mirror of
https://github.com/samba-team/samba.git
synced 2025-01-25 06:04:04 +03:00
08f94e2754
The less things we manually place into the templates, the easier the conversion to python will be. Andrew Bartlett (This used to be commit f65e5c164476b80468aa19452b108db17c642f8b)
39 lines
1.1 KiB
Plaintext
39 lines
1.1 KiB
Plaintext
dn: flatname=${DOMAIN},CN=Primary Domains
|
|
objectClass: top
|
|
objectClass: primaryDomain
|
|
objectClass: kerberosSecret
|
|
flatname: ${DOMAIN}
|
|
realm: ${REALM}
|
|
secret:: ${MACHINEPASS_B64}
|
|
secureChannelType: 6
|
|
sAMAccountName: ${NETBIOSNAME}$
|
|
msDS-KeyVersionNumber: 1
|
|
objectSid: ${DOMAINSID}
|
|
privateKeytab: ${SECRETS_KEYTAB}
|
|
|
|
# A hook from our credentials system into HDB, as we must be on a KDC,
|
|
# we can look directly into the database.
|
|
dn: samAccountName=krbtgt,flatname=${DOMAIN},CN=Principals
|
|
objectClass: top
|
|
objectClass: secret
|
|
objectClass: kerberosSecret
|
|
flatname: ${DOMAIN}
|
|
realm: ${REALM}
|
|
sAMAccountName: krbtgt
|
|
objectSid: ${DOMAINSID}
|
|
servicePrincipalName: kadmin/changepw
|
|
krb5Keytab: HDB:ldb:${SAM_LDB}:
|
|
#The trailing : here is a HACK, but it matches the Heimdal format.
|
|
|
|
# A hook from our credentials system into HDB, as we must be on a KDC,
|
|
# we can look directly into the database.
|
|
dn: servicePrincipalName=DNS/${DNSDOMAIN},CN=Principals
|
|
objectClass: top
|
|
objectClass: secret
|
|
objectClass: kerberosSecret
|
|
realm: ${REALM}
|
|
servicePrincipalName: DNS/${DNSDOMAIN}
|
|
privateKeytab: ${DNS_KEYTAB}
|
|
secret:: ${DNSPASS_B64}
|
|
|