1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source4/setup/provision_dns_add_samba.ldif
Andrew Bartlett ca52871541 s4-setup Remove servicePrincipalName: DNS/${DNSDOMAIN} from new installations
This servicePrincipalName is incorrect (windows does not use that
servicePrincipalName, as it targets the server it is updating, not the
root of the DNS tree), and now that we have multiple DNS backends that
use the internal database, it is quite incorrect (as it cannot exist
on more than one account).

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Thu Nov 10 01:11:46 CET 2011 on sn-devel-104
2011-11-10 01:11:46 +01:00

17 lines
572 B
Plaintext

# NOTE: This account is SAMBA4 specific!
# we have it to avoid the need for the bind daemon to
# have access to the whole secrets.keytab for the domain,
# otherwise bind could impersonate any user
dn: CN=dns-${HOSTNAME},CN=Users,${DOMAINDN}
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
description: DNS Service Account for ${HOSTNAME}
userAccountControl: 512
accountExpires: 9223372036854775807
sAMAccountName: dns-${HOSTNAME}
servicePrincipalName: DNS/${DNSNAME}
clearTextPassword:: ${DNSPASS_B64}
isCriticalSystemObject: TRUE