Index: univention-ldap/debian/control
===================================================================
--- univention-ldap/debian/control	(Revision 46819)
+++ univention-ldap/debian/control	(Arbeitskopie)
@@ -23,8 +23,8 @@
  univention-ipcalc,
  univention-ldap-acl-master | univention-ldap-acl-slave,
  bind9-host,
- shell-univention-lib (>= 3.0.1-1),
- python-univention-lib (>= 3.0.12-4),
+ shell-univention-lib (>= 3.0.26-14),
+ python-univention-lib (>= 3.0.26-14),
  univention-newsid,
  univention-join
 Conflicts: univention-5250 (<< 0.5),
Index: univention-ldap/10univention-ldap-server.inst
===================================================================
--- univention-ldap/10univention-ldap-server.inst	(Revision 46819)
+++ univention-ldap/10univention-ldap-server.inst	(Arbeitskopie)
@@ -54,8 +54,9 @@
 NETMASK="$(get_default_netmask)"
 NETWORK="$(get_default_network)"
 
-groups_default_domainadmins="${groups_default_domainadmins:-Domain Admins}"
-groups_default_domainusers="${groups_default_domainusers:-Domain Users}"
+users_default_administrator=$(custom_username "Administrator")
+groups_default_domainadmins=$(custom_groupname "Domain Admins")
+groups_default_domainusers=$(custom_groupname "Domain Users")
 
 reverse=$(univention-ipcalc6 --netmask "$NETMASK" --ip "$IP" --output reverse --calcdns)
 
@@ -231,13 +232,13 @@
 		if [ -f /var/lib/univention-ldap/root.secret ] ; then
 			# mailPrimaryAddress is required on ox systems
 			if [ -n "$ox_primary_maildomain" ] ; then
-				univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set mailPrimaryAddress="administrator@$ox_primary_maildomain" --set firstname="Admin" --set username=Administrator --set sambaRID=500 --set unixhome=/home/Administrator --set lastname=Administrator --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die
+				univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set mailPrimaryAddress="administrator@$ox_primary_maildomain" --set firstname="Admin" --set username="$users_default_administrator" --set sambaRID=500 --set unixhome="/home/$users_default_administrator" --set lastname="$users_default_administrator" --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die
 			else	
-				univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set username=Administrator --set sambaRID=500 --set unixhome=/home/Administrator --set lastname=Administrator --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die
+				univention-directory-manager users/user create "$@" --position="cn=users,$ldap_base" --set username="$users_default_administrator" --set sambaRID=500 --set unixhome="/home/$users_default_administrator" --set lastname="$users_default_administrator" --set password="$(cat /var/lib/univention-ldap/root.secret)" --set primaryGroup="cn=$groups_default_domainadmins,cn=groups,$ldap_base" --policy-reference "cn=default-admins,cn=admin-settings,cn=users,cn=policies,$ldap_base" || die
 			fi
 		fi
-		univention-directory-manager groups/group modify "$@" --dn "cn=DC Backup Hosts,cn=groups,$ldap_base" --append users="uid=Administrator,cn=users,$ldap_base" || die
-		univention-directory-manager groups/group modify "$@" --dn "cn=$groups_default_domainusers,cn=groups,$ldap_base" --append users="uid=Administrator,cn=users,$ldap_base" || die
+		univention-directory-manager groups/group modify "$@" --dn "cn=DC Backup Hosts,cn=groups,$ldap_base" --append users="uid=$users_default_administrator,cn=users,$ldap_base" || die
+		univention-directory-manager groups/group modify "$@" --dn "cn=$groups_default_domainusers,cn=groups,$ldap_base" --append users="uid=$users_default_administrator,cn=users,$ldap_base" || die
 
 		#create default network
 		forwardZone=$(univention-directory-manager dns/forward_zone list "$@" --filter zone="$domainname" | sed -ne 's/DN: //p;T;q')
Index: univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master
===================================================================
--- univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master	(Revision 46819)
+++ univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master	(Arbeitskopie)
@@ -1,4 +1,6 @@
 @!@
+from univention.lib.misc import custom_username, custom_groupname
+
 ldap_base=baseConfig['ldap/base']
 ldap_port=baseConfig['slapd/port']
 if baseConfig['ldap/server/type']=="master":
@@ -6,7 +8,8 @@
 else:
 	usr="read"
 
-groups_default_domainadmins = configRegistry.get('groups/default/domainadmins', 'Domain Admins')
+groups_default_domainadmins = custom_groupname('Domain Admins')
+users_default_administrator = custom_username('Administrator')
 
 print 'sasl-regexp'
 print '    uid=(.*),cn=gssapi,cn=auth'
@@ -26,11 +29,11 @@
 print 'access to *'
 print '    by sockname="PATH=/var/run/slapd/ldapi" %s' % (usr)
 print '    by dn.base="cn=admin,%s" %s' % ( ldap_base, usr)
-print '    by dn.base="uid=Administrator,cn=users,%s" %s' % ( ldap_base, usr)
+print '    by dn.base="uid=%s,cn=users,%s" %s' % ( users_default_administrator, ldap_base, usr)
 print '    by * none break'
 print ''
 
