mirror of
https://github.com/samba-team/samba.git
synced 2025-01-17 02:05:21 +03:00
b8444b64a3
We now use a host specific account name for the DNS account, which is
the account used for dynamic DNS updates. We also setup the
servicePrincipalName for automatic update, and add both DNS/${DNSDOMAIN}
and DNS/${DNSNAME} for compatibility with both the old and new SPNs
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
13 lines
369 B
Plaintext
13 lines
369 B
Plaintext
#Update a keytab for the external DNS server to use
|
|
dn: samAccountName=dns-${HOSTNAME},CN=Principals
|
|
objectClass: top
|
|
objectClass: secret
|
|
objectClass: kerberosSecret
|
|
realm: ${REALM}
|
|
servicePrincipalName: DNS/${DNSDOMAIN}
|
|
servicePrincipalName: DNS/${DNSNAME}
|
|
msDS-KeyVersionNumber: 1
|
|
privateKeytab: ${DNS_KEYTAB}
|
|
secret:: ${DNSPASS_B64}
|
|
samAccountName: dns-${HOSTNAME}
|