Feat: Passt das Skript für Arch an.
This commit is contained in:
parent
938ac3061f
commit
861eb87522
43
1_AdJoin.sh
43
1_AdJoin.sh
@ -6,6 +6,7 @@ if [ "$(id -u)" -eq 0 ]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
CURRENT_DIR=$(pwd)
|
||||
AUR_CODE_DIR="/var/lib/user_aur_code"
|
||||
|
||||
sudo pacman -Syu glib2 glib2-devel git --no-confirm
|
||||
@ -29,15 +30,55 @@ cd realmd
|
||||
makepkg -sic
|
||||
git clean -dfx
|
||||
|
||||
cd $CURRENT_DIR
|
||||
|
||||
sudo mkdir -p /var/lib/samba/private/
|
||||
sudo pacman -Syu sssd curl ntp polkit
|
||||
|
||||
echo "Daten für Domainjoin:"
|
||||
echo "❓ Daten für Domainjoin:"
|
||||
read -p "Domänenname: " DOMAIN
|
||||
read -p "Adminuser: " ADMIN
|
||||
|
||||
NetBios=$(echo "$DOMAIN" | cut -d '.' -f1)
|
||||
coms=$( echo "$DOMAIN" | cut -d '.' -f2 )
|
||||
|
||||
sudo realm join --verbose --user="$ADMIN" "$DOMAIN" --install=/
|
||||
|
||||
sudo systemctl enable sssd
|
||||
sudo systemctl start sssd
|
||||
|
||||
homedir=$(grep homedir /etc/pam.d/common-session | grep 0077 | cut -d '=' -f3 | head -1)
|
||||
if [ "$homedir" = "0077" ]
|
||||
then
|
||||
echo "ℹ️ pam_mkhomedir.so configured"
|
||||
sleep 1
|
||||
else
|
||||
echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0077" | sudo tee -a /etc/pam.d/common-session
|
||||
fi
|
||||
|
||||
sed -i -e 's/fallback_homedir = \/home\/%u@%d/#fallback_homedir = \/home\/%u@%d/g' /etc/sssd/sssd.conf
|
||||
sed -i -e 's/use_fully_qualified_names = True/use_fully_qualified_names = False/g' /etc/sssd/sssd.conf
|
||||
sed -i -e 's/access_provider = ad/access_provider = simple/g' /etc/sssd/sssd.conf
|
||||
sed -i -e 's/sudoers: files sss/sudoers: files/g' /etc/nsswitch.conf
|
||||
echo "override_homedir = /home/%u" | sudo tee -a /etc/sssd/sssd.conf
|
||||
sudo sudo grep -i override /etc/sssd/sssd.conf
|
||||
|
||||
sudo sed -i '/krb5_realm =/a entry_cache_group_timeout = 5400' /etc/sssd/sssd.conf
|
||||
sudo sed -i '/krb5_realm =/a entry_cache_user_timeout = 5400' /etc/sssd/sssd.conf
|
||||
|
||||
sudo echo "#entry_cache_user_timeout = 5400
|
||||
#entry_cache_group_timeout = 5400
|
||||
#cache_credentials = TRUE
|
||||
### Added to help with group mapping
|
||||
###ldap_use_tokengroups = False
|
||||
#ldap_schema = rfc2307bis
|
||||
#ldap_schema = rfc2307
|
||||
#ldap_schema = IPA
|
||||
#ldap_schema = AD
|
||||
#ldap_search_base = DC=$NetBios,DC=$coms
|
||||
#ldap_group_member = uniquemember
|
||||
#ad_enable_gc = False
|
||||
entry_cache_timeout = 600
|
||||
entry_cache_nowait_percentage = 75 " | sudo tee -a /etc/sssd/sssd.alternatives
|
||||
|
||||
echo "✅ Der Computer muss jetzt neugestartet werden. Vor dem Anmelden etwa 3 Minuten warten!"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user