diff --git a/metznet/machines/kerberos.scm b/metznet/machines/kerberos.scm
index 5616569..5302ee3 100644
--- a/metznet/machines/kerberos.scm
+++ b/metznet/machines/kerberos.scm
@@ -168,7 +168,7 @@
                "dn to bind for kdc operations")
   (ldap_kadmind_dn (string "uid=kadmind,dc=example,dc=com")
                    "dn to bind for kadmin operations")
-  (ldap_service_password_file maybe-file-like
+  (ldap_service_password_file maybe-string
    "file that stores the passwords for the ldap bind dns")
   (ldap_servers (string "ldap://example.com") "ldap server url")
   (ldap_conns_per_server (number 5) "number of connections per ldap server"))
@@ -326,10 +326,7 @@
                                                                (ldap_servers
                                                                 "ldaps://ldap.metznet.ca")
                                                                (ldap_service_password_file
-                                                                (plain-file
-                                                                 "service.keyfile"
-                                                                 "uid=kerberos,ou=system,ou=accounts,dc=metznet,dc=ca#{HEX}594459525a793139
-"))))))
+                                                                "/var/lib/krb5kdc/service.keyfile")))))
                                             (realms (list (kdc-realm-configuration
                                                            (name "METZNET.CA")
                                                            (database_module