From 46e4fe81171c13d45343c015015e65133dd661c8 Mon Sep 17 00:00:00 2001
From: PierreGoude <pierre@webbhatt.com>
Date: Mon, 6 Feb 2017 09:59:27 +0100
Subject: [PATCH] Update ADconnection.sh

---
 ADconnection.sh | 44 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 43 insertions(+), 1 deletion(-)

diff --git a/ADconnection.sh b/ADconnection.sh
index 016205e..ae73a6f 100644
--- a/ADconnection.sh
+++ b/ADconnection.sh
@@ -106,6 +106,20 @@ else
 echo checking sudoers file..  "${RED_TEXT}"FAIL"${END}"
 echo Checking sudoers users.. "${RED_TEXT}"FAIL"${END}"
 fi
+homedir=$(cat /etc/pam.d/common-session | grep homedir | grep 0022 | cut -d '=' -f3)
+if [ "$homedir" = 0022 ]
+then
+echo Checking PAM configuration.. "${INTRO_TEXT}"OK"${END}"
+else
+echo Checking PAM configuration.. "${RED_TEXT}"FAIL"${END}"
+fi
+cauth=$(cat /etc/pam.d/common-auth | grep required | grep onerr | grep allow | cut -d '=' -f4 | cut -d 'f' -f1)
+if [ "$cauth" = allow ]
+then
+echo Checking PAM auth configuration.. "${INTRO_TEXT}"OK"${END}"
+else
+echo Checking PAM auth configuration.. "${RED_TEXT}"FAIL"${END}"
+fi
 guest=$(cat /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf | grep -i allow-guest | grep -i false | cut -d '=' -f2)
 if [ "$guest" = false ]
 then
@@ -181,6 +195,20 @@ else
 echo checking sudoers file..  "${RED_TEXT}"FAIL"${END}"
 echo Checking sudoers users.. "${RED_TEXT}"FAIL"${END}"
 fi
+homedir=$(cat /etc/pam.d/common-session | grep homedir | grep 0022 | cut -d '=' -f3)
+if [ "$homedir" = 0022 ]
+then
+echo Checking PAM configuration.. "${INTRO_TEXT}"OK"${END}"
+else
+echo Checking PAM configuration.. "${RED_TEXT}"FAIL"${END}"
+fi
+cauth=$(cat /etc/pam.d/common-auth | grep required | grep onerr | grep allow | cut -d '=' -f4 | cut -d 'f' -f1)
+if [ "$cauth" = allow ]
+then
+echo Checking PAM auth configuration.. "${INTRO_TEXT}"OK"${END}"
+else
+echo Checking PAM auth configuration.. "${RED_TEXT}"FAIL"${END}"
+fi
 guest=$(cat /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf | grep -i allow-guest | grep -i false | cut -d '=' -f2)
 if [ "$guest" = false ]
 then
@@ -244,8 +272,22 @@ else
 echo checking sudoers file..  "${RED_TEXT}"FAIL"${END}"
 echo Checking sudoers users.. "${RED_TEXT}"FAIL"${END}"
 fi
+homedir=$(cat /etc/pam.d/common-session | grep homedir | grep 0022 | cut -d '=' -f3)
+if [ "$homedir" = 0022 ]
+then
+echo Checking PAM configuration.. "${INTRO_TEXT}"OK"${END}"
+else
+echo Checking PAM configuration.. "${RED_TEXT}"FAIL"${END}"
+fi
+cauth=$(cat /etc/pam.d/common-auth | grep required | grep onerr | grep allow | cut -d '=' -f4 | cut -d 'f' -f1)
+if [ "$cauth" = allow ]
+then
+echo Checking PAM auth configuration.. "${INTRO_TEXT}"OK"${END}"
+else
+echo Checking PAM auth configuration.. "${RED_TEXT}"FAIL"${END}"
+fi
 guest=$(cat /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf | grep -i allow-guest | grep -i false | cut -d '=' -f2)
-if [ $guest = false ]
+if [ "$guest" = false ]
 then
 echo Checking login configuration.. "${INTRO_TEXT}"OK"${END}"
 else