mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
178 lines
3.9 KiB
178 lines
3.9 KiB
[Version]
|
|
signature="$CHICAGO$"
|
|
|
|
[DelegationTemplates]
|
|
|
|
Templates = template1, template2, template3, template4, template5, template6, template7, template8, template9,template10, template11, template12
|
|
|
|
;---------------------------------------------------------
|
|
[template1]
|
|
AppliesToClasses=domainDns,organizationalUnit,container
|
|
|
|
Description = "Create, delete, and manage user accounts"
|
|
|
|
ObjectTypes = SCOPE, user
|
|
|
|
[template1.SCOPE]
|
|
user=CC,DC
|
|
|
|
[template1.user]
|
|
@=GA
|
|
;---------------------------------------------------------
|
|
|
|
|
|
|
|
;---------------------------------------------------------
|
|
[template2]
|
|
AppliesToClasses=domainDns,organizationalUnit,container
|
|
|
|
Description = "Reset user passwords and force password change at next logon"
|
|
|
|
ObjectTypes = user
|
|
|
|
[template2.user]
|
|
CONTROLRIGHT= "Reset Password"
|
|
pwdLastSet=RP,WP
|
|
;----------------------------------------------------------
|
|
|
|
|
|
;----------------------------------------------------------
|
|
[template3]
|
|
AppliesToClasses=domainDns,organizationalUnit,container
|
|
|
|
Description = "Read all user information"
|
|
|
|
ObjectTypes = user
|
|
|
|
[template3.user]
|
|
@=RP
|
|
|
|
;----------------------------------------------------------
|
|
[template4]
|
|
AppliesToClasses = organizationalUnit,container
|
|
|
|
Description = "Create, delete and manage groups"
|
|
|
|
ObjectTypes = SCOPE, group
|
|
|
|
[template4.SCOPE]
|
|
group=CC,DC
|
|
|
|
[template4.group]
|
|
@=GA
|
|
|
|
;----------------------------------------------------------
|
|
|
|
|
|
;----------------------------------------------------------
|
|
[template5]
|
|
AppliesToClasses=domainDns,organizationalUnit,container
|
|
|
|
Description = "Modify the membership of a group"
|
|
|
|
ObjectTypes = group
|
|
|
|
[template5.group]
|
|
member=RP,WP
|
|
;----------------------------------------------------------
|
|
|
|
|
|
;----------------------------------------------------------
|
|
[template6]
|
|
AppliesToClasses = domainDNS
|
|
|
|
Description = "Join a computer to the domain"
|
|
|
|
ObjectTypes = SCOPE
|
|
|
|
[template6.SCOPE]
|
|
computer=CC
|
|
;----------------------------------------------------------
|
|
|
|
|
|
|
|
;----------------------------------------------------------
|
|
[template7]
|
|
AppliesToClasses = domainDNS,organizationalUnit,site
|
|
|
|
Description = "Manage Group Policy links"
|
|
|
|
ObjectTypes = SCOPE
|
|
|
|
[template7.SCOPE]
|
|
gPLink=RP,WP
|
|
gPOptions=RP,WP
|
|
|
|
|
|
|
|
|
|
|
|
|
|
;----------------------------------------------------------
|
|
|
|
;---------------------------------------------------------
|
|
[template8]
|
|
AppliesToClasses=domainDns,organizationalUnit
|
|
|
|
Description = "Generate Resultant Set of Policy (Planning)"
|
|
|
|
ObjectTypes = SCOPE
|
|
|
|
[template8.SCOPE]
|
|
CONTROLRIGHT= "Generate Resultant Set of Policy(Planning)"
|
|
;----------------------------------------------------------
|
|
|
|
;---------------------------------------------------------
|
|
[template9]
|
|
AppliesToClasses=domainDns,organizationalUnit
|
|
|
|
Description = "Generate Resultant Set of Policy (Logging)"
|
|
|
|
ObjectTypes = SCOPE
|
|
|
|
[template9.SCOPE]
|
|
CONTROLRIGHT= "Generate Resultant Set of Policy(Logging)"
|
|
;----------------------------------------------------------
|
|
;---------------------------------------------------------
|
|
[template10]
|
|
AppliesToClasses=domainDns,organizationalUnit,container
|
|
|
|
Description = "Create, delete, and manage inetorgperson accounts"
|
|
|
|
ObjectTypes = SCOPE, inetorgperson
|
|
|
|
[template1.SCOPE]
|
|
inetorgperson=CC,DC
|
|
|
|
[template1.inetorgperson]
|
|
@=GA
|
|
;---------------------------------------------------------
|
|
|
|
|
|
|
|
;---------------------------------------------------------
|
|
[template11]
|
|
AppliesToClasses=domainDns,organizationalUnit,container
|
|
|
|
Description = "Reset inetorgperson passwords and force password change at next logon"
|
|
|
|
ObjectTypes = inetorgperson
|
|
|
|
[template2.inetorgperson]
|
|
CONTROLRIGHT= "Reset Password"
|
|
pwdLastSet=RP,WP
|
|
;----------------------------------------------------------
|
|
|
|
|
|
;----------------------------------------------------------
|
|
[template12]
|
|
AppliesToClasses=domainDns,organizationalUnit,container
|
|
|
|
Description = "Read all inetorgperson information"
|
|
|
|
ObjectTypes = inetorgperson
|
|
|
|
[template3.inetorgperson]
|
|
@=RP
|
|
|
|
;----------------------------------------------------------
|