-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathjoin-ad.sh
47 lines (39 loc) · 1.28 KB
/
join-ad.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#!/bin/sh
if ! (set -o pipefail 2>/dev/null); then
# dash does not support pipefail
set -efx
else
set -efx -o pipefail
fi
# bash does not expand alias by default for non-interactive script
if [ -n "$BASH_VERSION" ]; then
shopt -s expand_aliases
fi
alias cp="cp -f"
alias mkdir="mkdir -p"
. "/etc/os-release"
DISTRO="$ID"
DISTRO_BASE="$ID_LIKE"
IS_DEBIAN_BASE=$(printf "$DISTRO_BASE" | grep "debian" || [ $? = 1 ])
IS_FEDORA_BASE=$(printf "$DISTRO_BASE" | grep "fedora" || [ $? = 1 ])
IS_SUSE_BASE=$(printf "$DISTRO_BASE" | grep "suse" || [ $? = 1 ])
SSSD="sssd-ad sssd-tools realmd adcli"
if [ "$DISTRO" = "debian" ] || [ -n "$IS_DEBIAN_BASE" ]; then
apt install -y --no-upgrade $SSSD
elif [ "$DISTRO" = "fedora" ] || [ -n "$IS_FEDORA_BASE" ]; then
dnf install --refresh -y $SSSD
elif [ -n "$IS_SUSE_BASE" ]; then
zypper install -y $SSSD
fi
mkdir "/etc/sudoers.d/"
cp "sudoers" "/etc/sudoers.d/ad_group"
echo 'Installed "/etc/sudoers.d/ad_group"'
mkdir "/etc/sssd"
cp "sssd.conf" "/etc/sssd/sssd.conf"
systemctl restart sssd.service
echo 'Installed "/etc/sssd/sssd.conf"'
read -p 'Domain Admin username (enter "n" to skip): ' domain_admin
if [ -n "$domain_admin" ] && [ "$domain_admin" != "n" ]; then
realm join -v "domain.example" -U "$domain_admin"
echo "Joined Example AD domain"
fi