;/*++ ; ;Copyright (c) 1989-1998 Microsoft Corporation ; ;Module Name: ; ; Schema.INI ; Used for Configuring the DIT at install time ; ;Abstract: ;----- ; Contains the information necessary to set up the default objects in an ; installed DIT. Covers the following cases: ; ; 1) First DS in the first site ; 2) First DS in any other site. ; 3) Replicated DS in an existing site. ; ;Notes: ;----- ; For each object, by default, the RDN is picked up from the section name. ; To override this, you can add the line RDN-Of-Object= in the section ; This is useful when you need two objects with the same RDN (but not DN). In ; this case, name the sections differently (since two sections in an ini file ; cannot be named the same, or only the first one will be picked up always), but ; add the RDN-Of-Object key to the section with the duplicate RDN appropriately. ; As an example, look at the sections System and Well-Known-Security-Id-System, ; both of which has the RDN System. ; ;--*/ ;--------------------------------------------------------- ; DEFAULT STRUCTURE OF THE ENTERPRISE DIT ;--------------------------------------------------------- ;!-------------------------------------------------------- ;! The tree under the root of the domain. ;!-------------------------------------------------------- [DEFAULTROOTDOMAIN] objectClass = DomainDNS objectCategory = Domain-DNS NTSecurityDescriptor=O:DAG:DAD:(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;;RP;c7407360-20bf-11d0-a768-00aa006e0529;;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RPRC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(A;;LCRPLORC;;;ED)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RPLCLORC;;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;AU)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;WP;ea1b7b93-5e48-46d5-bc6c-4df4fda78a35;bf967a86-0de6-11d0-a285-00aa003049e2;PS)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;DD)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;BA)(OA;;CR;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;CR;280f369c-67c7-438e-ae98-1d46f3c6f541;;AU)(OA;;CR;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;AU)(OA;;CR;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;AU)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;CIIO;CRRPWP;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;PS)(OA;CIOI;RPWP;3f78c3e5-f79a-46bd-a0b8-9d18116ddc79;;PS)(OA;CIIO;SW;9b026da6-0d3c-465c-8bee-5199d7165cba;bf967a86-0de6-11d0-a285-00aa003049e2;PS)(OA;CIIO;SW;9b026da6-0d3c-465c-8bee-5199d7165cba;bf967a86-0de6-11d0-a285-00aa003049e2;CO)S:(AU;SA;WDWOWP;;;WD)(AU;SA;CR;;;BA)(AU;SA;CR;;;DU)(OU;CISA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) ; WARNING: For downward compatibility, Domain-DNS objects are actually ; stamped with the default SD from [Sam-Domain]. To avoid confusion, ; keep the default SD on [Sam-Domain], the default SD on [Domain-DNS], ; and the nTSecurityDescriptor on DEFAULTROOTDOMAIN in schema.ini ; the same. auditingPolicy=\x0001 nTMixedDomain=0 ;Its a NC ROOT instanceType=5 ;default nc msDS-NcType=0 ;Its the PDC, set FSMO role owner fSMORoleOwner=$REGISTRY=Machine DN Name wellKnownObjects=$EMBEDDED:32:a9d1ca15768811d1aded00c04fd8d5cd:cn=Users,720143C7-673A-41bc-B013-983165F3573EHighHighly sensitive PII with severe impact from inappropriate access5000C4B449B4-D284-4de1-8AB3-A0B3902EC50BModerateModerately sensitive PII with serious impact from inappropriate access4000BD1B9601-24E1-4357-8414-DA07A50C4B04LowMildly sensitive PII with limited impact from inappropriate access3000CA61F997-1D93-46f5-8809-D068150D068BPublicPII that is publicly accessible2000F92B4F37-12D8-4aee-8081-696336974553Not PIIInformation that doesn't include PII1000 [ProtectedHealthInformation_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Protected Health Information description=The Protected Health Information (PHI) property specifies whether the resource contains any data related to an individual's medical record or medical payment history. