Instalador automatizado SAMBA 4 AD e File Server CentOS 7

Publicado por Yuri Filipe Bucci (última atualização em 18/09/2018)

[ Hits: 526 ]

Download samba4TNS.sh

Download samba4TNS-1.5.sh (versão 2)




Segue um script que criei para automatizar a implantação do Samba 4 em nossos clientes, utilizo no seguinte ambiente:

- CentOS 7x Minimal
- Partição EXT4

Caso encontrem erros ou sugestões fiquem a vontade para falar, já que não sou expert em shell script.

  



Versões atualizadas deste script

Versão 2 - Enviado por Yuri Filipe Bucci em 17/09/2018

Changelog: ALTERADO DNS DE SAMBA_INTERNAL PARA BIND9_DLZ

Download samba4TNS-1.5.sh


Esconder código-fonte

#!/bin/bash
tee /tmp/arte <<EOF >> /dev/null
#########################################################################
|_   _| \ | / ___|  |_   _|__  ___ _ __   ___ | | ___   __ _(_)
  | | |  \| \___ \    | |/ _ \/ __| _ \ / _  \| |/ _ \ / _  | |/ _  |
  | | | |\  |___) |   | |  __/ (__| | | | (_) | | (_) | (_| | | (_| |
  |_| |_| \_|____/    |_|\___|\___|_| |_|\___/|_|\___/ \__, |_|\__,_|
                                                       |___/
#########################################################################
Title                  : Samba4TNS
Description            : Samba4 Instalador Padrão TNS Tecnologia
Author                 : Yuri Bucci
Facebook            : https://www.facebook.com/YuriBucci
Site                   : www.tnsinformatica.com.br
Date                   : 22/08/2018
Version                : 1.3
#########################################################################

