Last active
November 19, 2025 06:37
-
-
Save pocha/7c32f9faf0fb7ee119f42603aaea0db2 to your computer and use it in GitHub Desktop.
Script for an Ubuntu machine to join a domain in Microsoft Active Directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| path=$(dirname $0) | |
| if [ -z "$1" ]; then | |
| echo "No domain found/specified. Run script as - $0 <domain> <ad admin user>" | |
| exit 1 | |
| fi | |
| if [ -z "$2" ]; then | |
| echo "No domain admin user specified. Run script as - $0 <domain> <ad admin user>" | |
| exit 1 | |
| fi | |
| sudo apt update | |
| echo "----------------------------------------" | |
| echo "Installing dependencies .. hang on tight" | |
| echo "----------------------------------------" | |
| sudo apt install -y realmd sssd sssd-tools libnss-sss libpam-sss adcli samba-common-bin oddjob oddjob-mkhomedir packagekit | |
| echo "Done installing depenendencies" | |
| echo "---------------------------------------" | |
| echo "Joining domain now ... hang tight again" | |
| echo "---------------------------------------" | |
| os=$(awk -F= '$1=="NAME" {print $2}' /etc/os-release | tr -d '"') | |
| echo "Extracted OS $os" | |
| version=$(awk -F= '$1=="VERSION_ID" {print $2}' /etc/os-release | tr -d '"') | |
| echo "Extracted version $version" | |
| sudo realm join -U $2 --os-name=$os --os-version="$version" $1 | |
| echo "Done" | |
| echo "-------------------------------------------------------------" | |
| echo "Adding ad_gpo_ignore_unreadable = True to /etc/sssd/sssd.conf" | |
| echo "-------------------------------------------------------------" | |
| echo "ad_gpo_ignore_unreadable = True" >> /etc/sssd/sssd.conf | |
| echo "Done" | |
| echo "-------------------------------------------------------------------------" | |
| echo "Adding provision to ensure home directory for AD user is created on login by adding lines in /etc/pam.d/common-session" | |
| echo "-------------------------------------------------------------------------" | |
| echo "session optional pam_mkhomedir.so skel=/etc/skel umask=077" >> /etc/pam.d/common-session | |
| echo "Done" | |
| echo "--------------------------------------------------------------------------" | |
| echo "Restarting sssd daemon & enabling it so that it auto starts on system boot" | |
| echo "--------------------------------------------------------------------------" | |
| sudo systemctl restart sssd | |
| sudo systemctl enable sssd | |
| echo "Done" | |
| echo "All done .. logout & login with AD user .. may the force of Sadhguru be with you & the AD user ;-)" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment