blob: 7fb2e7896158dee181e66411811c11ac3100f067 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
# NOTE: This account is SAMBA4 specific!
# we have it to avoid the need for the bind daemon to
# have access to the whole secrets.keytab for the domain,
# otherwise bind could impersonate any user
dn: CN=dns-${HOSTNAME},CN=Users,${DOMAINDN}
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
description: DNS Service Account for ${HOSTNAME}
userAccountControl: 512
accountExpires: 9223372036854775807
sAMAccountName: dns-${HOSTNAME}
servicePrincipalName: DNS/${DNSNAME}
clearTextPassword:: ${DNSPASS_B64}
isCriticalSystemObject: TRUE
|