Foro de TI tranquilo

Código: Seleccionar todo

clear;
echo "#####################################
# Fichier de configuration #
############################

# Machine
NOM=sldebian

# Adresse de Bouclage
BOUCLAGE=127.0.0.1

# Interface Physique
NET=ens18

# IPV4
IP=192.168.10.5
BR=192.168.10.255
MASK=255.255.255.0
GW=192.168.10.1
DNS1=192.168.10.1

# DHCP
RESEAU=192.168.10.0
ZONE_INVERSE=10.168.192.in-addr.arpa
DHCP_DEBUT='192.168.10.20'
DHCP_FIN='192.168.10.30'
MAC=$(ip add show $NET | grep ff:ff | cut -d "r" -f 2 | cut -c 2-18)

# AD-DC
DOMAINE1=lan
DOMAINE2=local
DOMAINE3=LAN
DOMAINE4=LOCAL
PASSWORD_ADMIN=admin

# LINUX
SUDOERS=marc


#####################################" > /etc/os-ad;

Código: Seleccionar todo

clear;
source /etc/os-ad;
echo "##########################################
source /etc/network/interfaces.d/*
##########################################
# Adresse de bouclage
auto lo
iface lo inet loopback
##########################################
# Interface principale en Statique
auto ${NET}
allow-hotplug ${NET}
iface ${NET} inet static
 address         ${IP}
 netmask         ${MASK}
 gateway         ${GW}
 dns-nameservers ${DNS1}
 dns-search      $DOMAINE1.$DOMAINE2
 dns-domain      $DOMAINE1.$DOMAINE2
##########################################" > /etc/network/interfaces; 
systemctl restart networking;

Código: Seleccionar todo

clear;
source /etc/os-ad;
hostnamectl set-hostname $NOM;
echo "##############################################
127.0.0.1    localhost
127.0.0.1    localhost localhost.localdomain
$IP ${NOM}.${DOMAINE1}.${DOMAINE2} ${NOM}
##############################################" > /etc/hosts;

Código: Seleccionar todo

clear;
apt install -y locales-all 1>/dev/null;
localectl set-locale "fr_FR.UTF-8";
localectl set-keymap "fr";
localectl set-x11-keymap "fr" "pc105" "latin9" "terminate:ctrl_alt_bksp";
systemctl restart console-setup.service;

Código: Seleccionar todo

clear;
timedatectl set-timezone Europe/Paris;
timedatectl set-ntp true;
timedatectl set-local-rtc false;

Código: Seleccionar todo

clear;
echo "[Time]
NTP=0.debian.pool.ntp.org
#FallbackNTP=0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org" > /etc/systemd/timesyncd.conf;
systemctl restart systemd-timesyncd.service;

Código: Seleccionar todo

clear;
source /etc/os-release;
echo "deb http://ftp.fr.debian.org/debian/               $VERSION_CODENAME main contrib non-free
deb-src http://ftp.fr.debian.org/debian/           $VERSION_CODENAME main
deb http://security.debian.org/debian-security     $VERSION_CODENAME-security main contrib
deb-src http://security.debian.org/debian-security $VERSION_CODENAME-security main contrib
deb http://ftp.fr.debian.org/debian/               $VERSION_CODENAME-updates main contrib
deb-src http://ftp.fr.debian.org/debian/           $VERSION_CODENAME-updates main contrib" > /etc/apt/sources.list;

Código: Seleccionar todo

clear;
apt update     1>/dev/null;
apt upgrade -y 1>/dev/null;

Código: Seleccionar todo

clear;
apt install -y curl                       1>/dev/null;
apt install -y htop                       1>/dev/null;
apt install -y software-properties-common 1>/dev/null;
apt install -y sudo                       1>/dev/null;
apt install -y wget                       1>/dev/null;

Código: Seleccionar todo

clear;
source /etc/os-ad;
echo "$SUDOERS ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/admin;

Código: Seleccionar todo

clear;
echo "" > /etc/motd;

Código: Seleccionar todo

apt install -y resolvconf 1>/dev/null;

Código: Seleccionar todo

clear;
apt remove --purge ifupdown2   1>/dev/null 2>/dev/null;
apt install -y isc-dhcp-server 1>/dev/null;

source /etc/os-ad;
echo "#########################################
DHCPDv4_CONF=/etc/dhcp/dhcpd.conf
DHCPDv4_PID=/var/run/dhcpd.pid
INTERFACESv4=\"$NET\"
#########################################" > /etc/default/isc-dhcp-server;
echo "authoritative;
subnet $RESEAU netmask $MASK {
  range $DHCP_DEBUT $DHCP_FIN;
  default-lease-time 86400;
  max-lease-time 676800;
  option domain-name-servers $DNS1;
  option netbios-name-servers $DNS1;
  option routers $GW;
  option subnet-mask $MASK;
  option broadcast-address $BR;
  # Plantage
  #option domain-name "$DOMAINE1";
}
host $NOM {
    hardware ethernet $MAC;
    fixed-address $IP;
}" > /etc/dhcp/dhcpd.conf;
systemctl enable --now isc-dhcp-server;

