kaluche · November 12, 2019 15:39
diff --git a/kerberos-autoconf.sh b/kerberos-autoconf.sh
 #!/bin/bash
 if [ "$1" == "-h" ]; then
  echo "Usage:	`basename $0` Autoconf of /etc/krb5.conf. Replace default value with your value."
  echo " -r <REALM> (Your Realm. Ex: FOO)"
  echo " -k <KDC> (The KDC. Ex: DC1)"
  echo " -f <FQDN> (The FQDN of your domain. Ex:  FOO.LOCAL)"
  exit 0
 fi
 while getopts r:k:f: option
 do
 case "${option}"
 in
 r) REALM=${OPTARG};;
 k) KDC=${OPTARG};;
 f) FQDN=${OPTARG};;
 esac
 done

 KRB5CONF="[libdefaults] \n
 \tdefault_realm = FOO.LOCAL \n
 \tkdc_timesync = 1 \n
 \tccache_type = 4 \n
 \tforwardable = true \n
 \tproxiable = true \n
 \tv4_instance_resolve = false \n
 \tv4_name_convert = { \n
 \thost = { \n
 \t\trcmd = host \n
 \t\tftp = ftp \n
 \t\t} \n
 \tplain = { \n
 \t\tsomething = something-else \n
 \t\t} \n
 \t} \n
 \tfcc-mit-ticketflags = true \n
 \n
 [realms] \n
 FOO = { \n
 kdc = DC1.foo.local:88 \n
 admin_server = DC1.foo.local \n
 default_domain = foo.local \n
 } \n
 [domain_realm] \n
 .foo.local = FOO.LOCAL \n
 foo.local = FOO.LOCAL \n
 [login] \n
 krb4_convert = true \n
 krb4_get_tickets = false"

 # Keep the case
 REALM=$(echo $REALM | tr '[:lower:]' '[:upper:]')
 FQDN_LOWERCASE=$(echo $FQDN | tr '[:upper:]' '[:lower:]')
 FQDN_UPPERCASE=$(echo $FQDN | tr '[:lower:]' '[:upper:]')
 KDC = $k

 echo "[*] Using $REALM as REALM"
 echo "[*] Using $FQDN as FQDN"
 echo "[*] Using $KDC as KDC"
 echo "[*] Printing conf ..."
 echo ""

 NEWKRB5CONF=$(echo $KRB5CONF |sed "s/DC1/$KDC/g" | sed "s/FOO /$REALM /g" | sed "s/FOO.LOCAL/$FQDN_UPPERCASE/g"  |  sed "s/foo.local/$FQDN_LOWERCASE/g" )
 echo -e $NEWKRB5CONF

 echo ""
 echo -n "Want to copy the content to /etc/krb5.conf ? (y/n): "
 read v
 if [[ $v == "y"  ||  $v == "Y" ]]; then
 # careful here, missing a unique backup of the orignal krb5.conf file (if you run the script 2 times,  you will erase the backup /o\)
 	cp /etc/krb5.conf /etc/krb5.conf.bak
 	echo "Current configuration file backup to /etc/krb5.conf.bak..."
 	echo -e $NEWKRB5CONF > /etc/krb5.conf
 	echo "New kerberos client configuration file created in /etc/krb5.conf !"
 else
 	echo "Good bye !"
 	exit 0
 fi
	#!/bin/bash
	if [ "$1" == "-h" ]; then
	echo "Usage: `basename $0` Autoconf of /etc/krb5.conf. Replace default value with your value."
	echo " -r <REALM> (Your Realm. Ex: FOO)"
	echo " -k <KDC> (The KDC. Ex: DC1)"
	echo " -f <FQDN> (The FQDN of your domain. Ex: FOO.LOCAL)"
	exit 0
	fi
	while getopts r:k:f: option
	do
	case "${option}"
	in
	r) REALM=${OPTARG};;
	k) KDC=${OPTARG};;
	f) FQDN=${OPTARG};;
	esac
	done

	KRB5CONF="[libdefaults] \n
	\tdefault_realm = FOO.LOCAL \n
	\tkdc_timesync = 1 \n
	\tccache_type = 4 \n
	\tforwardable = true \n
	\tproxiable = true \n
	\tv4_instance_resolve = false \n
	\tv4_name_convert = { \n
	\thost = { \n
	\t\trcmd = host \n
	\t\tftp = ftp \n
	\t\t} \n
	\tplain = { \n
	\t\tsomething = something-else \n
	\t\t} \n
	\t} \n
	\tfcc-mit-ticketflags = true \n
	\n
	[realms] \n
	FOO = { \n
	kdc = DC1.foo.local:88 \n
	admin_server = DC1.foo.local \n
	default_domain = foo.local \n
	} \n
	[domain_realm] \n
	.foo.local = FOO.LOCAL \n
	foo.local = FOO.LOCAL \n
	[login] \n
	krb4_convert = true \n
	krb4_get_tickets = false"

	# Keep the case
	REALM=$(echo $REALM \| tr '[:lower:]' '[:upper:]')
	FQDN_LOWERCASE=$(echo $FQDN \| tr '[:upper:]' '[:lower:]')
	FQDN_UPPERCASE=$(echo $FQDN \| tr '[:lower:]' '[:upper:]')
	KDC = $k

	echo "[*] Using $REALM as REALM"
	echo "[*] Using $FQDN as FQDN"
	echo "[*] Using $KDC as KDC"
	echo "[*] Printing conf ..."
	echo ""

	NEWKRB5CONF=$(echo $KRB5CONF \|sed "s/DC1/$KDC/g" \| sed "s/FOO /$REALM /g" \| sed "s/FOO.LOCAL/$FQDN_UPPERCASE/g" \| sed "s/foo.local/$FQDN_LOWERCASE/g" )
	echo -e $NEWKRB5CONF

	echo ""
	echo -n "Want to copy the content to /etc/krb5.conf ? (y/n): "
	read v
	if [[ $v == "y" \|\| $v == "Y" ]]; then
	# careful here, missing a unique backup of the orignal krb5.conf file (if you run the script 2 times, you will erase the backup /o\)
	cp /etc/krb5.conf /etc/krb5.conf.bak
	echo "Current configuration file backup to /etc/krb5.conf.bak..."
	echo -e $NEWKRB5CONF > /etc/krb5.conf
	echo "New kerberos client configuration file created in /etc/krb5.conf !"
	else
	echo "Good bye !"
	exit 0
	fi