nzbart/join-domain.sh

## join-domain.sh
# Replace example.com with your domain
hostnamectl set-hostname <hostname>.example.com                                   # FQDN required for DNS registrations by realm (not sure why)
mkdir -p /var/log/journal                                                         # Persist logs across reboots
apt update && apt full-upgrade -y && apt auto-remove -y                           # Get software up to date
apt install -y unattended-upgrades packagekit realmd dnsutils sudo                # Install required packages
pam-auth-update --enable mkhomedir                                                # Allow automatic creation of home directories for domain users
echo '%domain\ admins@example.com ALL=(ALL:ALL) ALL' > /etc/sudoers.d/example.com # Allow all domain users to act as root in high-trust environments
ssh-keyscan localhost | ssh-keygen -lf -                                          # Take a record of the SSH keys for secure login
realm join -v -U <your unqualified domain user name> example.com                  # Join domain
	# Replace example.com with your domain
	hostnamectl set-hostname <hostname>.example.com # FQDN required for DNS registrations by realm (not sure why)
	mkdir -p /var/log/journal # Persist logs across reboots
	apt update && apt full-upgrade -y && apt auto-remove -y # Get software up to date
	apt install -y unattended-upgrades packagekit realmd dnsutils sudo # Install required packages
	pam-auth-update --enable mkhomedir # Allow automatic creation of home directories for domain users
	echo '%domain\ admins@example.com ALL=(ALL:ALL) ALL' > /etc/sudoers.d/example.com # Allow all domain users to act as root in high-trust environments
	ssh-keyscan localhost \| ssh-keygen -lf - # Take a record of the SSH keys for secure login
	realm join -v -U <your unqualified domain user name> example.com # Join domain