DragonSlayer_14/Linux-Active-Directory-join-script
1
0
Fork 0
mirror of https://github.com/PierreGode/Linux-Active-Directory-join-script.git synced 2025-12-21 16:50:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added flag options see: sudo sh ADconnection.sh --help

Browse Source
This commit is contained in:
root 2018-05-18 15:14:55 +02:00
parent 8fec01a190
commit 59fcb18e2b
1 changed files with 48 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
ADconnection.sh
View File

@ -89,17 +89,17 @@ echo ""
else else
read -p "${RED_TEXT}"'Do you wish to DISABLE password promt for users in terminal?'"${END}""${NUMBER}"'(y/n)?'"${END}" yn read -p "${RED_TEXT}"'Do you wish to DISABLE password promt for users in terminal?'"${END}""${NUMBER}"'(y/n)?'"${END}" yn
case $yn in case $yn in
[Yy]* ) [Yy]* )
sudo echo "administrator ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "administrator ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%$myhost""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "%$myhost""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%DOMAIN\ admins ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/domain_admins sudo echo "%DOMAIN\ admins ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/domain_admins
#sudo realm permit --groups "$myhost""sudoers" #sudo realm permit --groups "$myhost""sudoers"
;; ;;
[Nn]* ) sudo echo "administrator ALL=(ALL:ALL) ALL" | sudo tee -a /etc/sudoers.d/sudoers [Nn]* ) sudo echo "administrator ALL=(ALL:ALL) ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%$myhost""sudoers ALL=(ALL:ALL) ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "%$myhost""sudoers ALL=(ALL:ALL) ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%DOMAIN\ admins ALL=(ALL:ALL) ALL" | sudo tee -a /etc/sudoers.d/domain_admins sudo echo "%DOMAIN\ admins ALL=(ALL:ALL) ALL" | sudo tee -a /etc/sudoers.d/domain_admins
#sudo realm permit --groups "$myhost""sudoers" #sudo realm permit --groups "$myhost""sudoers"
;; ;;
* ) echo "Please answer yes or no.";; * ) echo "Please answer yes or no.";;
esac esac
@ -327,7 +327,7 @@ echo ""
echo "${INTRO_TEXT}"Please log in with domain admin to $DOMAIN to connect"${END}" echo "${INTRO_TEXT}"Please log in with domain admin to $DOMAIN to connect"${END}"
echo "${INTRO_TEXT}"Please type Admin user:"${END}" echo "${INTRO_TEXT}"Please type Admin user:"${END}"
read ADMIN read ADMIN
sudo realm join --verbose --user=$ADMIN $DOMAIN --install=/ sudo realm join --verbose --user=$ADMIN $DOMAIN --install=/
else else
clear clear
sudo echo "${RED_TEXT}"I am having issuers to detect your Ubuntu version"${INTRO_TEXT}" sudo echo "${RED_TEXT}"I am having issuers to detect your Ubuntu version"${INTRO_TEXT}"
@ -428,7 +428,7 @@ read -p MYADMIN
sudo echo $MYADMIN | sudo tee -a /etc/ssh/login.group.allowed;; sudo echo $MYADMIN | sudo tee -a /etc/ssh/login.group.allowed;;
* ) echo "Please answer yes or no.";; * ) echo "Please answer yes or no.";;
esac esac
sudo echo "$Mysrvgroup" | sudo tee -a /etc/ssh/login.group.allowed sudo echo "$Mysrvgroup" | sudo tee -a /etc/ssh/login.group.allowed
sudo echo "$NetBios"'\'"$myhost""sudoers" | sudo tee -a /etc/ssh/login.group.allowed sudo echo "$NetBios"'\'"$myhost""sudoers" | sudo tee -a /etc/ssh/login.group.allowed
sudo echo "$NetBios"'\'"domain^admins" | sudo tee -a /etc/ssh/login.group.allowed sudo echo "$NetBios"'\'"domain^admins" | sudo tee -a /etc/ssh/login.group.allowed
sudo echo "root" | sudo tee -a /etc/ssh/login.group.allowed sudo echo "root" | sudo tee -a /etc/ssh/login.group.allowed
@ -451,7 +451,7 @@ echo "Sudoersfile seems already to be modified, skipping..."
