bashclub/zamba-lxc-toolbox
2
0
Fork 1
mirror of https://github.com/bashclub/zamba-lxc-toolbox.git synced 2024-11-07 19:31:58 +01:00
Code Issues Projects Releases Wiki Activity

Fix Kerberos config on dcs

Browse Source
This commit is contained in:
thorstenspille 2023-10-07 15:37:08 +02:00
parent c51d2a91ff
commit b148d290ce
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/zmb-ad-join/install-service.sh
View File

@ -125,6 +125,10 @@ rm -f /etc/samba/smb.conf
echo -e "$ZMB_ADMIN_PASS" | kinit -V $ZMB_ADMIN_USER echo -e "$ZMB_ADMIN_PASS" | kinit -V $ZMB_ADMIN_USER
samba-tool domain join $ZMB_REALM DC --use-kerberos=required --backend-store=mdb samba-tool domain join $ZMB_REALM DC --use-kerberos=required --backend-store=mdb
rm /etc/krb5.conf
ln -sf /var/lib/samba/private/krb5.conf /etc/krb5.conf
mkdir -p /mnt/sysvol mkdir -p /mnt/sysvol
cat << EOF > /root/.smbcredentials cat << EOF > /root/.smbcredentials
@ -138,11 +142,15 @@ echo "//$LXC_DNS/sysvol /mnt/sysvol cifs credentials=/root/.smbcredentials 0 0"
mount.cifs //$LXC_DNS/sysvol /mnt/sysvol -o credentials=/root/.smbcredentials mount.cifs //$LXC_DNS/sysvol /mnt/sysvol -o credentials=/root/.smbcredentials
cat > /etc/cron.d/sysvol-sync << EOF cat > /etc/cron.d/sysvol-sync << EOF
*/15 * * * * root /usr/bin/rsync -XAavz --delete-after /mnt/sysvol/ /var/lib/samba/sysvol */15 * * * * root /usr/bin/rsync -XAavz --delete-after /mnt/sysvol/ /var/lib/samba/sysvol; if ! /usr/bin/samba-tool ntacl sysvolcheck > /dev/null 2>&1 ; then /usr/bin/samba-tool ntacl sysvolreset ; fi
EOF EOF
/usr/bin/rsync -XAavz --delete-after /mnt/sysvol/ /var/lib/samba/sysvol /usr/bin/rsync -XAavz --delete-after /mnt/sysvol/ /var/lib/samba/sysvol
if ! samba-tool ntacl sysvolcheck > /dev/null 2>&1 ; then
samba-tool ntacl sysvolreset
fi
ssh-keygen -q -f "$HOME/.ssh/id_rsa" -N "" -b 4096 ssh-keygen -q -f "$HOME/.ssh/id_rsa" -N "" -b 4096
systemctl unmask samba-ad-dc systemctl unmask samba-ad-dc

2
src/zmb-ad/install-service.sh
View File

@ -131,7 +131,7 @@ rm -f /etc/krb5.conf
# provision zamba domain # provision zamba domain
samba-tool domain provision --use-rfc2307 --realm=$ZMB_REALM --domain=$ZMB_DOMAIN --adminpass=$ZMB_ADMIN_PASS --server-role=dc --backend-store=mdb --dns-backend=$ZMB_DNS_BACKEND samba-tool domain provision --use-rfc2307 --realm=$ZMB_REALM --domain=$ZMB_DOMAIN --adminpass=$ZMB_ADMIN_PASS --server-role=dc --backend-store=mdb --dns-backend=$ZMB_DNS_BACKEND
cp /var/lib/samba/private/krb5.conf /etc/krb5.conf ln -sf /var/lib/samba/private/krb5.conf /etc/krb5.conf
systemctl unmask samba-ad-dc systemctl unmask samba-ad-dc
systemctl enable samba-ad-dc systemctl enable samba-ad-dc