EOF


######################### VARIAVEIS #####################################
ARTE="cat /tmp/arte"
USUARIO="whoami"
#########################################################################
clear
$ARTE
echo "ATENÇÃO EXECUTE ESSE SCRIPT DENTRO DE /USR/LOCAL/SRC!!!"
sleep 5s
clear
$ARTE
echo -e "VERIFICANDO USUÁRIO LOGADO..."
sleep 2s
clear
$ARTE
if [ `whoami` == 'root' ]
then
read -p  "USUÁRIO ROOT IDENTIFICADO, DESEJA CONTINUAR A INSTALAÇÃO <ENTER> ou <CTRL+C)? "
clear
$ARTE
echo -e "VAMOS EXECUTAR ALGUNS AJUSTES ANTES DE INICIAR..."
sleep 3s
yum install wget -y >> /dev/null
clear
$ARTE
echo -e "QUAL O SEU HOSTNAME FQDN DESSE SERVIDOR ?(Ex: servidor-dc.tnstecnologia.local):"
read HOSTNAME
hostnamectl set-hostname $HOSTNAME
clear
$ARTE
echo -e "QUAL O NOME DESSE SERVIDOR ? (Ex: servidor-dc) (OBS: DIGITE EM MINUSCULAS);"
read NOMESRV
clear
$ARTE
echo -e "QUAL O ENDEREÇO IP DESTE SERVIDOR ? (Ex: 192.168.0.100):"
read  ENDERECOIP
clear
$ARTE
ifconfig
echo -e "QUAL O NOME DA INTERFACE DE REDE ? EX: eth0"
read INTERFACE
clear
$ARTE
echo -e "QUAL SERÁ O SEU DOMÍNIO REALM ? (Ex: TNSTECNOLOGIA.LOCAL) OBS: DIGITE EM MAISCULO***:"
read REALM
clear
$ARTE
echo -e "HABILITANDO REPOSITÓRIO EPEL E EXECUTANDO YUM UPDATE..."
sleep 2s
yum install epel-release && yum update -y >> /dev/null
clear
$ARTE
echo -e "UPDATE REALIZADO, AGORA VAMOS INSTALAR OS PACOTES NECESSÁRIOS..."
sleep 3s
clear
$ARTE
echo -e "INSTALANDO PACOTES NECESSÁRIOS, AGUARDE..."
yum install attr bind-utils docbook-style-xsl gcc gdb krb5-workstation libsemanage-python libxslt perl perl-ExtUtils-MakeMaker perl-Parse-Yapp perl-Test-Base pkgconfig policycoreutils-python python-crypto gnutls-devel libattr-devel keyutils-libs-devel libacl-devel libaio-devel libblkid-devel libxml2-devel openldap-devel pam-devel popt-devel python-devel readline-devel zlib-devel systemd-devel perl gcc libacl-devel libblkid-devel gnutls-devel readline-devel python-devel gdb pkgconfig krb5-workstation zlib-devel setroubleshoot-server libaio-devel setroubleshoot-pluginspolicycoreutils-python libsemanage-python setools-libs-python setools-libs popt-devel libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel libsepol-devel libattr-devel keyutils-libs-develcyrus-sasl-devel cups-devel bind-utils libxslt docbook-style-xsl openldap-devel pam-devel bzip2 vim wget perl gcc attr libacl-devel libblkid-devel gnutls-devel readline-devel python-devel gdb pkgconfig krb5-workstation zlib-devel setroubleshoot-server libaio-devel setroubleshoot-plugins policycoreutils-python libsemanage-python perl-ExtUtils-MakeMaker perl-Parse-Yapp perl-Test-Base popt-devel libxml2-devel libattr-devel keyutils-libs-devel cups-devel bind-utils libxslt docbook-style-xsl openldap-devel autoconf python-crypto pam-devel ntp wget vim -y >> /dev/null
clear
$ARTE
echo -e "VAMOS BAIXAR O PACOTE DO SAMBA4..."
sleep 5s
clear
$ARTE
echo -e "ACESSE O SITE ABAIXO E DIGITE AQUI A VERSÃO MAIS ATUALIZADA (EX: 4.8.3)"
echo -e "https://download.samba.org/pub/samba/stable/"
read VSAMBA
clear
$ARTE
echo -e "BAIXANDO E E EXTRAINDO ARQUIVOS..."
wget https://download.samba.org/pub/samba/stable/samba-$VSAMBA.tar.gz >> /dev/null
tar -zxvf samba-$VSAMBA.tar.gz >> /dev/null
sleep 5s
clear
$ARTE
echo -e "CONFIGURANDO NTP E STARTANDO O SERVIÇO..."
sleep 5s
cat >> /etc/ntp.conf <<EOF
# Relogio Local
server 127.127.1.0
fudge 127.127.1.0 stratum 10
# Configurações adicionais para o Samba 4
ntpsigndsocket /var/lib/samba/ntp_signd/
restrict default mssntp
EOF
systemctl restart ntpd
clear
$ARTE
echo -e "CONFIGURANDO ARQUIVO HOSTS..."
cat >> /etc/hosts <<EOF
$ENDERECOIP $HOSTNAME $NOMESRV
EOF
sleep 5s
clear
$ARTE
echo -e "CONFIGURANDO ARQUIVO RESOLV.CONF..."
echo -n > /etc/resolv.conf
cat >> /etc/resolv.conf <<EOF
search $REALM
nameserver $ENDERECOIP
EOF
clear
$ARTE
echo -e "COMPILANDO SAMBA4, POR FAVOR AGUARDE... (VÁ TOMAR UM CAFÉZINHO)"
sleep 10s
cd samba-$VSAMBA
./configure --prefix /usr --enable-fhs --sysconfdir=/etc --localstatedir=/var --with-privatedir=/var/lib/samba/private --with-piddir=/var/run/samba --with-automount --datadir=/usr/share --with-lockdir=/var/run/samba --with-statedir=/var/lib/samba --with-cachedir=/var/cache/samba --with-systemd
make
make install
ldconfig
mv /etc/krb5.conf /etc/krb5.conf.old
cp /usr/share/samba/setup/krb5.conf /etc/
echo -n > /etc/krb5.conf
cat >> /etc/krb5.conf <<EOF
[libdefaults]
        default_realm = $REALM
        dns_lookup_realm = false
        dns_lookup_kdc = true
EOF
rm -rf /etc/samba/smb.conf
clear
$ARTE
echo -e "VAMOS AGORA PROVISIONAR O DOMÍNIO, POR FAVOR PREENCHA OS DADOS PEDIDOS"
sleep 5s
clear
$ARTE
echo -e "REALM: NOME COMPLETO DE SEU DOMÍNIO (EX: TNSTECNOLOGIA.LOCAL)"
echo -e "DOMAIN: NOME DO SEU DOMÍNIO (EX: TNSTECNOLOGIA)"
echo -e "DNS BACKEND: SAMBA_INTERNAL"
echo -e "DNS FORWARDER: 8.8.8.8"
echo -e "DIGITE A SENHA DE ADMINISTRATOR MÍNIMO 6 DIGITOS COM LETRAS MAIUSCULAS E MINUSCULAS"
samba-tool domain provision --use-rfc2307 --interactive --option="interfaces=lo $INTERFACE" --option="bind interfaces only=yes"
clear
$ARTE
echo -e "REALIZANDO AJUSTES FINAIS..."
sleep 5s
echo -e "ADICIONANDO SAMBA.SERVICE NO SYSTEMD"
echo -n > /etc/systemd/system/samba.service
cat >> /etc/systemd/system/samba.service <<EOF
[Unit]
Description=Samba4 AD DC
After=network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
LimitNOFILE=16384
ExecStart=/usr/sbin/samba -D
ExecReload=/usr/bin/kill -HUP $MAINPID
PIDFile=/var/run/samba/samba.pid

