LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 11-09-2004, 08:26 PM   #1
L1nuxbug
Member
 
Registered: Feb 2004
Location: Quetta
Distribution: RedHat
Posts: 54

Rep: Reputation: 15
[Script] Join Fedora Core2 in Windows 2003 Domain


:::The following is a script:::
change BUGHOUSE.COM to your windows 2003 FQDN domain name

##################### SCRIPTS STARTS HERE #####################
#! /bin/bash
clear
b1='\33[1m'
b0='\33[0m'
backup=SW3Back_$(date +%s)
s1=$(smbd -V)
s2="Version 3.0.3-5"
if [ "$s1" = "$s2" ]
then
printf "\nYou are using Samba $s2\n"
else
printf "\nYou are using Samba $s1 not $s2\n"
exit 0
fi
printf "*********************************************************************"; echo
printf '\E[34;47m'"THIS SCRIPT WILL NOW CONFIGURE SAMBA WITH WINDOWS SERVER 2003 DOMAIN.\n"; tput sgr0
printf '\E[31;47m'"PRESS ctrl+C TO EXIT. \n"; tput sgr0
echo
while true
do
printf $b1"Enter NetBios domain name: "$b0; read domain
if [ -z $domain ]
then
continue
fi
break
done
hostname=$HOSTNAME
printf $b1"Enter NetBios host name [$hostname]: "$b0; read netbios
if [ -z $netbios ]
then
netbios=$hostname
fi
while true
do
printf $b1"Enter primary domain controller name : "$b0; read pdc
if [ -z $pdc ]
then
continue
fi
break
done
while true
do
printf $b1"Enter realm [e.g. domain.com ] : "$b0; read realm
if [ -z $realm ]
then
continue
fi
break
done
while true
do
printf $b1"Does $domain have bdc? [y/n]: "$b0; read Keypress
case "$Keypress" in
[y,Y] ) printf $b1"Enter backup domain controller : "$b10; read bdc
if [ -z $bdc ]
then
continue
fi;;
[n,N] ) break;;
* ) printf $b1"Please Enter Yes or No. "$b0; continue;;
esac
break
done
while true
do
printf $b1"User name to be entered below must have sufficent previlegs to enter a computer to domain."$b0
printf $b1"\nEnter user name: "$b0; read user
if [ -z $user ]
then
continue
fi
break
done
printf $b1"What is your smb.conf path [ /etc/samba ]: "$b0; read confpath
if [ -z $confpath ]
then
confpath="/etc/samba"
fi
echo
printf $b1"Domain name: "$b0; echo $domain
printf $b1"NetBios Name: "$b0; echo $netbios
printf $b1"PDC: "$b0; echo $pdc
printf $b1"Realm: "$b0; echo $realm
printf $b1"BDC: "$b0; echo $bdc
printf $b1"User: "$b0; echo $user
printf $b1"Samba conf path: "$b0; echo $confpath
echo
while true
do
printf $b1"Are these values correct? [y/n]: "$b0; read Keypress
case "$Keypress" in
[y,Y] ) break;;
[n,N] ) exec $0;;
* ) printf $b1"Please Enter Yes or No. "$b0; continue;;
esac
break
done
#********************************
#********************************
printf $b1"\nCREATING SKELL ... "$b0;
mkdir /etc/samba/skel
cp -fr /etc/skel /etc/samba
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/samba/smb.conf as /etc/samba/smb.conf_$backup ... "
cp --reply=no /etc/samba/smb.conf /etc/samba/smb.conf_$backup
touch /etc/samba/smbpasswd
printf $b1"DONE"$b0;
printf $b1"\nConfiguring Samba ... "$b0;
echo "#======================= Global Settings =====================================
#======================= Global Settings =====================================
[global]
workgroup = $domain
netbios name = $netbios
server string = Samba Server on $netbios
printcap name = /etc/printcap
load printers = yes
printing = lprng
log file = /var/log/samba/%m.log
log level = 1
max log size = 10
security = ADS
realm = $realm
client use spnego = yes
password server = $pdc
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind cache time = 15
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
winbind use default domain = yes
add user script = /usr/sbin/useradd %u -g smbusers
delete user script = /usr/sbin/userdel %u
allow trusted domains = yes
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
remote announce = 190.1.255.255
local master = no
dns proxy = no
preserve case = no
short preserve case = no
default case = lower
case sensitive = no
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = yes
writable = yes
valid users = %D+%S
create mode = 0700
directory mode = 0700
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes

