34 lines
1.6 KiB
Bash
Executable File
34 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# set up defaults for using ldap (pre-answering ldap-auth-config)
|
|
echo "ldap-auth-config ldap-auth-config/ldapns/ldap-server string ldap://192.168.2.2" | debconf-set-selections
|
|
echo "ldap-auth-config ldap-auth-config/ldapns/base-dn string dc=depaoli,dc=id,dc=au" | debconf-set-selections
|
|
echo "ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3" | debconf-set-selections
|
|
echo "ldap-auth-config ldap-auth-config/dbrootlogin boolean true" | debconf-set-selections
|
|
echo "ldap-auth-config ldap-auth-config/dblogin boolean false" | debconf-set-selections
|
|
echo "ldap-auth-config ldap-auth-config/ldapns/base-dn string dc=depaoli,dc=id,dc=au" | debconf-set-selections
|
|
echo "ldap-auth-config ldap-auth-config/rootbinddn string cn=admin,dc=depaoli,dc=id,dc=au" | debconf-set-selections
|
|
echo "ldap-auth-config ldap-auth-config/rootbindpw string a_real_admin_pass_word_for_2o20" | debconf-set-selections
|
|
|
|
sudo apt install libnss-ldap libpam-ldap ldap-utils nscd
|
|
|
|
# make system use ldap for users / groups
|
|
sed -i -e s"/passwd: files/passwd: files systemd ldap/" /etc/nsswitch.conf
|
|
sed -i -e s"/group: files/group: files systemd ldap/" /etc/nsswitch.conf
|
|
|
|
# test this
|
|
echo 'pam-auth-update pam-auth-update/enable_mkhomedir boolean true' | sudo debconf-set-selections
|
|
sudo DEBIAN_FRONTEND=noninteractive pam-auth-update ; # tick on home dir creation
|
|
|
|
# add bind_policy soft to /etc/ldap.conf (as root)
|
|
echo "bind_policy soft" >> /etc/ldap.conf
|
|
|
|
# OLD WAY: answer:
|
|
#1) ldap://192.168.2.2
|
|
#2) dc=depaoli,dc=id,dc=au
|
|
#3) 3
|
|
#4) Yes
|
|
#5) No
|
|
#6) cn=admin,dc=depaoli,dc=id,dc=au
|
|
#7) a_real_admin_pass_word_for_2o20
|