Created
January 12, 2017 19:35
-
-
Save justinian/7fa6367f4604a6a19964255fe690d1e8 to your computer and use it in GitHub Desktop.
Join a Debian Jessie box to an AD domain
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script should join Debian Jessie (8) to an Active Directory domain. | |
| # Originally based on Alan D. Moore's script from his article "Joining Debian | |
| # 8 to Active Directory" | |
| # http://www.alandmoore.com/blog/2015/05/06/joining-debian-8-to-active-directory/ | |
| if [[ $1 == "--user" | $1 == "-u" ]]; then | |
| shift | |
| USER=`shift` | |
| fi | |
| DOMAIN=$1 | |
| if [[ ! $DOMAIN ]]; then | |
| >&2 echo "Usage: $0 [--user <USER>] <domain>" | |
| exit 1 | |
| fi | |
| if ! $(which realmd 2>/dev/null); then | |
| aptitude install realmd adcli sssd | |
| fi | |
| if ! $(which ntpd 2>/dev/null); then | |
| aptitude install ntp | |
| fi | |
| mkdir -p /var/lib/samba/private | |
| realm join --user=$USER $DOMAIN | |
| if [ $? -ne 0 ]; then | |
| echo "AD join failed. Please run 'journalctl -xn' to determine why." | |
| exit 1 | |
| fi | |
| systemctl enable sssd | |
| systemctl start sssd | |
| echo "session required pam_mkhomedir.so skel=/etc/skel/ umask=0022" >> /etc/pam.d/common-session | |
| # configure sudo | |
| aptitude install libsss-sudo | |
| echo "%domain\ admins@$DOMAIN ALL=(ALL) ALL" >> /etc/sudoers.d/domain_admins | |
| echo "The computer is joined to the domain. Please reboot, ensure that you are connected to the network, and you should be able to login with domain credentials." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment