diff --git a/flake.lock b/flake.lock
index 854b103..42b1e64 100644
--- a/flake.lock
+++ b/flake.lock
@@ -23,11 +23,11 @@
     "mysecrets": {
       "flake": false,
       "locked": {
-        "lastModified": 1759394888,
-        "narHash": "sha256-FwmvYoAcBtsKW4dGVeD+/zHKov3cIYfyWO1Fwqv3HwQ=",
+        "lastModified": 1759412548,
+        "narHash": "sha256-xiYMJkiKDjqva1V2yznKgdAPdL8FIvKiF2bHtgGPgLE=",
         "ref": "refs/heads/main",
-        "rev": "e5ceedd0e56ae0272875765da13dccabf8747764",
-        "revCount": 10,
+        "rev": "43fa5245e5a5dfb242aa4914060159aa21b85b25",
+        "revCount": 11,
         "type": "git",
         "url": "file:///home/beastie/nixos/secrets"
       },
diff --git a/modules/optionnals/openfortivpn.nix b/modules/optionnals/openfortivpn.nix
index 2b2282c..4288a59 100644
--- a/modules/optionnals/openfortivpn.nix
+++ b/modules/optionnals/openfortivpn.nix
@@ -30,7 +30,7 @@ let
   myMount = description: what: where: {
     inherit description what where;
     type = "cifs";
-    options = "credentials=/etc/openfortivpn/smb-secrets,uid=beastie,gid=users";
+    options = "credentials=${config.sops.templates."gbmshares-secrets".path},uid=beastie,gid=users";
   };
   myAutoMount = description: where: {
     inherit description where;
@@ -47,18 +47,30 @@ in
     secrets = {
       "ldap_GBM/username" = { };
       "ldap_GBM/password" = { };
+      "ldap_GBM/domain" = { };
       "openfortivpn/host" = { };
       "openfortivpn/port" = { };
     };
-    templates."openfortivpn.conf" = {
-      content = ''
-        host = ${config.sops.placeholder."openfortivpn/host"}
-        port = ${config.sops.placeholder."openfortivpn/port"}
-        username = ${config.sops.placeholder."ldap_GBM/username"}
-        password = ${config.sops.placeholder."ldap_GBM/password"}
-      '';
-      mode = "0600";
-      owner = "root";
+    templates = {
+      "openfortivpn.conf" = {
+        content = ''
+          host = ${config.sops.placeholder."openfortivpn/host"}
+          port = ${config.sops.placeholder."openfortivpn/port"}
+          username = ${config.sops.placeholder."ldap_GBM/username"}
+          password = ${config.sops.placeholder."ldap_GBM/password"}
+        '';
+        mode = "0600";
+        owner = "root";
+      };
+      "gbmshares-secrets" = {
+        content = ''
+          username=${config.sops.placeholder."ldap_GBM/username"}
+          password=${config.sops.placeholder."ldap_GBM/password"}
+          domain=${config.sops.placeholder."ldap_GBM/domain"}
+        '';
+        mode = "0600";
+        owner = "root";
+      };
     };
   };
   environment.systemPackages = [