|
| 1 | +``` |
| 2 | +domainName=$1 |
| 3 | +userName=$2 |
| 4 | +
|
| 5 | +if [[ -z "$domainName" ]]; then |
| 6 | + echo "Domain name is a required parameter" |
| 7 | + exit |
| 8 | +fi |
| 9 | +
|
| 10 | +if [[ -z "$userName" ]]; then |
| 11 | + echo "User name is a required parameter" |
| 12 | + exit |
| 13 | +fi |
| 14 | +
|
| 15 | +echo -n Password: |
| 16 | +read -s password |
| 17 | +echo |
| 18 | +
|
| 19 | +echo $password |
| 20 | +
|
| 21 | +echo "Domain join $domainName" |
| 22 | +
|
| 23 | +ping -q -c 1 $domainName |
| 24 | +pingStatus=$? |
| 25 | +
|
| 26 | +if [ $pingStatus -eq 0 ]; then |
| 27 | + echo "Ping for domain $domainName succeeded" |
| 28 | +else |
| 29 | + echo "Domain controller for $domainName was not resolvable" |
| 30 | + exit |
| 31 | +fi |
| 32 | +
|
| 33 | +shortDomainName="${domainName%%.*}" |
| 34 | +shortUserName="${userName%%@*}" |
| 35 | +sambaConfFileName="/etc/samba/smb.conf" |
| 36 | +
|
| 37 | +echo "Preparing the $sambaConfFileName file" |
| 38 | +cp $sambaConfFileName "$sambaConfFileName.bak" |
| 39 | +echo "[global]" > $sambaConfFileName |
| 40 | +echo " security = ads" >> $sambaConfFileName |
| 41 | +echo " realm = ${domainName^^}" >> $sambaConfFileName |
| 42 | +echo "# If the system doesn't find the domain controller automatically, you may need the following line" >> $sambaConfFileName |
| 43 | +echo " password server = *" >> $sambaConfFileName |
| 44 | +echo "# note that workgroup is the 'short' domain name" >> $sambaConfFileName |
| 45 | +echo " workgroup = ${shortDomainName^^}" >> $sambaConfFileName |
| 46 | +echo "# winbind separator = +" >> $sambaConfFileName |
| 47 | +echo " winbind enum users = yes" >> $sambaConfFileName |
| 48 | +echo " winbind enum groups = yes" >> $sambaConfFileName |
| 49 | +echo " template homedir = /home/%D/%U" >> $sambaConfFileName |
| 50 | +echo " template shell = /bin/bash" >> $sambaConfFileName |
| 51 | +echo " client use spnego = yes" >> $sambaConfFileName |
| 52 | +echo " client ntlmv2 auth = yes" >> $sambaConfFileName |
| 53 | +echo " encrypt passwords = yes" >> $sambaConfFileName |
| 54 | +echo " restrict anonymous = 2" >> $sambaConfFileName |
| 55 | +echo " log level = 2" >> $sambaConfFileName |
| 56 | +echo " log file = /var/log/samba/sambadebug.log.%m" >> $sambaConfFileName |
| 57 | +echo " debug timestamp = yes" >> $sambaConfFileName |
| 58 | +echo " max log size = 50" >> $sambaConfFileName |
| 59 | +echo " winbind use default domain = yes" >> $sambaConfFileName |
| 60 | +echo " nt pipe support = no" >> $sambaConfFileName |
| 61 | +echo >> $sambaConfFileName |
| 62 | +echo "# Placeholder for domains" >> $sambaConfFileName |
| 63 | +echo "idmap config ${shortDomainName^^} : backend = rid" >> $sambaConfFileName |
| 64 | +echo "idmap config ${shortDomainName^^} : schema_mode = rid" >> $sambaConfFileName |
| 65 | +echo "idmap config ${shortDomainName^^} : range = 100000-1100000" >> $sambaConfFileName |
| 66 | +echo "idmap config ${shortDomainName^^} : base_rid = 0" >> $sambaConfFileName |
| 67 | +echo "idmap config * : backend = tdb" >> $sambaConfFileName |
| 68 | +echo "idmap config * : schema_mode = rid" >> $sambaConfFileName |
| 69 | +echo "idmap config * : range = 10000-99999" >> $sambaConfFileName |
| 70 | +echo "idmap config * : base_rid = 0" >> $sambaConfFileName |
| 71 | +
|
| 72 | +export KRB5_TRACE=/tmp/krb.log |
| 73 | +reformattedUserName="$shortUserName@${domainName^^}" |
| 74 | +echo net ads join -w $domainName -U $reformattedUserName%$password |
| 75 | +
|
| 76 | +netJoinResult=$? |
| 77 | +
|
| 78 | +if [ $netJoinResult -ne 0 ] |
| 79 | +then |
| 80 | + echo "Net join failed with result: $netJoinResult" |
| 81 | + exit |
| 82 | +fi |
| 83 | +
|
| 84 | +echo "Net join succeeded" |
| 85 | +
|
| 86 | +net ads info |
| 87 | +``` |
0 commit comments