1
dn: flatname=${DOMAIN},CN=Primary Domains
3
objectClass: primaryDomain
4
objectClass: kerberosSecret
7
secret:: ${MACHINEPASS_B64}
9
sAMAccountName: ${NETBIOSNAME}$
10
msDS-KeyVersionNumber: 1
11
objectSid: ${DOMAINSID}
12
privateKeytab: ${SECRETS_KEYTAB}
14
# A hook from our credentials system into HDB, as we must be on a KDC,
15
# we can look directly into the database.
16
dn: samAccountName=krbtgt,flatname=${DOMAIN},CN=Principals
19
objectClass: kerberosSecret
22
sAMAccountName: krbtgt
23
objectSid: ${DOMAINSID}
24
servicePrincipalName: kadmin/changepw
25
krb5Keytab: HDB:samba4:${SAM_LDB}:
26
#The trailing : here is a HACK, but it matches the Heimdal format.
28
# A hook from our credentials system into HDB, as we must be on a KDC,
29
# we can look directly into the database.
30
dn: servicePrincipalName=DNS/${DNSDOMAIN},CN=Principals
33
objectClass: kerberosSecret
35
servicePrincipalName: DNS/${DNSDOMAIN}
36
msDS-KeyVersionNumber: 1
37
privateKeytab: ${DNS_KEYTAB}
38
secret:: ${DNSPASS_B64}