#!/bin/sh #color bolda='\033[1m' nrmltxt='\033[0m' undln='\033[4m' red='\E[31;40m' blink='\E[31;40;5m' alias reset='; tput sgr0' clear echo -e "This Shell script will create an automated SMB.CONF for a $bolda'Samba 2.2.8a PDC'$nrmltxt" echo "it will also create a multiple user script (addusers.sh), and folders (netlogon and profiles)." echo "At the end if you have a text file with users and their passwords in this format" echo "[username password] you can import into Samba creating the encrypted password" echo "" echo " Script name: samba228.smbconf.sh" echo -e " Created by: $bolda'WinXperts'$nrmltxt" echo " Version beta 1, Copyrights (c) 2003" echo "" read -p "Do you whish to continue with the script? (yes or no) " answer if [ $answer = "no" ] then clear echo "You can run this script when you want to add a PDC to your network..." echo "" else clear echo "Starting the Script..." echo "" #Test for static or dynamic ip grep -q static /etc/network/interfaces if [ $? -eq 0 ] then echo "Your computer is using Static ip" echo "" static="yes" else echo "WARNING: Your computer is using Dynamic IP, for a PDC you need to set a static IP" echo "You should do this as soon as you finish with this script" dynamic="yes" echo "" fi #Testing for samba version smb=`smbd -V` if [ "$smb"="Version 2.2.8a-0.9woody1 for Debian" ] then echo "The samba version is: $smb" else echo "You need Samba 2.2.8a to use this script, your version is: $smb" fi # Backup the default smb.conf echo "Backing up Default smb.conf..." echo "" echo "Backup complete" backup="ok" cp /etc/samba/smb.conf /etc/samba/smb.conf.default echo "Done..." echo "" # Create necesarry folders for PDC if [ -d /etc/samba/netlogon ] then echo "Directory exist skipping directory creation..." netlogon="not created" echo "" else echo "Creating netlogon folder" mkdir -m 0600 -v -p /etc/samba/netlogon echo "Done..." netlogon="ok" echo "" fi if [ -d /etc/samba/profiles ] then echo "Directory profiles exist skipping directory creation..." profiles="not created" echo "" else echo "Creating profiles folder..." mkdir -m 1777 /etc/samba/profiles echo "Done..." profiles="ok" echo "" fi # Gathering information for the customized smb.conf echo "Gathering information for the customized smb.conf" echo "" echo -e "The name of this computer is $bolda'$HOSTNAME'$nrmltxt type a different name for your Domain" echo -e "Example : $bolda $HOSTNAME-lnx $nrmltxt" read -p "What is the name of the Domain? " domainname echo -e "Domain name is going to be: $bolda $domainname $nrmltxt" read -p "Type in the IP address of your network? (example: 192.168.1.) " iprange echo -e "IP Range is going to be: $bolda $iprange $nrmltxt" comp_ip="${iprange}1 - ${iprange}254" echo -e "IP address allowed: $bolda $comp_ip $nrmltxt" read -p "Who are the Admin users (separate them with a blank space) " domainadmins echo -e "The Admins users are: $bolda $domainadmins $nrmltxt" # echo "Removing old smb.conf..." rm /etc/samba/smb.conf echo "Please wait while I generate the smb.conf configuration file..." export SMBCONF="/etc/samba/smb.conf" echo "#======================================================#" >> $SMBCONF echo "# Samba PDC Configuration for Xandros Debian GNU/Linux #" >> $SMBCONF echo "# #" >> $SMBCONF echo "# Samba version 2.2.x #" >> $SMBCONF echo "# Automatic smb.conf - WinXperts(c)2003 #" >> $SMBCONF echo "# Email me with comments: winxpert@hotmail.com #" >> $SMBCONF echo "#======================================================#" >> $SMBCONF echo "" >> $SMBCONF echo "[global]" >> $SMBCONF echo "workgroup = $domainname" >> $SMBCONF echo "netbios name = $HOSTNAME" >> $SMBCONF echo "server string = $domainname (%v)" >> $SMBCONF echo "load printers = no" >> $SMBCONF echo "printcap name = cups" >> $SMBCONF echo "printing = cups" >> $SMBCONF echo "print command = lp -d %p %s; rm %s" >> $SMBCONF echo "log file = /var/log/samba/log.%m" >> $SMBCONF echo "max log size = 1000" >> $SMBCONF echo "syslog = 0" >> $SMBCONF echo "security = USER" >> $SMBCONF echo "encrypt passwords = yes" >> $SMBCONF echo "socket options=TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192" >> $SMBCONF echo "name resolve order = lmhosts wins bcast host" >> $SMBCONF echo "dns proxy = no" >> $SMBCONF echo ";logon script = login.vbs" >> $SMBCONF echo "unix password sync = yes" >> $SMBCONF echo "passwd program = /usr/bin/passwd %u" >> $SMBCONF echo "passwd chat = *EntersnewsUNIXspassword:* %nn *RetypesnewsUNIXspassword:* %nn ." >> $SMBCONF echo "obey pam restrictions = yes" >> $SMBCONF echo "preserve case = yes" >> $SMBCONF echo "case sensitive = no" >> $SMBCONF echo "short preserve case = yes" >> $SMBCONF echo "os level = 65" >> $SMBCONF echo "domain master = yes" >> $SMBCONF echo "domain admin group = root $domainadmins" >> $SMBCONF echo "add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u" >> $SMBCONF echo ";winbind separator" >> $SMBCONF echo "prefered master = yes" >> $SMBCONF echo ";template homedir" >> $SMBCONF echo ";wins server" >> $SMBCONF echo ";password server" >> $SMBCONF echo "wins support = no" >> $SMBCONF echo ";template shell" >> $SMBCONF echo "local master = yes" >> $SMBCONF echo ";winbind uid" >> $SMBCONF echo "domain logons = yes" >> $SMBCONF echo "; preexec = /bin/mount /cdrom" >> $SMBCONF echo "; postexec = /bin/umount /cdrom" >> $SMBCONF echo "#Remove the comment from next line to enable Profiles" >> $SMBCONF echo ';logon home = \\%L\%U\' >> $SMBCONF echo ';logon path = \\%N\profiles\%U' >> $SMBCONF echo ";profile acls = yes" >> $SMBCONF echo "logon drive = h:" >> $SMBCONF echo "" >> $SMBCONF echo "#Security settings" >> $SMBCONF echo "hosts allow = $iprange 127.0.0.1" >> $SMBCONF echo "hosts deny=0.0.0.0/0" >> $SMBCONF echo ";Valid users needs a group named smbusers and the users" >> $SMBCONF echo ";needs to be members of it." >> $SMBCONF echo ";valid users = @smbusers" >> $SMBCONF echo "interfaces=eth* lo" >> $SMBCONF echo "bind interfaces only = yes" >> $SMBCONF echo "" >> $SMBCONF echo "[IPC$]" >> $SMBCONF echo "hosts allow=$iprange 127.0.0.1" >> $SMBCONF echo "hosts deny=0.0.0.0/0" >> $SMBCONF echo "" >> $SMBCONF echo "[profiles]" >> $SMBCONF echo "path = /etc/samba/profiles" >> $SMBCONF echo "browseable = no" >> $SMBCONF echo "read only = no" >> $SMBCONF echo "writeable = yes" >> $SMBCONF echo "create mask = 0600" >> $SMBCONF echo "directory mask = 0700" >> $SMBCONF echo "" >> $SMBCONF echo "[homes]" >> $SMBCONF echo "browseable = no" >> $SMBCONF echo "read only = no" >> $SMBCONF echo "writeable = yes" >> $SMBCONF echo "create mask = 0600" >> $SMBCONF echo "directory mask = 0700" >> $SMBCONF echo "veto files = /.