#!/bin/sh #color bolda='\033[1m' nrmltxt='\033[0m' undln='\033[4m' red='\E[31;40m' blink='\E[31;40;5m' alias reset='; tput sgr0' clear echo -e "This Shell script will create an automated SMB.CONF for a $bolda'Samba 3.0.0 PDC'$nrmltxt" echo "it will also create the necessary scripts (smbgrpadd.sh and initgroups.sh), and" echo "folders (netlogon and profiles). At the end if you have a text file with users" echo -e "and their passwords in this format $bolda[username password]$nrmltxt you can import into Samba" echo "creating the encrypted password" echo "" echo " Script name: samba3.smbconf.sh" echo -e " Created by: $bolda'WinXperts'$nrmltxt" echo " version beta 1, Copyrights (c) 2003" echo "" read -p "Do you whish to continue with the script? (yes or no) " answer if [ $answer = no ] then clear echo "You can run this script when you want to add a PDC to your network..." else clear echo "Starting the Script..." echo "" #Test for static or dynamic ip grep -q static /etc/network/interfaces if [ $? -eq 0 ] then echo "Your computer is using Static ip" echo "" static="yes" else echo "WARNING: Your computer is using Dynamic IP, for a PDC you need to set a static IP" echo "You should do this as soon as you finish with this script" static="no" echo "" fi #Testing for samba version smb3=`smbd -V` if [ "$smb3"="Version 3.0.0-Debian" ] then echo "The samba version is: $smb3 " else echo "You need Samba 3.0.0 to use this script, your version is: $smb3" fi # Backup the default smb.conf echo "Backing up Default smb.conf..." echo "" echo "Backup complete" backup="ok" cp /etc/samba/smb.conf /etc/samba/smb.conf.default echo "Done..." echo "" # Create necesarry folders for PDC if [ -d /etc/samba/netlogon ] then echo "Directory exist skipping directory creation..." netlogon="not created" echo "" else echo "Creating netlogon folder" mkdir -m 0600 -v -p /etc/samba/netlogon echo "Done..." netlogon="ok" echo "" fi if [ -d /etc/samba/profiles ] then echo "Directory profiles exist skipping directory creation..." profiles="not created" echo "" else echo "Creating profiles folder..." mkdir -m 1777 /etc/samba/profiles echo "Done..." profiles="ok" echo "" fi # Create scripts if [ -f /usr/bin/smbgrpadd.sh ] then echo "The file smbgrpadd.sh exist skipping..." smbgrpadd="not created" echo "" else smbgrpadd="ok" echo "Creating /usr/bin/smbgrpadd.sh..." export SMBGRPADD="/usr/bin/smbgrpadd.sh" echo "#--------------------------------------------------------------------------" >> $SMBGRPADD echo "#Bash #1 (Important: save in /usr/bin/ as smbgrpadd.sh and do a chmod u+rx)" >> $SMBGRPADD echo "#--------------------------------------------------------------------------" >> $SMBGRPADD echo "#!/bin/bash" >> $SMBGRPADD echo "#groupadd smbtmpgrp00" >> $SMBGRPADD echo "" >> $SMBGRPADD echo "thegid='cat /etc/group | grep smbtmpgrp00 | cut -d ":" -f3'" >> $SMBGRPADD echo "" >> $SMBGRPADD echo "cp /etc/group /etc/group.bak" >> $SMBGRPADD echo "cat /etc/group.back | sed s/smbtmpgrp00/$1/g > /etc/group" >> $SMBGRPADD echo "" >> $SMBGRPADD echo "echo $thegid" >> $SMBGRPADD echo "exit 0" >> $SMBGRPADD chmod u+rx /usr/bin/smbgrpadd.sh echo "Done..." echo "" fi if [ -f /usr/bin/initgroups.sh ] then echo "The file initgroups.sh exist skipping..." initgroups="not created" echo "" else initgroups="ok" export INITGRPS="/usr/bin/initgroups.sh" echo "#---------------------------------------------------------------------------" >> $INITGRPS echo "#Bash #2 (Important: save in /usr/bin/ as initgroups.sh and do a chmod u+rx)" >> $INITGRPS echo "#---------------------------------------------------------------------------" >> $INITGRPS echo "#!/bin/bash" >> $INITGRPS echo "" >> $INITGRPS echo "net groupmap modify ntgroup='Domain Admins' unixgroup=ntadmin" >> $INITGRPS echo "net groupmap modify ntgroup='Domain Users' unixgroup=users" >> $INITGRPS echo "net groupmap modify ntgroup='Domain Guests' unixgroup=nobody" >> $INITGRPS chmod u+rx /usr/bin/initgroups.sh groupadd ntadmin groupadd nobody groupadd smbusers /usr/bin/initgroups.sh echo "Done..." echo "" fi clear # Gathering information for the customized smb.conf echo "Gathering information for the customized smb.conf" echo "" echo -e "The name of this computer is $bolda'$HOSTNAME'$nrmltxt type a different name for your Domain" echo -e "Example : $bolda $HOSTNAME-lnx $nrmltxt" read -p "What is the name of the Domain? " domainname echo -e "Domain name is going to be: $bolda $domainname $nrmltxt" read -p "Type in the IP address of your network? (example: 192.168.1.) " iprange echo -e "IP Range is going to be: $bolda $iprange $nrmltxt" comp_ip="${iprange}1 - ${iprange}254" echo -e "IP address allowed: $bolda $comp_ip $nrmltxt" read -p "Who are the Admin users (separate them with a blank space) " domainadmins echo -e "The Admins users are: $bolda $domainadmins $nrmltxt" echo "" echo "Removing the old SMB.CONF..." rm /etc/samba/smb.conf echo "" echo "Please wait while I generate the smb.conf configuration file..." export SMBCONF="/etc/samba/smb.conf" echo "#======================================================#" >> $SMBCONF echo "# Samba PDC Configuration for Xandros Debian GNU/Linux #" >> $SMBCONF echo "# #" >> $SMBCONF echo "# Automatic smb.conf - WinXperts(c)2003 #" >> $SMBCONF echo "# Email me with comments: winxpert@hotmail.com #" >> $SMBCONF echo "#======================================================#" >> $SMBCONF echo "" >> $SMBCONF echo "[global]" >> $SMBCONF echo "workgroup= $domainname" >> $SMBCONF echo "netbios name= $HOSTNAME" >> $SMBCONF echo "server string=%h server (Samba %v)" >> $SMBCONF echo "load printers=no" >> $SMBCONF echo "printing=cups" >> $SMBCONF echo "print command=lp -d %p %s; rm %s" >> $SMBCONF echo "printcap name=cups" >> $SMBCONF echo "log file=/var/log/samba/log.%m" >> $SMBCONF echo "max log size=1000" >> $SMBCONF echo "syslog=0" >> $SMBCONF echo "security=USER" >> $SMBCONF echo "encrypt passwords=true" >> $SMBCONF:${netlogon="not created"} echo "passdb backend=smbpasswd" >> $SMBCONF echo "socket options=TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192" >> $SMBCONF echo "# Remove the comment from next line to enable Profiles #" >> $SMBCONF echo '#logon home=\\%L\%U\' >> $SMBCONF echo '#logon path = \\%N\profiles\%U' >> $SMBCONF echo "logon drive = h:" >> $SMBCONF echo "profile acls = yes" >> $SMBCONF echo "#logon script = login.vbs" >> $SMBCONF echo "dns proxy=no" >> $SMBCONF echo "name resolve order=lmhosts wins bcast host" >> $SMBCONF echo "passwd program=/usr/bin/passwd %u" >> $SMBCONF echo "passwd chat=*Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n ." >> $SMBCONF echo "admin users = $domainadmins" >> $SMBCONF echo "add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u" >> $SMBCONF echo "add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u" >> $SMBCONF echo "add group script = /usr/bin/smbgrpadd.sh %g" >> $SMBCONF echo "obey pam restrictions=yes" >> $SMBCONF echo "panic action=/usr/share/samba/panic-action %d" >> $SMBCONF echo "preserve case=yes" >> $SMBCONF echo "case sensitive=no" >> $SMBCONF echo "short preserve case=yes" >> $SMBCONF echo "os level=65" >> $SMBCONF echo "domain master=yes" >> $SMBCONF echo ";winbind separator" >> $SMBCONF echo "prefered master=yes" >> $SMBCONF echo ";template homedir" >> $SMBCONF echo ";wins server" >> $SMBCONF echo ";password server" >> $SMBCONF echo ";winbind gid" >> $SMBCONF echo "wins support=no" >> $SMBCONF echo ";template shell" >> $SMBCONF echo "local master=yes" >> $SMBCONF echo ";winbind uid" >> $SMBCONF echo "domain logons=yes" >> $SMBCONF echo "; preexec = /bin/mount /cdrom" >> $SMBCONF echo "; postexec = /bin/umount /cdrom" >> $SMBCONF echo "" >> $SMBCONF echo "# Advance security settings" >> $SMBCONF echo " hosts allow= $iprange 127.0.0.1" >> $SMBCONF echo " hosts deny = 0.0.0.0/0" >> $SMBCONF echo "; valid users = @smbusers" >> $SMBCONF echo " interfaces = eth* lo" >> $SMBCONF echo " bind interfaces only = yes" >> $SMBCONF echo "" >> $SMBCONF echo "#================================[homes]=============================" >> $SMBCONF echo "[homes]" >> $SMBCONF echo ' path=/home/%U/My Documents' >> $SMBCONF echo " browseable=yes" >> $SMBCONF echo " writeable=yes" >> $SMBCONF echo " public=no" >> $SMBCONF echo " veto files = /.