mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
7de385dca4
'no filename' instead. Andrew Bartlett
56 lines
1.3 KiB
Plaintext
56 lines
1.3 KiB
Plaintext
dn: @INDEXLIST
|
|
@IDXATTR: cn
|
|
@IDXATTR: flatname
|
|
@IDXATTR: realm
|
|
|
|
dn: @ATTRIBUTES
|
|
realm: CASE_INSENSITIVE
|
|
flatname: CASE_INSENSITIVE
|
|
sAMAccountName: CASE_INSENSITIVE
|
|
|
|
#Add modules to the list to activate them by default
|
|
#beware often order is important
|
|
dn: @MODULES
|
|
@LIST: operational
|
|
|
|
dn: CN=LSA Secrets
|
|
objectClass: top
|
|
objectClass: container
|
|
cn: LSA Secrets
|
|
|
|
dn: CN=Primary Domains
|
|
objectClass: top
|
|
objectClass: container
|
|
cn: Primary Domains
|
|
|
|
dn: flatname=${DOMAIN},CN=Primary Domains
|
|
objectClass: top
|
|
objectClass: primaryDomain
|
|
objectClass: kerberosSecret
|
|
flatname: ${DOMAIN}
|
|
realm: ${REALM}
|
|
secret: ${MACHINEPASS}
|
|
secureChannelType: 6
|
|
sAMAccountName: ${NETBIOSNAME}$
|
|
whenCreated: ${LDAPTIME}
|
|
whenChanged: ${LDAPTIME}
|
|
msDS-KeyVersionNumber: 1
|
|
objectSid: ${DOMAINSID}
|
|
privateKeytab: secrets.keytab
|
|
|
|
# A hook from our credentials system into HDB, as we must be on a KDC,
|
|
# we can look directly into the database.
|
|
dn: samAccountName=krbtgt,flatname=${DOMAIN},CN=Principals
|
|
objectClass: top
|
|
objectClass: secret
|
|
objectClass: kerberosSecret
|
|
flatname: ${DOMAIN}
|
|
realm: ${REALM}
|
|
sAMAccountName: krbtgt
|
|
whenCreated: ${LDAPTIME}
|
|
whenChanged: ${LDAPTIME}
|
|
objectSid: ${DOMAINSID}
|
|
servicePrincipalName: kadmin/changepw
|
|
krb5Keytab: HDB:ldb:sam.ldb:
|
|
#The trailing : here is a HACK, but it matches the Heimdal format.
|