*/" >> $SMBCONF echo "" >> $SMBCONF echo "[netlogon]" >> $SMBCONF echo "comment = NETLOGON service" >> $SMBCONF echo "path = /etc/samba/netlogon" >> $SMBCONF echo "locking = no" >> $SMBCONF echo "browseable = yes" >> $SMBCONF echo "read only = no" >> $SMBCONF echo "writeable = yes" >> $SMBCONF echo "public = no" >> $SMBCONF echo "write list = root $domainadmins" >> $SMBCONF echo "max connections = 0" >> $SMBCONF echo "available = yes" >> $SMBCONF echo "Done..." smbconffile="ok" echo "Done, restart Samba now..." /etc/init.d/samba restart echo "" stty -echo read -p "Please type a password for ROOT, different than the real ROOT password: " rootpass smbpasswd -as root $rootpass stty echo clear echo "" echo "Now you will need to do a smbpasswd -a for each user..." read -p "Do you have a file with the users names and passwords? yes/no " userstxt if [ $userstxt = "yes" ] then read -p "Please type the path and the name of the file Example: /root/desktop/users.txt " filename while read n1 n2; do smbpasswd -as ${n1} ${n2}; done < $filename else echo "Done..." fi echo "Creating script for future use..." if [ -f /usr/bin/addusers.sh ] then echo "The file /usr/bin/addusers.sh exist skipping..." addusers="not created" else export ADDUSERS="/usr/bin/addusers.sh" echo "#---------------------------------------------------------------------------" >> $ADDUSERS echo "#Bash #2 (Important: save in /usr/bin/ as addusers.sh and do a chmod u+rx) " >> $ADDUSERS echo "#---------------------------------------------------------------------------" >> $ADDUSERS echo "#!/bin/sh" >> $ADDUSERS echo "" >> $ADDUSERS echo "echo 'Add users to Samba 2.2.x from a text file'" >> $ADDUSERS echo " " >> $ADDUSERS echo " " >> $ADDUSERS echo "echo 'Please type the path and the name of the file Example: /root/Desktop/users.txt' " >> $ADDUSERS echo "read -p ' ' filename" >> $ADDUSERS echo 'while read n1 n2; do smbpasswd -as ${n1} ${n2}; done < $filename' >> $ADDUSERS chmod u+rx /usr/bin/addusers.sh echo "Done..." addusers="ok" fi clear echo -e " $bolda$undln'SUMMARY'$nrmltxt " echo "" echo -e "Backup =$bolda $backup $nrmltxt" echo -e "Samba version =$bolda $smb3 $nrmltxt" echo -e "Netlogon folder =$bolda $netlogon $nrmltxt" echo -e "Profiles folder =$bolda $profiles $nrmltxt" echo -e "Smbgrpadd script =$bolda $smbgrpadd $nrmltxt" echo -e "Initgroups script =$bolda $initgroups $nrmltxt" echo -e "Addusers script =$bolda $addusers $nrmltxt" echo "" if [ $static = no ] then echo -e "$blink$bolda *WARNING*: $nrmltxt$reset $bolda$red'Your computer is using Dynamic IP, for a PDC you need to set a static IP, You should do this now'" $reset $nrmltxt else echo -e "Static IP =$bolda yes $nrmltxt" fi $reset echo "" echo -e "Domain name =$bolda $domainname $nrmltxt" echo -e "IP Range =$bolda $iprange $nrmltxt" echo -e "IP address allowed =$bolda $comp_ip $nrmltxt" echo -e "Domain Admins =$bolda $domainadmins $nrmltxt" echo -e "Samba Configuration file =$bolda $smbconffile $nrmltxt" echo "" echo "To join the Domain you may need to use:" echo "" echo "[username: $domainname\root]" echo -e "[password:$bolda $rootpass $nrmltxt]" echo "" echo -e "Please email me with comments at $bolda'winxpert@hotmail.com'$nrmltxt, Enjoy it..." fi