jgaunt/homelab-scripts
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
60aced6ba1d2ea30f41aea0fd3e89fe8a9e0b6d3
homelab-scripts/domainjoin.sh

70 lines
2.2 KiB
Bash
Raw Blame History

#!/bin/bash
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit
fi
# ask for the domain, username, and password
read -e -p "Enter Domain Name: " -i "home.johnhgaunt.com" domain
read -e -p "Enter netBIOS Name: " -i "GAUNT" netbiosname
read -e -p "Enter Domain Admin Username: " -i "jgaunto" username
read -e -s -p "Enter ${username}'s Password: " password
# get OS ditro and version
OS=$(hostnamectl | awk '/Operating System/ {print $3}')
if [ "${OS}" == "Ubuntu" ]; then
OS_VER=$(hostnamectl | awk '/Operating System/ {print $4}')
else
OS_VER=$(hostnamectl | awk '/Operating System/ {print $5}')
fi
# set os name and version for when the computer joins AD
echo "[active-directory]" > /etc/realmd.conf
echo "os-name = ${OS}" >> /etc/realmd.conf
echo "os-version = ${OS_VER}" >> /etc/realmd.conf
# join the computer to the domain
if [ ${OS} == "Debian" ] || [ ${OS} == "Ubuntu" ]; then
echo ${password} | realm join --user=${username} --computer-ou=OU=Servers --install=/ ${domain}
echo " " >> /etc/pam.d/common-session
echo "#oddjob-mkhomedir manual entry" >> /etc/pam.d/common-session
echo "session optional pam_oddjob_mkhomedir.so skel=/etc/skel/ umask=0022" >> /etc/pam.d/common-session
elif [ "${OS}" == "CentOS" ]; then
echo ${password} | realm join --user=${username} --computer-ou=OU=Servers ${domain}
fi
# Get hostname
hostname=$(hostnamectl | awk '/Static hostname:/ {print $3}')
# set the sssd options for our domain
cat <<EOF > "/etc/sssd/conf.d/${netbiosname}.conf"
[domain/${domain}]
use_fully_qualified_names = False
fallback_homedir = /home/%u
access_provider = simple
simple_allow_groups = Domain Admins, Server Admins
ad_hostname = ${hostname}.${domain}
dyndns_update = true
dyndns_refresh_interval = 43200
dyndns_update_ptr = true
dyndns_ttl = 3600
EOF
# make sure the permissions are correct
chmod 600 "/etc/sssd/conf.d/${netbiosname}.conf"
# reboot sssd
systemctl restart sssd
# set the sudoers.d file for the server admins
cat << EOF > /etc/sudoers.d/${netbiosname}
## ${netbiosname} Admins ##
# Allow members of ${netbiosname}\Domain Admins group sudo access
%Domain\ Admins ALL=(ALL:ALL) ALL
# Allow members of ${netbiosname}\Server Admins group sudo access
%Server\ Admins ALL=(ALL:ALL) ALL
EOF
Reference in New Issue View Git Blame Copy Permalink