From 71c72fe923e7dafd427930a8d625c43a78b79564 Mon Sep 17 00:00:00 2001 From: afornerot Date: Thu, 7 Jan 2021 14:53:53 +0100 Subject: [PATCH] --- Ninegate-AD.md | 38 +++++++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/Ninegate-AD.md b/Ninegate-AD.md index 8da7ef9..4ec23cf 100644 --- a/Ninegate-AD.md +++ b/Ninegate-AD.md @@ -20,29 +20,37 @@ user_exists() { $CONTAINER_EXEC samba-tool user show "${username}" > /dev/null 2>&1 } +if [ -f /etc/eole/samba4-vars.conf ];then + CONTAINER_EXEC='' +elif [ -f /usr/lib/eole/eolead.sh ];then + CONTAINER_EXEC='lxc-attach -n addc --' +else + exit 0 +fi + PRIVATE_DIR=/etc/eole/private WRITER_PASSWORD_FILE="${PRIVATE_DIR}/eole-workstation-writer.password" if [ ! -s "${WRITER_PASSWORD_FILE}" ] then - pwgen -scn1 42 > "/etc/eole/private/eole-workstation-writer.password" + pwgen -scn1 42 > "${WRITER_PASSWORD_FILE}" fi -chmod 700 "/etc/eole/private/eole-workstation-writer.password" +chmod 700 "${WRITER_PASSWORD_FILE}" - -if ! user_exists eole-workstation-manager +WRITER_PASSWORD=$(cat "${WRITER_PASSWORD_FILE}") +if ! user_exists eole-workstation-writer then - echo "Ajout du compte de jonction au domaine 'eole-workstation-manager'... " - $CONTAINER_EXEC samba-tool user create --random-password eole-workstation-manager - fi - - echo "Mise en conformité de l’utilisateur 'eole-workstation-manager'... " - $CONTAINER_EXEC samba-tool user setexpiry eole-workstation-manager --noexpiry - if ! $CONTAINER_EXEC samba-tool group listmembers 'Domain Admins' | grep -q '^eole-workstation-manager$' - then - $CONTAINER_EXEC samba-tool group addmembers 'Domain Admins' eole-workstation-manager - fi - $CONTAINER_EXEC samba-tool user setpassword eole-workstation-manager --newpassword="${MANAGER_PASSWORD}" + echo "Ajout du compte de jonction au domaine 'eole-workstation-writer'... " + $CONTAINER_EXEC samba-tool user create --random-password eole-workstation-writer fi + +echo "Mise en conformité de l’utilisateur 'eole-workstation-writer'... " +$CONTAINER_EXEC samba-tool user setexpiry eole-workstation-writer --noexpiry +if ! $CONTAINER_EXEC samba-tool group listmembers 'Domain Admins' | grep -q '^eole-workstation-manager$' +then + $CONTAINER_EXEC samba-tool group addmembers 'Domain Admins' eole-workstation-manager +fi +$CONTAINER_EXEC samba-tool user setpassword eole-workstation-writer --newpassword="${WRITER_PASSWORD}" + ```