Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $CentOS_FQDN = 'L152L-SMB.L152L-ROOT.COM'
- $DC_Name = 'L152L-DC1'
- $DC_IP = '10.10.152.210'
- $Centos_IP = '10.10.152.216'
- $CentOS_password = 'p@ssword1'
- $domain_e = ($CentOS_FQDN).Split(".")
- $netbios_dc = $domain_e[$domain_e.Count-1]
- $netbios = $domain_e[$domain_e.Count-2]
- #set hostname
- $hostname_command = {echo "{0} {1} {2}" >> /etc/hosts ; hostname "{3}" } -f $Centos_IP,$($domain_e[0]),$CentOS_FQDN,$domain_e[0]
- $create_dir = "mkdir -p /samba/testshare; chmod 0770 /samba/testshare;chgrp 'Domain users' /samba/testshare; semanage fcontext -a -t samba_share_t /samba/* ; restorecon -R -v /samba"
- echo 'y' | C:\plink.exe -ssh $Centos_IP -l root -pw p@ssword1 exit
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "$hostname_command"
- # update resolv.conf
- $resolv = "$'domain $($netbios+'.'+$netbios_dc)\nsearch $($netbios+'.'+$netbios_dc)\nnameserver $DC_IP\nnameserver 172.16.10.4\nnameserver 172.16.10.5\n'"
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "echo -e `"$resolv`" > /etc/resolv.conf"
- # add cron sync job
- $crontab = {crontab -l >/tmp/cronfile ; echo '0 */4 * * * /usr/sbin/ntpdate 172.16.10.4 >/dev/null 2>&1' >> /tmp/cronfile ; crontab /tmp/cronfile}
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "$crontab"
- #install packages
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "yum install -y ntpdate samba samba-client samba-winbind krb5-workstation policycoreutils-python --nogpgcheck"
- #sync time
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "ntpdate 172.16.10.4"
- $smb_conf = '[global]
- workgroup = {0}
- security = ads
- realm = {0}.{1}
- socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072
- use sendfile = true
- idmap config * : backend = tdb
- idmap config * : range = 100000-299999
- idmap config {0} : backend = rid
- idmap config {0} : range = 10000-99999
- winbind separator = +
- winbind enum users = yes
- winbind enum groups = yes
- winbind use default domain = yes
- winbind refresh tickets = yes
- restrict anonymous = 2
- log file = /var/log/samba/log.%m
- max log size = 50
- #============================ Share Definitions ==============================
- [testshare]
- comment = Test share
- path = /samba/testshare
- read only = no
- force group = "Domain Users"
- directory mask = 0770
- force directory mode = 0770
- create mask = 0660
- force create mode = 0660
- access based share enum = yes
- hide unreadable = yes
- ' -f $netbios,$netbios_dc
- $smb_conf_command = { echo -e '{0}' > /tmp/test } -f $smb_conf
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "$smb_conf_command"
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "cat /tmp/test > /etc/samba/smb.conf"
- $krb5_conf = "[logging]
- default = FILE:/var/log/krb5libs.log
- kdc = FILE:/var/log/krb5kdc.log
- admin_server = FILE:/var/log/kadmind.log
- [libdefaults]
- default_realm = $netbios.$netbios_dc
- ticket_lifetime = 24h
- forwardable = yes
- [appdefaults]
- pam = {
- debug = false
- ticket_lifetime = 36000
- renew_lifetime = 36000
- forwardable = true
- krb4_convert = false
- }
- "
- $krb5_conf_command = { echo -e '{0}' > /etc/krb5.conf } -f $krb5_conf
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "$krb5_conf_command"
- #winbind passwords
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "sed -i '/passwd: files/c\passwd: files winbind' /etc/nsswitch.conf"
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "sed -i '/group: files/c\group: files winbind' /etc/nsswitch.conf"
- #Join Domain
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "net ads join -U administrator%p@ssword1 -S $($DC_Name+'.'+$netbios+'.'+$netbios_dc)"
- #restart services
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "service winbind restart; service nmb restart; service smb restart"
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "$create_dir"
- #clear IPtables
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "iptables -F; service iptables save;"
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "service winbind restart; service nmb restart; service smb restart"
- C:\plink.exe -ssh $Centos_IP -l root -pw $CentOS_password "chkconfig winbind on; chkconfig nmb on; chkconfig smb on"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement