PROFESSIONAL PROJECT

Linux Active Directory bind

This Project was working with Active Directory and Binding AD with our Linux Servers at Sage Technology Solutions.

Linux Samba / RealmD Binding

I wrote an active directory binding script for joining our Linux servers onto our active directory domain. We used realm with SSSD to interface with samba. We wrote an auto-install script. This is written for Ubuntu 20.04 at the time of coding. I will include an improved version below for general use!

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#!/bin/bash
apt update
apt -y install realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
echo "Enter your active directory domain name:"
sleep 0.25
read domainName
realm discover $domainName
echo "Enter your active directory username:"
sleep 0.25
read realmJoinUsername
realm join $domainName -U $realmJoinUsername 
bash -c "cat > /usr/share/pam-configs/mkhomedir" <
Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session:
        required                        pam_mkhomedir.so umask=0022 skel=/etc/skel
EOF
pam-auth-update --enable mkhomedir
systemctl restart sssd
realm permit -g "Domain [email protected]"
realm permit -g [email protected]
sed -i -e 's/use_fully_qualified_names = True/use_fully_qualified_names = False/g' /etc/sssd/sssd.conf
systemctl restart sssd.service

bash -c "cat > /etc/sudoers.d/domain_admins" <
%Domain\ Admins     ALL=(ALL)   ALL
%ServerAdmins     ALL=(ALL)   ALL
EOF
echo "*** FINISHED LINKING TO ACTIVE DIRECTORY ***"
echo "** PLEASE CHECK TO MAKE SURE THERE ARE NO ERRORS **"
en_USEnglish