1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-28 07:21:54 +03:00
samba-mirror/source4/setup/secrets_dns.ldif
Andreas Schneider 86652c0208 s4-setup: Add saltPrincipal to secrets_dns.ldif
This adds the correct salt principal to the secretsdb so that we
generate a valid keytab entries for AES and DES keys. The test doesn't
fails with Heimdal cause it always uses RC4 which doesn't have a salt.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Apr 24 13:02:37 CEST 2015 on sn-devel-104
2015-04-24 13:02:37 +02:00

13 lines
390 B
Plaintext

#Update a keytab for the external DNS server to use
dn: samAccountName=dns-${HOSTNAME},CN=Principals
objectClass: top
objectClass: secret
objectClass: kerberosSecret
realm: ${REALM}
saltPrincipal: dns-${HOSTNAME}@${REALM}
servicePrincipalName: DNS/${DNSNAME}
msDS-KeyVersionNumber: ${KEY_VERSION_NUMBER}
privateKeytab: ${DNS_KEYTAB}
secret:: ${DNSPASS_B64}
samAccountName: dns-${HOSTNAME}