Q&A: What are the *.secrets files for?

Question:

What are the differentc *.secrets files needed for?

Answer:

They are needed to store credentials when accessing other hosts and services. In details here is an (incomplete) list of files with a short explanation.

  • /etc/ldap-backup.secret
    Per host
    Used for authentication with the machine account to the master

  • /etc/ldap-backup.secret
    Per domain
    For “cn=backup,$ldap_base”
    Only Master, Backups, Slaves
    NEVER changed!

  • /etc/backup-join.secret
    For account “uid=join-backup,cn=users,$ldap_base”
    Used by services/univention-samba/26univention-samba.inst to join the Samba DC