blob: 6c664d910b32f4842d8b1a3bab211b4900908eec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
# NOTE: This account is SAMBA4 specific!
# we have it to avoid the need for the bind daemon to
# have access to the whole secrets.keytab for the domain,
# otherwise bind could impersonate any user
dn: CN=dns-${HOSTNAME},CN=Users,${DOMAINDN}
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
description: DNS Service Account for ${HOSTNAME}
userAccountControl: 512
accountExpires: 9223372036854775807
sAMAccountName: dns-${HOSTNAME}
servicePrincipalName: DNS/${DNSNAME}
servicePrincipalName: DNS/${DNSDOMAIN}
clearTextPassword:: ${DNSPASS_B64}
isCriticalSystemObject: TRUE
|
