Skip to content

Instantly share code, notes, and snippets.

@abnerrizzi

abnerrizzi/ubuntu18-joinad.sh

Created December 26, 2024 19:57
Show Gist options
  • Save abnerrizzi/ff787d3680fdb8f858dde4830cb78d44 to your computer and use it in GitHub Desktop.
Save abnerrizzi/ff787d3680fdb8f858dde4830cb78d44 to your computer and use it in GitHub Desktop.
Download ZIP
Ubuntu bash script to join PC to Domain and add a given group to do sudo without password
Raw
ubuntu18-joinad.sh
#!/bin/bash
# Simplest script to join ubuntu 18 to AD
declare user=user
declare group=ADGroup
declare sudo_group=${group}
declare domain=domain.com
declare dns_servers="1.1.1.1, 4.4.4.4"
declare dns_search="domain.lan, domain.local"
sudo apt update
sudo apt install -y realmd packagekit sssd sssd-tools adcli libpam-sss
sudo sed -i "/dhcp4: true.*/a \ nameservers:\n addresses: [${dns_servers}]\n search: [${dns_search}]" /etc/netplan/00-installer-config.yaml
sudo netplan apply
sudo echo -e "\nsession optional pam_mkhomedir.so skel=/etc/skel umask=077" | sudo tee -a /etc/pam.d/common-session
sudo sleep 1 && sudo realm join -v -U ${user} ${domain}
sudo sed -i '/use_fully_qualified_names/ s/^#*/#/' /etc/sssd/sssd.conf
sudo sed -i 's/\/home\/%u@%d/\/home\/%u/g' /etc/sssd/sssd.conf
sudo realm permit -g "${group}"
if [[ ! -z "$sudo_group" ]]; then
echo "%${group} ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/domain_sudo_group
fi
sudo systemctl restart sssd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment