The msktutil_join.sh Script
The original source for this script can found at: https://build.opensuse.org/package/files?package=msktutil&project=home%3Adipe
The original author can be contacted at: dipeit@gmail.com
I have modified this script for my purposes but you can find more information and functionality at the link provided above.
I've never spoken with the original author so I hope he doesn't mind my usage of his scripts.
Save this script as msktutil_join.sh (or whatever you'd like), chown it root.root, and chmod it it 755.
# Creates Active Directory computer object with host service principle, aka "joins AD Domain".
# Modified 09.12.2012 By Aaron Wyllie
# Original source can be found at https://build.opensuse.org/package/files?package=msktutil&project=home%3Adipe
# Original author contact: dipeit@gmail.com
OU='ou=servers'
if [ $# -ne 1 ]; then
hostfqdn=`hostname -f`
else
hostfqdn=$1
fi
computername=${hostfqdn%%.*}
if [ $hostfqdn == $computername ]; then
hostfqdn=$computername.`hostname -d`
fi
# add --verbose for debugging
# host principal is needed for sso via sshd but can also be provided via samba/winbind
# CREATE HOST servicePrincipleName (SPN) AND userPrincipleName (UPN)
msktutil --delegation --dont-expire-password --no-pac --computer-name $computername --enctypes 0x1F -b "$OU" -k /etc/krb5.keytab -h $hostfqdn -s host/$hostfqdn -s host/$computername --upn host/$hostfqdn --verbose --description "TEST.INTERNAL KERBEROS RHEL 5 SERVER OBJECT - DO NOT DELETE, DISABLE, MODIFY, OR MOVE"
klist -ket
No comments:
Post a Comment