echo "" echo ""
else else
sudo echo "administrator ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "administrator ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%$Mysrvgroup""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "%$Mysrvgroup""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%$myhost""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "%$myhost""sudoers ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%domain\ users ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers sudo echo "%domain\ users ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/sudoers
sudo echo "%DOMAIN\ admins ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/domain_admins sudo echo "%DOMAIN\ admins ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/domain_admins
@ -482,7 +482,7 @@ echo checking sudoers file.. "${RED_TEXT}"FAIL not configured"${END}"
fi fi
grouPs=$(cat /etc/sudoers.d/sudoers | grep -i $myhost | cut -d '%' -f2 | cut -d '=' -f1 | sed -e 's/\<ALL\>//g') grouPs=$(cat /etc/sudoers.d/sudoers | grep -i $myhost | cut -d '%' -f2 | cut -d '=' -f1 | sed -e 's/\<ALL\>//g')
if [ $grouPs = "$myhost""sudoers" ] if [ $grouPs = "$myhost""sudoers" ]
then then
echo Checking sudoers users.. "${INTRO_TEXT}"OK"${END}" echo Checking sudoers users.. "${INTRO_TEXT}"OK"${END}"
else else
echo Checking sudoers users.. "${RED_TEXT}"FAIL"${END}" echo Checking sudoers users.. "${RED_TEXT}"FAIL"${END}"
@ -890,7 +890,7 @@ read -p "Do you really want to leave the domain: $DOMAIN (y/n)?" yn
LEFT=$(sudo realm discover | grep configured | awk '{print $2}') LEFT=$(sudo realm discover | grep configured | awk '{print $2}')
if [ "$LEFT" = "no" ] if [ "$LEFT" = "no" ]
then then
echo "" echo ""
sudo echo "" | sudo tee /etc/sssd/sssd.conf sudo echo "" | sudo tee /etc/sssd/sssd.conf
echo "$DOMAIN has been left" echo "$DOMAIN has been left"
else else
@ -928,17 +928,23 @@ echo "${INTRO_TEXT} $
echo "${INTRO_TEXT} Domain username:"${RED_TEXT}Example:${RED_TEXT}"" ${NUMBER}ADadmin${NUMBER}"${INTRO_TEXT}" echo "${INTRO_TEXT} Domain username:"${RED_TEXT}Example:${RED_TEXT}"" ${NUMBER}ADadmin${NUMBER}"${INTRO_TEXT}"
echo "${INTRO_TEXT} ${INTRO_TEXT}" echo "${INTRO_TEXT} ${INTRO_TEXT}"
echo "${INTRO_TEXT} AD Group to put users in:"${RED_TEXT}Example:${RED_TEXT}"" ${NUMBER}Sudoers.global${NUMBER}"${INTRO_TEXT}" echo "${INTRO_TEXT} AD Group to put users in:"${RED_TEXT}Example:${RED_TEXT}"" ${NUMBER}Sudoers.global${NUMBER}"${INTRO_TEXT}"
echo "${RED_TEXT} User and computer must Exist in AD before Join ${RED_TEXT}" echo "${RED_TEXT} group should be created in AD with the groupname beeing the HOSTNAMEsudores ${RED_TEXT}"
echo "${INTRO_TEXT} ${INTRO_TEXT}" echo "${INTRO_TEXT} ${INTRO_TEXT}"
echo "${INTRO_TEXT} Script will use hostname and add sudoer to it to sudoers "${RED_TEXT}Example:${RED_TEXT}""${NUMBER} myhostsudoer${NUMBER}"${INTRO_TEXT}" echo "${INTRO_TEXT} Script will use hostname and add sudoer to it to sudoers "${RED_TEXT}Example:${RED_TEXT}""${NUMBER} myhostsudoer${NUMBER}"${INTRO_TEXT}"
echo "${INTRO_TEXT} It is important that the computerobject "${RED_TEXT}Ex:${RED_TEXT}" myhost exists in AD ${INTRO_TEXT}" echo "${INTRO_TEXT} It is important that the computerobject "${RED_TEXT}Ex:${RED_TEXT}" myhost gets created in AD pre or post running the script ( the join will create an computer object by it self ${INTRO_TEXT}"
echo "${INTRO_TEXT} and that the group "${RED_TEXT}Ex:${RED_TEXT}" myhostsudoes exists, sudoers must be added or edit this script to remove sudoers from name${INTRO_TEXT}" echo "${INTRO_TEXT} and that the group "${RED_TEXT}Ex:${RED_TEXT}" myhostsudoes exists, sudoers must be added or edit this script to remove sudoers from name${INTRO_TEXT}"
echo "${INTRO_TEXT} Script will also add domain admin group to sudoes ${INTRO_TEXT}" echo "${INTRO_TEXT} Script will also add domain admin group to sudoes ${INTRO_TEXT}"
