[Script] Join Fedora Core2 in Windows 2003 Domain
:::The following is a script:::
change BUGHOUSE.COM to your windows 2003 FQDN domain name
##################### SCRIPTS STARTS HERE #####################
#! /bin/bash
clear
b1='\33[1m'
b0='\33[0m'
backup=SW3Back_$(date +%s)
s1=$(smbd -V)
s2="Version 3.0.3-5"
if [ "$s1" = "$s2" ]
then
printf "\nYou are using Samba $s2\n"
else
printf "\nYou are using Samba $s1 not $s2\n"
exit 0
fi
printf "*********************************************************************"; echo
printf '\E[34;47m'"THIS SCRIPT WILL NOW CONFIGURE SAMBA WITH WINDOWS SERVER 2003 DOMAIN.\n"; tput sgr0
printf '\E[31;47m'"PRESS ctrl+C TO EXIT. \n"; tput sgr0
echo
while true
do
printf $b1"Enter NetBios domain name: "$b0; read domain
if [ -z $domain ]
then
continue
fi
break
done
hostname=$HOSTNAME
printf $b1"Enter NetBios host name [$hostname]: "$b0; read netbios
if [ -z $netbios ]
then
netbios=$hostname
fi
while true
do
printf $b1"Enter primary domain controller name : "$b0; read pdc
if [ -z $pdc ]
then
continue
fi
break
done
while true
do
printf $b1"Enter realm [e.g. domain.com ] : "$b0; read realm
if [ -z $realm ]
then
continue
fi
break
done
while true
do
printf $b1"Does $domain have bdc? [y/n]: "$b0; read Keypress
case "$Keypress" in
[y,Y] ) printf $b1"Enter backup domain controller : "$b10; read bdc
if [ -z $bdc ]
then
continue
fi;;
[n,N] ) break;;
* ) printf $b1"Please Enter Yes or No. "$b0; continue;;
esac
break
done
while true
do
printf $b1"User name to be entered below must have sufficent previlegs to enter a computer to domain."$b0
printf $b1"\nEnter user name: "$b0; read user
if [ -z $user ]
then
continue
fi
break
done
printf $b1"What is your smb.conf path [ /etc/samba ]: "$b0; read confpath
if [ -z $confpath ]
then
confpath="/etc/samba"
fi
echo
printf $b1"Domain name: "$b0; echo $domain
printf $b1"NetBios Name: "$b0; echo $netbios
printf $b1"PDC: "$b0; echo $pdc
printf $b1"Realm: "$b0; echo $realm
printf $b1"BDC: "$b0; echo $bdc
printf $b1"User: "$b0; echo $user
printf $b1"Samba conf path: "$b0; echo $confpath
echo
while true
do
printf $b1"Are these values correct? [y/n]: "$b0; read Keypress
case "$Keypress" in
[y,Y] ) break;;
[n,N] ) exec $0;;
* ) printf $b1"Please Enter Yes or No. "$b0; continue;;
esac
break
done
#********************************
#********************************
printf $b1"\nCREATING SKELL ... "$b0;
mkdir /etc/samba/skel
cp -fr /etc/skel /etc/samba
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/samba/smb.conf as /etc/samba/smb.conf_$backup ... "
cp --reply=no /etc/samba/smb.conf /etc/samba/smb.conf_$backup
touch /etc/samba/smbpasswd
printf $b1"DONE"$b0;
printf $b1"\nConfiguring Samba ... "$b0;
echo "#======================= Global Settings =====================================
#======================= Global Settings =====================================
[global]
workgroup = $domain
netbios name = $netbios
server string = Samba Server on $netbios
printcap name = /etc/printcap
load printers = yes
printing = lprng
log file = /var/log/samba/%m.log
log level = 1
max log size = 10
security = ADS
realm = $realm
client use spnego = yes
password server = $pdc
winbind separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind cache time = 15
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
winbind use default domain = yes
add user script = /usr/sbin/useradd %u -g smbusers
delete user script = /usr/sbin/userdel %u
allow trusted domains = yes
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
remote announce = 190.1.255.255
local master = no
dns proxy = no
preserve case = no
short preserve case = no
default case = lower
case sensitive = no
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = yes
writable = yes
valid users = %D+%S
create mode = 0700
directory mode = 0700
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
" > /etc/samba/smb.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/samba/krb5.conf as /etc/samba/krb5.conf_$backup ... "
cp --reply=no /etc/samba/krb5.conf /etc/samba/krb5.conf_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/samba/krb5.conf ... "$b0;
echo "#/etc/samba/krb5.conf