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-YesNo,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,8906E075-33DD-44c0-8A73-A9A123B85253RestrictedThe user must possess a Restricted clearance level to access the resource30001A09A687-0EF0-479e-A053-B3CBD012D8A8Internal UseThe user must possess an Internal Use clearance level or higher to access the resource2000423CECE3-E339-40ba-8A64-E08A87782C6EPublicThe user does not need any clearance level to access the resource1000 [Confidentiality_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Confidentiality description=The Confidentiality property specifies the level of confidentiality of the resource, and the potential impact of inadvertant access or disclosure. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-OrderedList,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,BA67E7F6-A972-4cde-B42A-145F86AE2F8AHighHighly confidential with severe impact from inappropriate access3000AB7631B6-30A9-4a50-9D94-64069BA64596ModerateModerately confidential with serious impact from inappropriate access200033BEEF0B-7E86-482b-B922-D1119BE869DBLowMildly confidential with low impact from inappropriate access1000 [Compliancy_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Compliancy description=The Compliancy property specifies the compliance frameworks that apply to the resource. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-MultivaluedChoice,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,2DD2F3EE-3BAB-45fc-B33F-65119B3B3C66PCI DSSPCI DSSA9E2C599-7DC4-4bf1-90DA-E949EF25D045HIPAA/HITECHHIPAA/HITECH0424473A-B85A-4071-8A8F-AB3F230864A0SOXSOXCD289E43-18AD-4d1d-BE7F-AA58F5B1343AISO 27002ISO 27002D91BDEBF-0008-4bb9-B861-8B38838649BAFISMAFISMA937E4888-B8A7-4bdc-8F2C-CF08F686DEC5NIST SP 800-53NIST SP 800-53AF628C68-6C73-4ef1-AC0D-E43D3A9E6D38CObITCObITD5ECD90E-282F-481b-8CD6-EDF7A8048D06GLBAGLBA5A02DF30-A041-4fd5-B80F-8337075A48EEFACTAFACTAEAD2BD15-F139-4dc9-9837-8F97C0E2778EHITECH CSFHITECH CSF21A89628-802F-4368-BDE0-F77016E0355FUS-EU Safe HarborUS-EU Safe HarborE7DBB941-F906-43b9-8E37-F2E77149A944FERC/NERC CIPFERC/NERC CIP67CAF734-4FE3-42ae-9A2D-8024F6DBD478PIPEDAPIPEDA382D830A-4289-462d-AE57-10BD836F20B5EU Data Protection Directive 95 46 ECEU Data Protection Directive 95 46 EC7F83F20B-C3BB-45f4-B965-66A96C51DB10Japan Personal Information Protection ActJapan Personal Information Protection Act423F17F9-DA8E-4161-8A47-DD114109B723GAPPGAPP3E7607CF-7D96-47df-93A3-5169BBE87C57ITARITAR [Discoverability_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Discoverability description=The Discoverability property specifies whether the resource contains potential evidence that might require disclosure to opposing legal counsel during the course of current or future litigation. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-SinglevaluedChoice,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,93101992-D6BD-4a4f-807A-1A07508AC542PrivilegedPrivileged information not subject to discoveryPrivileged36B5FC91-993B-4b07-9829-543F29B7E569HoldPotentially relevant information that must be retainedHold9FB8AC5E-54A7-435d-B061-E9D6DEDF83EFNot ApplicableResource is not privileged or under legal holdNot Applicable [Immutable_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Immutable description=The Immutable property specifies whether a user should be allowed to delete a resource or change its contents. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-YesNo,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,6B740562-731D-4865-A655-A1CE25428C6ECopyrightCopyrighted informationCopyright1CD0B059-35D1-42b9-94E5-F1AB177FDA61Trade SecretProprietary information protected as a trade secretTrade Secret71CB9BF0-D26D-4574-B579-6806427B5115Patent Application DocumentInformation that is or will be included in a patent applicationPatent Application Document4E8C0540-FAE8-4abe-8EFF-5A4D33CD974APatent Supporting DocumentInformation that contains supporting documentation for a patent applicationPatent Supporting Document8C035EEE-6085-4878-B473-3D7DC786FB3ENot IPInformation doesn't contain intellectual propertyNot IP [Department_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Department description=The Department property specifies the name of the department to which the resource belongs. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-SinglevaluedChoice,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,A69BBFCA-7E3C-40e4-8CA9-ADB672EDDF7AEngineeringEngineeringDC1DCC60-17B9-438c-B9D6-2D17494E495ALegalLegalEBF08F01-D335-4477-A903-FE7C544CA1AFHuman ResourcesHuman Resources360B0315-CF24-47e9-93B5-1BF75F389EA1Information TechnologyInformation TechnologyFBB2B369-2B5C-4a00-AB07-E4667D31F396OperationsOperationsBD3B23A4-AACD-42ba-BF92-2E53DBB0F43EFinanceFinance1C226B54-6778-43f3-9CFC-340B1AD18A90MarketingMarketing328CEDB0-A0D7-4958-B9FF-BCFBD14AA6BBSalesSalesADE3D854-0AAF-4e95-94BD-898806A877FACustomer ServiceCustomer Service89A42F9C-61CD-44eb-8B33-ABFF86E7D77CSupportSupport496C8063-6AE1-4f2a-8659-ECECF57AA026AdministrationAdministration187CD56F-1F84-4c3e-93A1-026368B3A406DistributionDistribution61C56BBF-BFEB-4355-9FB2-756C23F83CF2Research and DevelopmentResearch and Development34D14A28-E78E-4d80-AEE2-697D5D0B1454Manufacturing and ProductionManufacturing and Production31548813-2497-40eb-AB76-03B501BE821DQuality ControlQuality Control [Impact_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Impact description=The Impact property specifies the degree of organizational impact from inappropriate access or loss of the resource. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-OrderedList,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,360E95E9-F137-4ea2-AC1C-40DF2872F486HighHigh business impact (HBI)300074372436-EE0D-4e5d-89EC-F5F048E22B7FModerateMedium business impact (MBI)2000664CF4F7-FC2C-4690-9569-54087B8DF4ADLowLow business impact (LBI)1000 [PersonalUse_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Personal Use description=The Personal Use property specifies whether the file is for personal use (not business related). Enabled=False msDS-IsUsedAsResourceSecurityAttribute=True msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-YesNo,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,A431C998-0775-4000-A4E4-263F888741D9IndefiniteNo maximum retention period by defaultIndefinite68293C61-A8E1-49aa-814E-F90BA4C585A4Long-TermSeven-year retention period by defaultLong-Term0110E657-F48F-4a0a-BEAB-0661154B479BMid-TermFive-year retention period by defaultMid-Term03D7D0E5-E64E-42d3-BE53-55D14C1C227DShort-TermOne-year retention period by defaultShort-Term [RetentionStartDate_MS] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourceProperty objectCategory=ms-DS-Resource-Property displayname=Retention Start Date description=The Retention Start Date property defines the starting date for a Retention Period. The retention period would begin on the Retention Start Date. Enabled=False msDS-IsUsedAsResourceSecurityAttribute=False msDS-ValueTypeReference=$EMBEDDED:CN=MS-DS-DateTime,CN=Value Types,CN=Claims Configuration,CN=Services,CN=Configuration,EEC36E56-070C-490b-B425-C78BA830FF8AUser FilesThis folder contains files that belong to a single user.User FilesE715826D-2FF6-4065-ADDA-89BBD815796BGroup FilesThis folder contains files that are shared between users.Group Files3AFBAA7C-E8AD-40c8-8FBA-7A96A6285058Application FilesThis folder contains files used by applications such as Hyper-V.Application Files5AE4C739-582F-47bd-82B5-BB6C2BB68CF1Backup and Archival FilesThis folder contains files that have been backed up or archived.Backup and Archival Files msDS-AppliestoResourceTypes=MS-DS-Container [Resource Property Lists] nTSecurityDescriptor=O:EAG:EAD:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=Container ObjectCategory=Container ShowInAdvancedViewOnly=True CHILD=Global Resource Property List [Global Resource Property List] nTSecurityDescriptor=O:EAG:EAD:(D;;SDDT;;;WD)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) objectClass=msDS-ResourcePropertyList ObjectCategory=ms-DS-Resource-Property-List ShowInAdvancedViewOnly=True description=This is a global out of box resource property list that contains all resource properties that can be consumed by applications. msDS-MembersOfResourcePropertyList=$EMBEDDED:CN=PII_MS,CN=Resource Properties,CN=Claims Configuration,CN=Services,