" > /etc/samba/smb.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/samba/krb5.conf as /etc/samba/krb5.conf_$backup ... "
cp --reply=no /etc/samba/krb5.conf /etc/samba/krb5.conf_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/samba/krb5.conf ... "$b0;
echo "#/etc/samba/krb5.conf
[libdefaults]
default_realm = $realm
[realms]
$realm = {
kdc = $pdc.$realm
default_domain = $realm
}
[domain_realm]
.kerberos.server = $realm
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

" > /etc/samba/krb5.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/nsswitch.conf as /etc/nsswitch.conf_$backup ... "
cp --reply=no /etc/nsswitch.conf /etc/nsswitch.conf_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/nsswitch.conf ... "$b0;
echo "#/etc/nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files nisplus dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files nisplus
rpc: files
services: files nisplus
netgroup: files nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
" > /etc/nsswitch.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/krb5.conf as /etc/krb5.conf_$backup ... "
cp --reply=no /etc/krb5.conf /etc/krb5.conf_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/krb5.conf ... "$b0;
echo "
[libdefaults]
default_realm = $realm
[realms]

BUGHOUSE.COM = {
kdc = $pdc.$realm
default_domain = $realm
}
[domain_realm]
.kerberos.server = $realm
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
" > /etc/krb5.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/pam.d/login as /etc/pam.d/login_$backup ... "
cp --reply=no /etc/pam.d/login /etc/pam.d/login_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/pam.d/login ... "$b0;
echo "#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_unix.so use_first_pass
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so skel=/etc/samba/skel/ umask=0022
session optional .lib/security/pam_console.so

" > /etc/pam.d/login
printf $b1"DONE"$b0;
#********************************

#********************************
printf $b1"\nBackingup /etc/pam.d/samba as /etc/pam.d/samba_$backup ... "
cp --reply=no /etc/pam.d/samba /etc/pam.d/samba_$backup
printf $b1"DONE"$b0;

printf $b1"\nConfiguring /etc/pam.d/samba ... "$b0;
echo "#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_winbind.so
account required /lib/security/pam_winbind.so
account required pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so skel=/etc/samba/skel umask=0022
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth

" > /etc/pam.d/samba
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/pam.d/system-auth as /etc/pam.d/system-auth_$backup ... "
cp --reply=no /etc/pam.d/system-auth /etc/pam.d/system-auth_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/pam.d/system-auth ... "$b0;
echo "#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so likeauth nullok use_first_pass
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
session required /lib/security/pam_mkhomedir.so skel=/etc/samba/skel umask=0022
" > /etc/pam.d/system-auth
printf $b1"DONE"$b0;
#********************************
printf $b1"\nCreating directory ..."$b0;
mkdir /home/$domain
chown smbuser:smb /home/$domain
chmod 777 /home/$domain
chmod 777 /home
chown smbuser:smb /home
printf $b1"DONE"$b0;
printf $b1"\nCreating group ntdomainusers ..."$b0;
groupadd -g 10006 ntdomainusers
printf $b1"DONE"$b0;
printf $b1"\nRestarting services ...\n"$b0;
service winbind stop
service smb restart
service winbind start
printf $b1"DONE"$b0;
printf $b1"\nJoining $domain ..."$b0;
net ADS join -U $user
printf $b1"DONE"$b0;
printf $b1"\nConfiguring system to start smb and winbind on startup ..."$b0;
chkconfig smb on
chkconfig winbind on
printf $b1"DONE"$b0;
printf $b1"\nRestarting services ...\n"$b0;
service winbind stop
service smb restart
service winbind start
printf $b1"DONE"$b0;
echo "
TEST

A. To see shares, name, ip, and more at the command line type:
smbclient -L localhost -U%

B. To test connection to a share type as a user defined on NT PDC:
smbclient '\\machine_name\share_name' -U user_name

C. To see in winbind is seeing users from the NT PDC type:
wbinfo -u
wbinfo -a user_name%password
wbinfo -A user_name%password

D. Try getent as well
getent passwd
getent group
"
echo
echo
printf '\E[34;47m'"HAVE A NICE DAY..."; tput sgr0
printf "\n"
echo

##################### SCRIPTS ENDS HERE [COLOR=blue]

Last edited by L1nuxbug; 11-09-2004 at 08:29 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
windows 2003 can't join linux domain niggersak Linux - Networking 1 08-10-2005 07:25 AM
window 2003 can't join linux domain niggersak Linux - General 1 08-09-2005 04:44 PM
Making a Linux PC join a Windows 2003 domain leo_linux Linux - Networking 4 05-19-2005 05:23 AM
Cannot join a window 2003 domain pas Linux - Networking 1 10-11-2004 10:20 AM
How to Join a windows 2003 domain bballshawn11 Linux - Networking 4 06-02-2004 11:15 PM


All times are GMT -5. The time now is 04:02 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration