아래 내용 파일로 붙여넣어서 실행하면 자동으로 AD Join 됨.
사전에 AD서버, 클라이언트서버(리눅스) 환경은 구성이 되어있어야함. (AD설정, 방화벽 등)
----------------------------------
#!/bin/sh
# Language English Setting
LANG=C
export LANG
# For each system Setting Args input
echo "=============================="
echo "Step1. Input system Setting Value"
echo "=============================="
echo ""
echo "FQDN Hostname(e.g. ubu18.testad.com) : "
read HOSTNAME
echo "Domain name(e.g. testad.com) : "
read DOMAIN
echo "AD administrator name(e.g. Administrator) : "
read ADADMIN
echo "AD administrator password(e.g. p@ssw0rd) : "
read ADADMIN_PASS
echo "DNS IP (e.g. 10.0.2.7) : "
read DNSIP
sleep 1
echo ""
# FQDN hostname Setting
echo "=============================="
echo "Step2. Hostname Setting"
echo "=============================="
echo ""
sleep 1
hostnamectl set-hostname $HOSTNAME
echo ""
# Repository adding(ver 18.04)
echo "=============================="
echo "Step3. Repository adding(ver 18.04)"
echo "=============================="
echo ""
sleep 1
cat << EOF >> /etc/apt/sources.list
# To join AD Repository
deb http://us.archive.ubuntu.com/ubuntu/ bionic universe
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates universe
EOF
echo ""
# Package install
echo "=============================="
echo "Step4. AD join Package install"
echo "=============================="
echo ""
sleep 1
apt update
apt -y install realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
echo ""
# DNS resolv Setting
echo "=============================="
echo "Step5. DNS IP Setting"
echo "=============================="
echo ""
sleep 1
apt -y install resolvconf
cat << EOF >> /etc/resolvconf/resolv.conf.d/head
nameserver $DNSIP
EOF
systemctl restart resolvconf
echo ""
# Home Directory Setting
echo "=============================="
echo "Step6. Home Directory Setting"
echo "=============================="
echo ""
sleep 1
cat << EOF >> /usr/share/pam-configs/mkhomedir
Name: activate mkhomedir
Default: yes
Priority: 900
Session-Type: Additional
Session: required pam_mkhomedir.so umask=0022 skel=/etc/skel
EOF
echo ""
# expect Package install
echo "=============================="
echo "Step7. etc. Setting"
echo "=============================="
echo ""
sleep 1
apt -y install expect
echo ""
# AD Connectable Check
echo "=============================="
echo "Step8. AD Connect Check"
echo "=============================="
echo ""
sleep 1
realm discover $DOMAIN
echo ""
# AD Join
echo "=============================="
echo "Step9. AD Join"
echo "=============================="
echo ""
sleep 1
expect <<EOF
spawn realm join -U $ADADMIN $DOMAIN
expect "Password for $DOMAIN: "
send "$ADADMIN_PASS\r"
expect eof
EOF
echo ""
# AD Join Complete
echo "=============================="
echo "Step10. AD Join Complete"
echo "=============================="
echo ""
sleep 1
# AD Join Check
echo "=============================="
echo "Step11. AD Join check"
echo "=============================="
echo ""
sleep 1
realm list
echo ""
# AD All User Access Deny (Default)
echo "=============================="
echo "Step12. AD User Access All Deny"
echo "=============================="
echo ""
sleep 1
realm deny -a
echo ""
'OS 기술 > Linux' 카테고리의 다른 글
| 리눅스(우분투) AD JOIN 스크립트 (08) - AD_CONNECT (0) | 2023.03.03 |
|---|---|
| 리눅스(우분투) AD JOIN 스크립트 (07) - ADJOIN_Check (0) | 2023.03.03 |
| 리눅스(우분투) AD JOIN 테스트 (05) - sssd 이용 (0) | 2023.03.03 |
| 리눅스(우분투) AD JOIN 테스트 (04) - winbind 이용 (0) | 2023.02.15 |
| 리눅스(우분투) AD JOIN 테스트 (03) - AD클라이언트 구성 테스트 (0) | 2023.02.14 |