echo "${NUMBER} Remember to Check Hostname and add it to AD before running the ADjoin${NUMBER}" echo "${NUMBER} Remember to Check Hostname and add it to AD${NUMBER}"
echo "${INTRO_TEXT} Reauthenticate is a fix for Ubuntu 14 likewise issues when client looses user (who am I?)${INTRO_TEXT}" echo "${INTRO_TEXT} Reauthenticate is a fix for Ubuntu 14 likewise issues when client looses user (who am I?)${INTRO_TEXT}"
echo "${INTRO_TEXT} ${INTRO_TEXT}" echo "${INTRO_TEXT} ${INTRO_TEXT}"
echo "${INTRO_TEXT} Ubuntu 16 and 14 has the setting not to show domain name in name or homefolder due it can give${INTRO_TEXT}" echo "${INTRO_TEXT} Ubuntu 16 and 14 has the setting not to show domain name in name or homefolder due it can give${INTRO_TEXT}"
echo "${INTRO_TEXT} coding issues when building.. to change this configure /et/sssd/sssd.conf ${INTRO_TEXT}" echo "${INTRO_TEXT} coding issues when building.. to change this configure /et/sssd/sssd.conf ${INTRO_TEXT}"
echo ""
echo ""
echo "AD-Connection flags"
echo "-d ubuntu debug mode GNU required"
echo "-l Run script and log to logfile"
echo ""
exit exit
} }
MENU_FN(){ MENU_FN(){
@ -953,19 +959,17 @@ clear
echo "${MENU}*${NUMBER} 1)${MENU} Join to AD on Linux (Ubuntu/Rasbian) ${NORMAL}" echo "${MENU}*${NUMBER} 1)${MENU} Join to AD on Linux (Ubuntu/Rasbian) ${NORMAL}"
echo "${MENU}*${NUMBER} 2)${MENU} Join to AD on Debian Jessie Client ${NORMAL}" echo "${MENU}*${NUMBER} 2)${MENU} Join to AD on Debian Jessie Client ${NORMAL}"
echo "${MENU}*${NUMBER} 3)${MENU} Join to AD on CentOS ${NORMAL}" echo "${MENU}*${NUMBER} 3)${MENU} Join to AD on CentOS ${NORMAL}"
echo "${MENU}*${NUMBER} 4)${MENU} Join to AD on Ubuntu Client or Server in debug mode ${NORMAL}" echo "${MENU}*${NUMBER} 4)${MENU} Check for errors ${NORMAL}"
echo "${MENU}*${NUMBER} 5)${MENU} Check for errors ${NORMAL}" echo "${MENU}*${NUMBER} 5)${MENU} Search with ldap ${NORMAL}"
echo "${MENU}*${NUMBER} 6)${MENU} Search with ldap ${NORMAL}" echo "${MENU}*${NUMBER} 6)${MENU} Reauthenticate (Ubuntu14 only) ${NORMAL}"
echo "${MENU}*${NUMBER} 7)${MENU} Reauthenticate (Ubuntu14 only) ${NORMAL}" echo "${MENU}*${NUMBER} 7)${MENU} Update from Likewise to Realmd for Ubuntu 14 ${NORMAL}"
echo "${MENU}*${NUMBER} 8)${MENU} Update from Likewise to Realmd for Ubuntu 14 ${NORMAL}" echo "${MENU}*${NUMBER} 8)${MENU} Leave Domain ${NORMAL}"
echo "${MENU}*${NUMBER} 9)${MENU} Leave Domain ${NORMAL}"
echo "${MENU}*${NUMBER} 10)${MENU} README with examples ${NORMAL}"
echo "${NORMAL} ${NORMAL}" echo "${NORMAL} ${NORMAL}"
echo "${ENTER_LINE}Please enter a menu option and enter or ${RED_TEXT}enter to exit. ${NORMAL}" echo "${ENTER_LINE}Please enter a menu option and enter or ${RED_TEXT}enter to exit. ${NORMAL}"
read opt read opt
while [ opt != '' ] while [ opt != '' ]
do do
if [ $opt = "" ]; then if [ $opt = "" ]; then
exit; exit;
else else
case $opt in case $opt in
@ -982,34 +986,26 @@ while [ opt != '' ]
CentOS CentOS
;; ;;
4) clear; 4) clear;
echo "Join to AD on Ubuntu Client or Server in debug mode"
linuxclientdebug
;;
5) clear;
echo "Check for errors" echo "Check for errors"
failcheck failcheck
;; ;;
6) clear; 5) clear;
echo "Check in Ldap" echo "Check in Ldap"
ldaplook ldaplook
;; ;;
7) clear; 6) clear;
echo "Rejoin to AD" echo "Rejoin to AD"
Reauthenticate Reauthenticate
;; ;;
8) clear; 7) clear;
echo "Update from Likewise to Realmd" echo "Update from Likewise to Realmd"
Realmdupdate Realmdupdate
;; ;;
9) 8)
clear; clear;
echo "Leave domain" echo "Leave domain"
leave leave
;; ;;
10) clear;
echo "READ ME"
readmes
;;
x)exit; x)exit;
;; ;;
\n)exit; \n)exit;
@ -1022,4 +1018,25 @@ while [ opt != '' ]
fi fi
done done
} }
clear
if [ "$1" = "--help" ]
then
clear
readmes
exit
else
if [ "$1" = "-d" ]
then
linuxclientdebug
else
if [ "$1" = "-l" ]
then
DATE=`date +%H:%M`
MENU_FN 2>&1 | sudo tee ADconnection.log
exit
else
echo ""
fi
fi
fi
MENU_FN MENU_FN