Update ADconnection.sh

ADconnection.sh

@@ -181,15 +181,35 @@ sudo echo "#entry_cache_user_timeout = 5400
 #ad_enable_gc = False
 entry_cache_timeout = 600
 entry_cache_nowait_percentage = 75 " | sudo tee -a /etc/sssd/sssd.alternatives
-
 sudo service sssd restart
 sleep 1
 clear
+usesasl=$( cat readfile | grep USESASL | awk '{print $3}')
+if [ "$usesasl" = "yes" ]
+then
+sasl=$( cat readfile | grep LDAPS | awk '{print $3}' )
+  if [ "$sasl" = "null" ]
+  then
+  echo "You need to specify domaincontroller in readfile"
+  exit
+  else
+  echo "$sasl"
+  cacer=$( cat readfile | grep CACERT | awk '{print $3}' )
+  if ! ls $cacer
+  then echo "No root CA found, check your path to file"
+  else
+  echo "Applied config from readfile"
+  #sed -i "/krb5_realm = /a ldap_uri = $LdapsDC" /etc/sssd/sssd.conf
+  #sed -i "/krb5_realm = /a ldap_tls_cacert = $cacert" /etc/sssd/sssd.conf
+  echo "Applied config from readfile"
+  fi
+  fi
+else
 echo "For SASL put you company root-ca.cer in /usr/share/ca-certificates/root/ folder"
 read -r -p "Do you wish to use SASL (LDAPS) (y/n)?" yn
    case $yn in
     [Yy]* )
-if [ -f /usr/share/ca-certificates/root/*.cer ]
+if [ -f "/usr/share/ca-certificates/root/*.cer" ]
 then
 cacert=$( ls /usr/share/ca-certificates/root/ | grep .cer | head -1 )
 echo "Type in address of your Domaincontroller: ex: dc01.com"
@@ -221,6 +241,7 @@ fi;;
     [Nn]* )echo "";;
     * ) echo "Please answer yes or no.";;
    esac
+fi
 ################################# Check #######################################
 if ! sudo service sssd restart
 then