43 lines
1.5 KiB
Bash
43 lines
1.5 KiB
Bash
#!/bin/bash
|
|
|
|
if [ "$EUID" -ne 0 ]; then
|
|
echo "Please run as root"
|
|
exit
|
|
fi
|
|
# ask for the domain, username, and password
|
|
read -e -p "Enter Domain name: " -i "home.johnhgaunt.com" domain
|
|
read -e -p "Enter netBIOS name: " -i "GAUNT" netbiosname
|
|
read -e -p "Enter Domain Admin username: " -i "jgaunt" username
|
|
read -e -s -p "Enter Password: " password
|
|
|
|
# get OS ditro and version
|
|
OS=$(hostnamectl | awk '/Operating System/ {print $3}')
|
|
if [ "${OS}" == "Ubuntu" ]; then
|
|
OS_VER=$(hostnamectl | awk '/Operating System/ {print $4}')
|
|
else
|
|
OS_VER=$(hostnamectl | awk '/Operating System/ {print $5}')
|
|
fi
|
|
|
|
# set os name and version for when the computer joins AD
|
|
echo "[active-directory]" > /etc/realmd.conf
|
|
echo "os-name = ${OS}" >> /etc/realmd.conf
|
|
echo "os-version = ${OS_VER}" >> /etc/realmd.conf
|
|
|
|
|
|
# join the computer to the domain
|
|
echo ${password} | realm join -U ${username} ${domain}
|
|
|
|
# set the sssd options
|
|
# don't require the full domain for the usernames
|
|
sed --in-place 's/^use_fully_qualified_names = True/use_fully_qualified_names = False/' /etc/sssd/sssd.conf
|
|
# set home directory to /home/<username>
|
|
sed --in-place 's/^fallback_homedir = \/home\/%u@%d/fallback_homedir = \/home\/%u/' /etc/sssd/sssd.conf
|
|
|
|
# reboot sssd
|
|
systemctl restart sssd
|
|
|
|
# set the sudoers.d file for the domain admins
|
|
echo "## ${netbiosname} Admins ##" > /etc/sudoers.d/${netbiosname}
|
|
echo "# Allow members of ${netbiosname}\Domain Admins group sudo access" >> /etc/sudoers.d/${netbiosname}
|
|
echo "%Domain\ Admins ALL=(ALL:ALL) ALL" >> /etc/sudoers.d/${netbiosname}
|