[Install]
WantedBy=multi-user.target
EOF
systemctl enable samba
systemctl restart samba
systemctl restart ntpd
sleep 10s
chown root:ntp /var/lib/samba/ntp_signd/
systemctl restart ntpd
clear
$ARTE
echo -e "REALIZANDO TESTES CONFIRA O RESULTADO"
echo -e "DIGITE SEU DOMINIO NOVAMENTE EM MINUSCULAS (EX: tnstecnologia.local)"
read DOMINIO2
host -t SRV _ldap._tcp.$DOMINIO2.
host -t SRV _kerberos._udp.$DOMINIO2.
host -t A $NOMESRV.$DOMINIO2.
read -p "PRESSIONE <ENTER> PARA CONTINUAR"
clear
$ARTE
echo -e "AGORA DIGITE SUA SENHA DE ADMINISTRATOR E VEJA O RESULTADO"
kinit administrator
klist
read -p "PRESSIONE <ENTER> PARA CONTINUAR"
clear
$ARTE
echo -e "VAMOS CONFIGURAR O SAMBA4 PARA O FILESERVER AGORA..."
pause 5s
clear
$ARTE
echo -e "POR FAVOR DIGITE SEU DOMINIO NOVAMENTE (Ex: TNSTECNOLOGIA)"
read DOMINIO3
clear
$ARTE
echo -e "DIGITE SUA SENHA DE ADMINISTRATOR AGORA"
net rpc rights grant "$DOMINIO3\Domain Admins" SeDiskOperatorPrivilege -U "$DOMINIO3\administrator" 
sleep 3s
clear
$ARTE
echo -e "CONFIGURANDO /etc/nsswitch.conf..."
pause 5s
sed -i 33d /etc/nsswitch.conf
sed -i 33d /etc/nsswitch.conf
sed -i 33d /etc/nsswitch.conf

cat >> /etc/nsswitch.conf <<EOF
passwd:     files winbind sss compat
shadow:     files winbind sss compat
group:      files winbind sss compat
EOF

clear
#ARTE
echo -e "CONFIGURANDO /etc/smb.conf..."
sleep 5s
echo -n > /etc/samba/smb.conf
cat >> /etc/samba/smb.conf <<EOF
[global]
        dns forwarder = 8.8.8.8
        netbios name = $NOMESRV
        realm = $REALM
        server role = active directory domain controller
        workgroup = $DOMINIO3
                idmap_ldb:use rfc2307 = yes
                idmap config *:backend = tdb
                idmap config *:range 10000-9999999
                idmap config *:schema_mode = rfc2307
                winbind nss info = rfc2307
                winbind use default domain = yes
                winbind enum users = yes
                winbind enum groups = yes
                vfs objects = acl_xattr
                map acl inherit = Yes
                store dos attributes = Yes


[netlogon]
        path = /var/lib/samba/sysvol/$DOMINIO2/scripts
        read only = No
        browseable = no
[sysvol]
        path = /var/lib/samba/sysvol
        read only = No
        browseable = no
EOF
systemctl restart samba
clear
$ARTE
read -p "INSTALAÇÃO FINALIZADA COM SUCESSO, APERTE <ENTER> PARA FINALIZAR!"
else
echo -e "USUÁRIO NÃO É ROOT, POR FAVOR LOGUE COM O USUÁRIO ROOT"
echo -e "PRESSIONE <ENTER> PÁRA FINALIZAR O SCRIPT"
read
fi

Scripts recomendados

Monitor_espaco.sh

baixar mp3 do site mp3tube.net

Deixe sua internet plug and play com Pumpconfig

Script para rotacionar logs dos sites no Apache

Ubuntu - Removendo kernels antigos


  

Comentários

Nenhum comentário foi encontrado.


Contribuir com comentário




Patrocínio

Site hospedado pelo provedor HostGator.
Linux banner
Linux banner
Linux banner

Artigos

Dicas

Viva o Android

Tópicos

Top 10 do mês

Scripts