Código: Seleccionar todo

clear;
systemctl disable --now avahi-daemon.service 2>/dev/null;
systemctl disable --now avahi-daemon.socket  2>/dev/null;

Código: Seleccionar todo

clear;
apt install -y apt-transport-https 1>/dev/null;
apt install -y curl                1>/dev/null;
apt install -y dnsutils            1>/dev/null;
apt install -y gnupg               1>/dev/null;
apt install -y htop                1>/dev/null;
apt install -y lsb-release         1>/dev/null;
apt install -y net-tools           1>/dev/null;
apt install -y nmap                1>/dev/null;
apt install -y rsync               1>/dev/null;
apt install -y screen              1>/dev/null;
apt install -y sudo                1>/dev/null;
apt install -y tcpdump             1>/dev/null;
apt install -y telnet              1>/dev/null;
apt install -y vim                 1>/dev/null;
apt install -y wget                1>/dev/null;

Código: Seleccionar todo

clear;
wget -qO-  https://samba.tranquil.it/tissamba-pubkey.gpg | tee /usr/share/keyrings/tissamba.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/tissamba.gpg] https://samba.tranquil.it/debian/samba-4.18/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/tissamba.list;
apt update 1>/dev/null;

Código: Seleccionar todo

clear;
export DEBIAN_FRONTEND=noninteractive
apt install -y ldb-tools              1>/dev/null;
apt install -y libnss-winbind         1>/dev/null;
apt install -y krb5-user              1>/dev/null;
apt install -y python3-cryptography   1>/dev/null;
apt install -y samba                  1>/dev/null;
apt install -y smbclient              1>/dev/null;
apt install -y winbind                1>/dev/null;
unset DEBIAN_FRONTEND

Código: Seleccionar todo

clear;
source /etc/os-ad;
echo "[libdefaults]
  default_realm = $DOMAINE3.$DOMAINE4
  dns_lookup_kdc = true
  dns_lookup_realm = false" > /etc/krb5.conf;

Código: Seleccionar todo

clear;
source /etc/os-ad;
rm -f /etc/samba/smb.conf;
samba-tool domain provision --realm=$DOMAINE3.$DOMAINE4 --domain $DOMAINE3 --server-role=dc;

Código: Seleccionar todo

clear;
source /etc/os-ad;
samba-tool user setpassword --newpassword=$PASSWORD_ADMIN administrator;
# samba-tool user setexpiry administrator --noexpiry;

Código: Seleccionar todo

clear;
grep  "dns forwarder" /etc/samba/smb.conf;

Código: Seleccionar todo

clear;
source /etc/os-ad;
sed -i -e "s/$DNS1/$BOUCLAGE/g" /etc/resolv.conf;

Código: Seleccionar todo

clear;
rm -f /var/lib/samba/private/krb5.conf;
ln -s /etc/krb5.conf /var/lib/samba/private/krb5.conf;

Código: Seleccionar todo

clear;
systemctl disable nmbd;
systemctl disable samba;
systemctl disable smbd;
systemctl disable winbind;
systemctl mask    samba;
systemctl mask    nmbd;
systemctl mask    smbd;
systemctl mask    winbind;
systemctl unmask samba-ad-dc;
systemctl enable samba-ad-dc;
reboot;

Código: Seleccionar todo

clear;
source /etc/os-ad;
echo "$PASSWORD_ADMIN" | /usr/bin/kinit administrator;

Código: Seleccionar todo

clear;
source /etc/os-ad;
dig @localhost google.fr;
dig @localhost $NAME.$DOMAINE1.$DOMAINE2;
dig -t SRV @localhost _ldap._tcp.$DOMAINE1.$DOMAINE2;

Código: Seleccionar todo

clear;
source /etc/os-ad;
# Suppression
samba-tool dns zonedelete $NOM $ZONE_INVERSE --username=administrator --password=$PASSWORD_ADMIN 1>/dev/null;
# Creation
samba-tool dns zonecreate $NOM $ZONE_INVERSE --username=administrator --password=$PASSWORD_ADMIN 1>/dev/null;
samba-tool dns add $NOM.$DOMAINE1.$DOMAINE2 $ZONE_INVERSE 55 PTR $NOM.$DOMAINE1.$DOMAINE -U administrator;