-#cn: krb5Key
-#name: krb5Key
-#objectClass: top
-#objectClass: attributeSchema
-#lDAPDisplayName: krb5Key
-#isSingleValued: FALSE
-#systemFlags: 17
-#systemOnly: TRUE
-#schemaIDGUID: 0EAFE3DD-0F53-495E-8A34-97BB28AF17A4
-#adminDisplayName: krb5-Key
-#attributeID: 1.3.6.1.4.1.5322.10.1.10
-#attributeSyntax: 2.5.5.10
-#oMSyntax: 4
-
-#Allocated: (not used anymore) DSDB_CONTROL_REPLICATED_OBJECT_OID 1.3.6.1.4.1.7165.4.3.1
-
-#Allocated: DSDB_CONTROL_CURRENT_PARTITION_OID 1.3.6.1.4.1.7165.4.3.2
-#Allocated: DSDB_CONTROL_REPLICATED_UPDATE_OID 1.3.6.1.4.1.7165.4.3.3
-
-#Allocated: DSDB_EXTENDED_REPLICATED_OBJECTS_OID 1.3.6.1.4.1.7165.4.4.1
-#Allocated: DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID 1.3.6.1.4.1.7165.4.4.2
-#Allocated: LDB_EXTENDED_SEQUENCE_NUMBER 1.3.6.1.4.1.7165.4.4.3
-
-#Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1
-
-#Allocated: (defaultGroup) attributeID: 1.3.6.1.4.1.7165.4.255.2
-
-#Allocated: (modifyTimestamp) samba4ModifyTimestamp: 1.3.6.1.4.1.7165.4.255.3
-#Allocated: (subSchema) samba4SubSchema: 1.3.6.1.4.1.7165.4.255.4
-#Allocated: (objectClasses) samba4ObjectClasses: 1.3.6.1.4.1.7165.4.255.5
-#Allocated: (ditContentRules) samba4DitContentRules: 1.3.6.1.4.1.7165.4.255.6
-#Allocated: (attributeTypes) samba4AttributeTypes: 1.3.6.1.4.1.7165.4.255.7
-#Allocated: (dynamicObject) samba4DynamicObject: 1.3.6.1.4.1.7165.4.255.8
-#Allocated: (entryTTL) samba4EntryTTL: 1.3.6.1.4.1.7165.4.255.9
-
-#
-# Fedora DS uses this attribute, and we need to set it via our module stack
-#
dn: CN=aci,${SCHEMADN}
cn: aci
name: aci
@@ -211,6 +40,8 @@ attributeSyntax: 2.5.5.4
oMSyntax: 20
#
+# Classes used when SAMBA 4 isn't running in domain controller mode
+#
# Based on domainDNS, but without the DNS bits.
#
--
1.5.4.5
More information about the samba-technical
mailing list