45Drives
diff --git a/‎ubuntu-domainjoin.sh‎
Lines changed: 106 additions & 0 deletions b/‎ubuntu-domainjoin.sh‎
Lines changed: 106 additions & 0 deletions
diff --git a/‎ubuntu20-domainjoiner.sh‎
Lines changed: 0 additions & 88 deletions b/‎ubuntu20-domainjoiner.sh‎
Lines changed: 0 additions & 88 deletions
@@ -0,0 +1,106 @@
+#!/bin/bash
+## Ubuntu domain join
+
+set -e
+
+# Function to display usage
+usage() {
+  echo "Usage: $0 --hostname HOSTNAME --user USERNAME --realm REALM"
+  echo
+  echo "Options:"
+  echo "  --hostname Specify the server hostname"
+  echo "  --user     Specify the username"
+  echo "  --realm    Specify the realm (e.g., 45drives.local)"
+  exit 1
+}
+
+# If no arguments passed, show usage
+[[ $# -eq 0 ]] && usage
+
+# Parse arguments
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --hostname)
+      HOSTNAME="$2"
+      shift 2
+      ;;
+    --user)
+      USERNAME="$2"
+      shift 2
+      ;;
+    --realm)
+      REALM="$2"
+      shift 2
+      ;;
+    *)
+      echo "Unknown option: $1"
+      usage
+      ;;
+  esac
+done
+
+# Validate required variables
+if [[ -z "$HOSTNAME" || -z "$USERNAME" || -z "$REALM" ]]; then
+  echo "Error: --hostname, --user, and --realm arguments are required."
+  usage
+fi
+
+# Force the realm to uppercase for Kerberos
+REALM_UPPER="${REALM^^}"
+
+echo "Username: $USERNAME"
+echo "Realm:    $REALM_UPPER"
+
+echo "Installing prerequisite packages: realmd, samba, krb5-user..."
+apt install -y realmd samba krb5-user
+
+# Normalize case for comparison
+HOSTNAME_LOWER=$(echo "$HOSTNAME" | tr '[:upper:]' '[:lower:]')
+REALM_LOWER=$(echo "$REALM" | tr '[:upper:]' '[:lower:]')
+
+# Only append the realm if it is not already part of the hostname
+if [[ "$HOSTNAME_LOWER" == *"$REALM_LOWER"* ]]; then
+  echo "Hostname already contains the realm. Leaving it as: $HOSTNAME"
+  FINAL_HOSTNAME="$HOSTNAME"
+else
+  FINAL_HOSTNAME="$HOSTNAME.$REALM_LOWER"
+  echo "Setting hostname to: $FINAL_HOSTNAME"
+  hostnamectl set-hostname "$FINAL_HOSTNAME"
+fi
+
+currentTimestamp=$(date +%y-%m-%d-%H:%M:%S)
+if [ -f /etc/samba/smb.conf ]; then
+  echo "Backing up existing samba conf to /etc/samba/smb.conf.$currentTimestamp.bak"
+  mv /etc/samba/smb.conf /etc/samba/smb.conf.$currentTimestamp.bak
+else
+  echo "File /etc/samba/smb.conf does not exist. Skipping."
+fi
+
+echo "Generating kerberos ticket, please enter password at the prompt..."
+kinit "$USERNAME@$REALM_UPPER"
+
+echo "Validating we can discover the domain..."
+realm discover "$REALM_UPPER"
+
+echo "Joining the domain..."
+realm join --user="$USERNAME" --membership-software=samba --client-software=winbind --server-software=active-directory "$REALM_UPPER"
+
+echo "Outputting domain join validation..."
+realm list
+
+echo "Configuring smb.conf to use net registry"
+echo "include = registry" >> /etc/samba/smb.conf
+
+echo "Updating /etc/nsswitch.conf to use winbind"
+sed -i -E '/^(passwd|group):/ s/\bsss\b/winbind/g' /etc/nsswitch.conf
+
+echo "Configuring /etc/krb5.conf"
+cat <<EOF >/etc/krb5.conf
+[libdefaults]
+	default_realm = $REALM_UPPER
+	dns_lookup_realm = false
+	dns_lookup_kdc = true
+EOF
+
+# pam-auth-update --enable mkhomedir
+systemctl enable --now smbd