*/" >> $SMBCONF echo "" >> $SMBCONF echo "#================================[netlogon]==========================" >> $SMBCONF echo "[netlogon]" >> $SMBCONF echo " comment=NETLOGON service" >> $SMBCONF echo " path=/etc/samba/netlogon" >> $SMBCONF echo " locking=no" >> $SMBCONF echo " browseable=yes" >> $SMBCONF echo " writeable=yes" >> $SMBCONF echo " public=no" >> $SMBCONF echo " write list= $domainadmins" >> $SMBCONF echo " max connections=0" >> $SMBCONF echo " available=yes" >> $SMBCONF echo "" >> $SMBCONF echo "#================================[profiles]==========================" >> $SMBCONF echo ";[profiles]" >> $SMBCONF echo "; public=no" >> $SMBCONF echo "; browseable=yes" >> $SMBCONF echo "; path=/etc/samba/profiles" >> $SMBCONF echo "; writeable=yes" >> $SMBCONF echo "; create mask=0600" >> $SMBCONF echo "; directory mask=0700" >> $SMBCONF echo "; max connections=0" >> $SMBCONF echo "; available=yes" >> $SMBCONF smbconffile="ok" echo "Done, restart Samba now..." /etc/init.d/samba restart echo "" stty -echo read -p "Please type a password for ROOT, different than the real ROOT password: " rootpass smbpasswd -as root $rootpass stty echo clear echo "" echo "Now you will need to do a smbpasswd -a for each user..." read -p "Do you have a file with the users names and passwords? yes/no " userstxt if [ $userstxt = "yes" ] then read -p "Please type the path and the name of the file Example: /root/desktop/users.txt " filename while read n1 n2; do smbpasswd -as ${n1} ${n2}; done < $filename else echo "Done..." fi echo "Creating script for future use..." if [ -f /usr/bin/addusers.sh ] then rm /usr/bin/addusers.sh export ADDUSERS="/usr/bin/addusers.sh" echo "#---------------------------------------------------------------------------" >> $ADDUSERS echo "#Bash #2 (Important: save in /usr/bin/ as addusers.sh and do a chmod u+rx)" >> $ADDUSERS echo "#---------------------------------------------------------------------------" >> $ADDUSERS echo "#!/bin/sh" >> $ADDUSERS echo "" >> $ADDUSERS echo "echo 'Add users to Samba 3 from a text file'" >> $ADDUSERS echo " " >> $ADDUSERS echo " " >> $ADDUSERS echo "echo 'Please type the path and the name of the file Example: /root/Desktop/users.txt' " >> $ADDUSERS echo "read -p ' ' filename" >> $ADDUSERS echo 'while read n1 n2; do smbpasswd -as ${n1} ${n2}; done < $filename' >> $ADDUSERS chmod u+rx /usr/bin/addusers.sh echo "Done..." addusers="ok" else echo "The file /usr/bin/addusers.sh exist skipping..." addusers="not created" fi clear echo -e " $bolda$undln'SUMMARY'$nrmltxt " echo "" echo -e "Backup =$bolda $backup $nrmltxt" echo -e "Samba version =$bolda $smb3 $nrmltxt" echo -e "Netlogon folder =$bolda $netlogon $nrmltxt" echo -e "Profiles folder =$bolda $profiles $nrmltxt" echo -e "Smbgrpadd script =$bolda $smbgrpadd $nrmltxt" echo -e "Initgroups script =$bolda $initgroups $nrmltxt" echo -e "Addusers script =$bolda $addusers $nrmltxt" echo "" if [ $static = no ] then echo -e "$blink$bolda *WARNING*: $nrmltxt$reset $bolda$red'Your computer is using Dynamic IP, for a PDC you need to set a static IP, You should do this now'" $reset $nrmltxt else echo -e "Static IP =$bolda yes $nrmltxt" fi $reset echo "" echo -e "Domain name =$bolda $domainname $nrmltxt" echo -e "IP Range =$bolda $iprange $nrmltxt" echo -e "IP address allowed =$bolda $comp_ip $nrmltxt" echo -e "Domain Admins =$bolda $domainadmins $nrmltxt" echo -e "Samba Configuration file =$bolda $smbconffile $nrmltxt" echo "" echo "To join the Domain you may need to use:" echo "" echo "[username: $domainname\root]" echo -e "[password:$bolda $rootpass $nrmltxt]" echo "" echo -e "Please email me with comments at $bolda'winxpert@hotmail.com'$nrmltxt, Enjoy it..." fi