Atenção: Alterar as informações das variáveis abaixo conforme seu ambiente.
dc_user=user.adm
dc_pass='P@$$w0rd'
dc_ip=192.168.0.5
dc_host=SRVAD001M
dc_domain=domain.intra
dc_domain_realm=DOMAIN.INTRA
dc_grp_admins=grp-admins
dc_pass='P@$$w0rd'
dc_ip=192.168.0.5
dc_host=SRVAD001M
dc_domain=domain.intra
dc_domain_realm=DOMAIN.INTRA
dc_grp_admins=grp-admins
mv /etc/hosts /etc/hosts.bkp
cat > /etc/hosts << EOL
127.0.0.1 $HOSTNAME.$dc_domain $HOSTNAME localhost
::1 localhost ip6-localhost ip6-loopback
$dc_ip $dc_host.$dc_domain
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOL
cat > /etc/hosts << EOL
127.0.0.1 $HOSTNAME.$dc_domain $HOSTNAME localhost
::1 localhost ip6-localhost ip6-loopback
$dc_ip $dc_host.$dc_domain
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOL
hostnamectl set-hostname $HOSTNAME.$dc_domain
apt -y install sudo realmd sssd sssd-tools libnss-sss libpam-sss adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
cp /etc/resolv.conf /etc/resolv.conf.bkp
cat >> /etc/resolv.conf << EOL
domain $dc_domain
domain $dc_domain
search $dc_domain
nameserver $dc_ip
nameserver $dc_ip
EOL
sudo realm discover $dc_domain_realm
echo $dc_pass | sudo realm join -U $dc_user $dc_domain_realm
cp /etc/sssd/sssd.conf /etc/sssd/sssd.conf.bkp
sudo sed -i 's/use_fully_qualified_names = True/use_fully_qualified_names = False/g' /etc/sssd/sssd.conf
sudo sed -i 's/use_fully_qualified_names = True/use_fully_qualified_names = False/g' /etc/sssd/sssd.conf
systemctl restart sssd
cat > /etc/ssh/sshd_config.d/$dc_grp_admins.conf << EOL
AllowGroups Domain $dc_grp_admins sudo $USER
EOL
EOL
systemctl restart sshd
Nenhum comentário:
Postar um comentário