# attributes dn: CN=uid,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=audio,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=photo,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=jpegPhoto,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=userPKCS12,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=carLicense,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=roomNumber,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=uniqueMember,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=departmentNumber,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=unstructuredName,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=preferredLanguage,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=x500uniqueIdentifier,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=unstructuredAddress,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=attributeCertificateAttribute,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=DNS-Host-Name,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: attributeSecurityGuid attributeSecurityGuid:: R5Xjchh70RGt7wDAT9jVzQ== - dn: CN=ms-DS-Additional-Dns-host-name,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: attributeSecurityGuid attributeSecurityGuid:: R5Xjchh70RGt7wDAT9jVzQ== - dn: CN=MS-DS-Per-User-Trust-Quota,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-PerUserTrustQuota adminDisplayName: MS-DS-Per-User-Trust-Quota adminDescription: Used to enforce a per-user quota for creating Trusted-Domain objects authorized by the control access right, "Create inbound Forest trust". This attribute limits the number of Trusted-Domain objects that can be created by a single non-admin user in the domain. attributeId: 1.2.840.113556.1.4.1788 attributeSyntax: 2.5.5.9 omSyntax: 2 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: 8K1h0STKk0mjqossmBMC6A== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=MS-DS-All-Users-Trust-Quota,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AllUsersTrustQuota adminDisplayName: MS-DS-All-Users-Trust-Quota adminDescription: Used to enforce a combined users quota on the total number of Trusted-Domain objects created by using the control access right, "Create inbound Forest trust". attributeId: 1.2.840.113556.1.4.1789 attributeSyntax: 2.5.5.9 omSyntax: 2 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: XEqq0wNOEEiXqisznnpDSw== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=MS-DS-Per-User-Trust-Tombstones-Quota,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-PerUserTrustTombstonesQuota adminDisplayName: MS-DS-Per-User-Trust-Tombstones-Quota adminDescription: Used to enforce a per-user quota for deleting Trusted-Domain objects when authorization is based on matching the user's SID to the value of MS-DS-Creator-SID on the Trusted-Domain object. attributeId: 1.2.840.113556.1.4.1790 attributeSyntax: 2.5.5.9 omSyntax: 2 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: xqZwi/lQo0+nHhzgMEBEmw== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=ms-DS-Logon-Time-Sync-Interval,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: rangeLower rangeLower: 0 - # Reload the schema cache to pick up attributes dn: changetype: ntdsSchemaModify add: schemaUpdateNow schemaUpdateNow: 1 - # classes dn: CN=inetOrgPerson,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=groupOfUniqueNames,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: systemFlags systemFlags: 0 - dn: CN=Cross-Ref,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.1459 - dn: CN=Sam-Domain,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.1788 systemMayContain: 1.2.840.113556.1.4.1789 systemMayContain: 1.2.840.113556.1.4.1790 - dn: CN=Trusted-Domain,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.1410 - dn: CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemPossSuperiors systemPossSuperiors: 2.5.6.2 - dn: CN=Country,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemPossSuperiors systemPossSuperiors: 2.5.6.4 systemPossSuperiors: 1.2.840.113556.1.5.67 - replace: objectClassCategory objectClassCategory: 0 - dn: CN=Person,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: objectClassCategory objectClassCategory: 0 - dn: CN=Organizational-Person,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: objectClassCategory objectClassCategory: 0 - dn: CN=Group-Of-Names,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: objectClassCategory objectClassCategory: 0 - dn: CN=Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: objectClassCategory objectClassCategory: 0 - dn: CN=Certification-Authority,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: objectClassCategory objectClassCategory: 0 - # Reload the schema cache to pick up altered classes and attributes dn: changetype: ntdsSchemaModify add: schemaUpdateNow schemaUpdateNow: 1 - # change objects in configuration container dn: CN=DNS-Host-Name-Attributes,CN=Extended-Rights,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: controlAccessRight ShowInAdvancedViewOnly: TRUE appliesTo: bf967a86-0de6-11d0-a285-00aa003049e2 displayName: DNS Host Name Attributes localizationDisplayId: 60 rightsGUID: 72e39547-7b18-11d1-adef-00c04fd8d5cd validAccesses: 48 dn: CN=Create-Inbound-Forest-Trust,CN=Extended-Rights,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: controlAccessRight ShowInAdvancedViewOnly: TRUE appliesTo: 19195a5b-6da0-11d0-afd3-00c04fd930c9 displayName: Create Inbound Forest Trust localizationDisplayId: 61 rightsGUID: e2a36dc9-ae17-47c3-b58b-be34c55ba633 validAccesses: 256 dn: CN=Configuration,DC=X changetype: ntdsSchemaModify delete: wellKnownObjects wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFound,CN=Configuration,DC=X - dn: CN=Configuration,DC=X changetype: ntdsSchemaModify add: wellKnownObjects wellKnownObjects: B:32:ab8153b7768811d1aded00c04fd8d5cd:CN=LostAndFoundConfig,CN=Configuration,DC=X - # Increase object version dn: CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: objectVersion objectVersion: 22 -