-print 'access to dn="uid=Administrator,cn=users,%s"' % ( ldap_base )
+print 'access to dn="uid=%s,cn=users,%s"' % ( users_default_administrator, ldap_base )
 print '    by group/univentionGroup/uniqueMember="cn=%s,cn=groups,%s" %s' % ( groups_default_domainadmins, ldap_base, usr)
 print '    by dn.base="cn=admin,%s" %s' % ( ldap_base, usr)
 print '    by self %s' % ( usr )
Index: univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave
===================================================================
--- univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave	(Revision 46819)
+++ univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave	(Arbeitskopie)
@@ -10,7 +10,9 @@
 access to attrs=userPassword,krb5Key,sambaNTPassword,sambaLMPassword,sambaPwdLastSet,pwhistory,sambaPwdCanChange,sambaPwdMustChange,sambaPasswordHistory,sambaClearTextPassword,sambaPreviousClearTextPassword
    by sockname="PATH=/var/run/slapd/ldapi" read
 @!@
-groups_default_domainadmins = configRegistry.get('groups/default/domainadmins', 'Domain Admins')
+from univention.lib.misc import custom_groupname
+
+groups_default_domainadmins = custom_groupname('Domain Admins')
 ldap_base = configRegistry['ldap/base']
 print '   by group/univentionGroup/uniqueMember="cn=%s,cn=groups,%s" read' % ( groups_default_domainadmins, ldap_base )
 
Index: univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end
===================================================================
--- univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end	(Revision 46819)
+++ univention-ldap/conffiles/etc/ldap/slapd.conf.d/70univention-ldap-server_acl-master-end	(Arbeitskopie)
@@ -1,12 +1,14 @@
 @!@
+from univention.lib.misc import custom_groupname
+
 ldap_base = configRegistry['ldap/base']
 if configRegistry.get('ldap/server/type') == "master":
 	usr="write"
 else:
 	usr="read"
 
-groups_default_domainadmins = configRegistry.get('groups/default/domainadmins', 'Domain Admins')
-groups_default_windowshosts = configRegistry.get('groups/default/windowshosts', 'Windows Hosts')
+groups_default_domainadmins = custom_groupname('Domain Admins')
+groups_default_windowshosts = custom_groupname('Windows Hosts')
 
 nestedGroups = configRegistry.is_true('ldap/acl/nestedgroups', True)
 
Index: univention-ldap/debian/univention-ldap-server.postinst
===================================================================
--- univention-ldap/debian/univention-ldap-server.postinst	(Revision 46819)
+++ univention-ldap/debian/univention-ldap-server.postinst	(Arbeitskopie)
@@ -215,9 +215,9 @@
 
 if [ "$1" = "configure" -a "$server_role" = "domaincontroller_master" ] && dpkg --compare-versions "$2" lt-nl 8.0.71-1; then
 
-	groups_default_authenticatedusers="${groups_default_authenticatedusers:-Authenticated Users}"
-	groups_default_enterpriseadmins="${groups_default_enterpriseadmins:-Enterprise Admins}"
-	groups_default_windowshosts="${groups_default_windowshosts:-Windows Hosts}"
+	groups_default_authenticatedusers=$(custom_groupname "Authenticated Users")
+	groups_default_enterpriseadmins=$(custom_groupname "Enterprise Admins")
+	groups_default_windowshosts=$(custom_groupname "Windows Hosts")
 
 	sambaSID="$(univention-ldapsearch -x sambaDomainName="$windows_domain" sambaSID | sed -ne 's|^sambaSID: ||p')"
 	if [ -n "$sambaSID" ]; then
Index: univention-ldap/test/listner-notifier-test
===================================================================
--- univention-ldap/test/listner-notifier-test	(Revision 46819)
+++ univention-ldap/test/listner-notifier-test	(Arbeitskopie)
@@ -30,6 +30,8 @@
 # /usr/share/common-licenses/AGPL-3; if not, see
 # <http://www.gnu.org/licenses/>.
 
+. /usr/share/univention-lib/base.sh
+
 cat << End
 Possible Tests:
 
@@ -119,8 +121,7 @@
 
 user () # create a users/user object
 {
-	eval "$(ucr shell "groups/default/domainusers")"
-	groups_default_domainusers = "${groups_default_domainusers:-Domain Users}"
+	groups_default_domainusers=$(custom_groupname "Domain Users")
 	univention-admin "$module" create --set username="$rand1" --set lastname="$rand2" --set password=univention --set unixhome="/home/$rand1" --set primaryGroup="cn=$groups_default_domainusers,cn=groups,$ldap_base" --position="cn=users,$ldap_base"
 }