From 861eb87522b03f4f64378978eb75bbdb01ada5b8 Mon Sep 17 00:00:00 2001
From: DragonSlayer_14 <dragonslayer14@creativedragonslayer.de>
Date: Wed, 26 Mar 2025 11:46:02 +0100
Subject: [PATCH] =?UTF-8?q?Feat:=20Passt=20das=20Skript=20f=C3=BCr=20Arch?=
 =?UTF-8?q?=20an.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 1_AdJoin.sh | 43 ++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 42 insertions(+), 1 deletion(-)

diff --git a/1_AdJoin.sh b/1_AdJoin.sh
index 38b96b9..bc1b705 100755
--- a/1_AdJoin.sh
+++ b/1_AdJoin.sh
@@ -6,6 +6,7 @@ if [ "$(id -u)" -eq 0 ]; then
     exit 1
 fi
 
+CURRENT_DIR=$(pwd)
 AUR_CODE_DIR="/var/lib/user_aur_code"
 
 sudo pacman -Syu glib2 glib2-devel git --no-confirm
@@ -29,15 +30,55 @@ cd realmd
 makepkg -sic
 git clean -dfx
 
+cd $CURRENT_DIR
+
 sudo mkdir -p /var/lib/samba/private/
 sudo pacman -Syu sssd curl ntp polkit
 
-echo "Daten für Domainjoin:"
+echo "❓ Daten für Domainjoin:"
 read -p "Domänenname: " DOMAIN
 read -p "Adminuser: " ADMIN
 
+NetBios=$(echo "$DOMAIN" | cut -d '.' -f1)
+coms=$( echo "$DOMAIN" | cut -d '.' -f2 )
+
 sudo realm join --verbose --user="$ADMIN" "$DOMAIN" --install=/
 
 sudo systemctl enable sssd
 sudo systemctl start sssd
 
+homedir=$(grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1)
+if [ "$homedir" = "0077" ]
+then
+    echo "ℹ️ pam_mkhomedir.so configured"
+    sleep 1
+else
+    echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077" | sudo tee -a /etc/pam.d/common-session
+fi
+
+sed -i -e 's/fallback_homedir = \/home\/%u@%d/#fallback_homedir = \/home\/%u@%d/g' /etc/sssd/sssd.conf
+sed -i -e 's/use_fully_qualified_names = True/use_fully_qualified_names = False/g' /etc/sssd/sssd.conf
+sed -i -e 's/access_provider = ad/access_provider = simple/g' /etc/sssd/sssd.conf
+sed -i -e 's/sudoers:        files sss/sudoers:        files/g' /etc/nsswitch.conf
+echo "override_homedir = /home/%u" | sudo tee -a /etc/sssd/sssd.conf
+sudo sudo grep -i override /etc/sssd/sssd.conf
+
+sudo sed -i '/krb5_realm =/a entry_cache_group_timeout = 5400' /etc/sssd/sssd.conf
+sudo sed -i '/krb5_realm =/a entry_cache_user_timeout = 5400' /etc/sssd/sssd.conf
+
+sudo echo "#entry_cache_user_timeout = 5400
+#entry_cache_group_timeout = 5400
+#cache_credentials = TRUE
+### Added to help with group mapping
+###ldap_use_tokengroups = False
+#ldap_schema = rfc2307bis
+#ldap_schema = rfc2307
+#ldap_schema = IPA
+#ldap_schema = AD
+#ldap_search_base = DC=$NetBios,DC=$coms
+#ldap_group_member = uniquemember
+#ad_enable_gc = False
+entry_cache_timeout = 600
+entry_cache_nowait_percentage = 75 " | sudo tee -a /etc/sssd/sssd.alternatives
+
+echo "✅ Der Computer muss jetzt neugestartet werden. Vor dem Anmelden etwa 3 Minuten warten!"