-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathsetupkeytab.txt
More file actions
70 lines (54 loc) · 2.18 KB
/
setupkeytab.txt
File metadata and controls
70 lines (54 loc) · 2.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/bin/sh
# from http://redsymbol.net/articles/unofficial-bash-strict-mode/
# set -e option instructs bash to immediately exit if any command [1] has a non-zero exit status
# when set -u is set, a reference to any variable you haven't previously defined - with the exceptions of $* and $@ - is an error, and causes the program to immediately exit
# set -o pipefail: If any command in a pipeline fails, that return code will be used as the return code of the whole pipeline
set -euo pipefail
#
# This script is meant for quick & easy install via:
# curl -sSL https://raw.githubusercontent.com/HealthCatalyst/InstallScripts/master/setupkeytab.txt | sudo sh -s <username> <domain> <password> <ad hostname>
# e.g.,
# curl -sSL https://raw.githubusercontent.com/HealthCatalyst/InstallScripts/master/setupkeytab.txt | sudo sh -s imran.qureshi hqcatalyst.local <password> hcsad1
u="$(whoami)"
echo "Running setupkeytab version 2018.04.26.01 as: $u"
username="$1"
domain="$2"
password="$3"
ad_hostname="$4"
echo "Username: $username"
echo "Domain: $domain"
echo "Domain Controller: $ad_hostname"
username_lc="${username,,}"
domain_lc="${domain,,}"
domain_uc="${domain^^}"
echo "username_lc: $username_lc"
echo "domain_lc: $domain_lc"
echo "domain_uc: $domain_uc"
echo "making sure the needed packages are installed"
yum install -y krb5-libs krb5-workstation ntp rsync; yum clean all
hcfolder="/opt/install"
hckrbconf="${hcfolder}/krb5.conf"
if [[ ! -f "$hckrbconf" ]]; then
echo "$hckrbconf was not found so exiting"
exit 0
fi
# find and replace values in config files with parameters
sed -i 's/$domain/'"$domain_lc"'/g' $hckrbconf
sed -i 's/$DOMAIN/'"$domain_uc"'/g' $hckrbconf
sed -i 's/$server/'"$ad_hostname"'/g' $hckrbconf
cp "$hckrbconf" /etc/krb5.conf
usernameplusdomain="$username_lc@$domain_uc"
echo "User name and domain: $usernameplusdomain"
# sync clock with domain controller
# ntpdate $domain
set -x
echo "creating keytab file in ${hcfolder}/user.keytab"
ktutil <<EOF
addent -password -p $usernameplusdomain -k 1 -e RC4-HMAC
$password
wkt ${hcfolder}/user.keytab
quit
EOF
echo "calling signintoactivedirectory to try to authenticate"
${hcfolder}/signintoactivedirectory.sh $username_lc $domain_uc
set +x