[libdefaults]
default_realm = $realm
[realms]
$realm = {
kdc = $pdc.$realm
default_domain = $realm
}
[domain_realm]
.kerberos.server = $realm
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
" > /etc/samba/krb5.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/nsswitch.conf as /etc/nsswitch.conf_$backup ... "
cp --reply=no /etc/nsswitch.conf /etc/nsswitch.conf_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/nsswitch.conf ... "$b0;
echo "#/etc/nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files nisplus dns
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files nisplus
rpc: files
services: files nisplus
netgroup: files nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
" > /etc/nsswitch.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/krb5.conf as /etc/krb5.conf_$backup ... "
cp --reply=no /etc/krb5.conf /etc/krb5.conf_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/krb5.conf ... "$b0;
echo "
[libdefaults]
default_realm = $realm
[realms]
BUGHOUSE.COM = {
kdc = $pdc.$realm
default_domain = $realm
}
[domain_realm]
.kerberos.server = $realm
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
" > /etc/krb5.conf
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/pam.d/login as /etc/pam.d/login_$backup ... "
cp --reply=no /etc/pam.d/login /etc/pam.d/login_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/pam.d/login ... "$b0;
echo "#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_unix.so use_first_pass
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so skel=/etc/samba/skel/ umask=0022
session optional .lib/security/pam_console.so
" > /etc/pam.d/login
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/pam.d/samba as /etc/pam.d/samba_$backup ... "
cp --reply=no /etc/pam.d/samba /etc/pam.d/samba_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/pam.d/samba ... "$b0;
echo "#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_winbind.so
account required /lib/security/pam_winbind.so
account required pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so skel=/etc/samba/skel umask=0022
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
" > /etc/pam.d/samba
printf $b1"DONE"$b0;
#********************************
#********************************
printf $b1"\nBackingup /etc/pam.d/system-auth as /etc/pam.d/system-auth_$backup ... "
cp --reply=no /etc/pam.d/system-auth /etc/pam.d/system-auth_$backup
printf $b1"DONE"$b0;
printf $b1"\nConfiguring /etc/pam.d/system-auth ... "$b0;
echo "#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so likeauth nullok use_first_pass
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
session required /lib/security/pam_mkhomedir.so skel=/etc/samba/skel umask=0022
" > /etc/pam.d/system-auth
printf $b1"DONE"$b0;
#********************************
printf $b1"\nCreating directory ..."$b0;
mkdir /home/$domain
chown smbuser:smb /home/$domain
chmod 777 /home/$domain
chmod 777 /home
chown smbuser:smb /home
printf $b1"DONE"$b0;
printf $b1"\nCreating group ntdomainusers ..."$b0;
groupadd -g 10006 ntdomainusers
printf $b1"DONE"$b0;
printf $b1"\nRestarting services ...\n"$b0;
service winbind stop
service smb restart
service winbind start
printf $b1"DONE"$b0;
printf $b1"\nJoining $domain ..."$b0;
net ADS join -U $user
printf $b1"DONE"$b0;
printf $b1"\nConfiguring system to start smb and winbind on startup ..."$b0;
chkconfig smb on
chkconfig winbind on
printf $b1"DONE"$b0;
printf $b1"\nRestarting services ...\n"$b0;
service winbind stop
service smb restart
service winbind start
printf $b1"DONE"$b0;
echo "
TEST
A. To see shares, name, ip, and more at the command line type:
smbclient -L localhost -U%
B. To test connection to a share type as a user defined on NT PDC:
smbclient '\\machine_name\share_name' -U user_name
C. To see in winbind is seeing users from the NT PDC type:
wbinfo -u
wbinfo -a user_name%password
wbinfo -A user_name%password
D. Try getent as well
getent passwd
getent group
"
echo
echo
printf '\E[34;47m'"HAVE A NICE DAY..."; tput sgr0
printf "\n"
echo
##################### SCRIPTS ENDS HERE [COLOR=blue]
Last edited by L1nuxbug; 11-09-2004 at 08:29 PM.
|