This next script uses the library introduced on a previous post =>
This script was launched at the end of the installation of all the workstations on the company.
It configures the linux, or MAC , to be part of an Active Directory, which allows the administrator to manage the root passwords, what runs at boot, and even the desktop background.
http://www.quest.com/authentication-services/
However, the installation and configuration was slow and wanted to be interactive, so in this case we used expect to automate the human interaction.
The first script is the bash that was launched after the pre-seed job, then comes the expect (which is launched from inside the bash).
#!/bin/bash -x # Script de instalacion de QAS en un desktop # El script llama a fbm_qas_install.expect, donde se ejecutan instrucciones expect. # Las salidas por pantalla, se redirigen al fichero output.expect.o # Los errores se redirigen al fichero output.expect.e # :TODO:01/14/2011 10:32:18 AM CET:: unificar output exec 1>./output.expect.o exec 2>./output.expect.e # Definicion de variables. USERNAME="username_only_allowed_to_add_machines_to_AD" PASS="pass for that user" SERVERIP="xx.yy.tt.rr ip of our repository with all the scripts , also the library. " SERVERPATH="scripts" MASTERURL="http://$SERVERIP/$SERVERPATH" # Funcion para instalar paquete 'smbfs'. installsmbfs(){ echo "Installing smbfs" apt-get update apt-get -y upgrade apt-get -y autoremove apt-get -y install smbfs } # :TODO:01/14/2011 10:32:34 AM CET:: smbfs is not necessary # Comprueba si el paquete 'smbfs' esta instalado en el sistema. Si no lo esta, ejecuta la funcion # llamada 'installsmbfs'. dpkg-query -l 'smbfs' [ "$?" -eq "0" ] && echo "smfs is already installded. Keep going" || installsmbfs # :TODO:01/14/2011 10:32:34 AM CET:: smbfs is not necessary # Comprueba si el paquete 'smbfs' esta instalado en el sistema. Si lo esta, no hace nada. dpkg-query -l 'smbfs' [ "$?" -eq "0" ] && echo "smfs has been installed. Keep going" || die " smfs can not be installed " # Modifica un parametro del fichero /etc/ssh/sshd_config y reinicia el servicio sshd sed -i 's/ChallengeResponseAuthentication no/ChallengeResponseAuthentication yes/g' /etc/ssh/sshd_config /etc/init.d/ssh reload # :TODO:01/14/2011 10:32:58 AM CET:: check if directory already existes , also check if files already exist # Descarga ficheros vas.conf y vgp.conf en sus rutas correspondientes mkdir -p /etc/opt/quest/vas mkdir -p /etc/opt/quest/vgp wget $MASTERURL/etc/opt/quest/vas/vas.conf -O /etc/opt/quest/vas/vas.conf wget $MASTERURL/etc/opt/quest/vgp/vgp.conf -O /etc/opt/quest/vgp/vgp.conf # Modifica el template vas.conf. Escribe el nombre del PC sed -i "s/%%HOSTNAME%%/`hostname`/g" /etc/opt/quest/vas/vas.conf [ -d /home/sysop/fs ] && echo "fs exists" || echo "fs does not exist" [ -d /home/sysop/fs/QAS_4_0_1_22 ] && echo "QAS dir exists" || echo "QAS dir does not exist" cd /home/sysop # :TODO:01/14/2011 10:33:33 AM CET:: this should be done on /tmp wget $MASTERURL/src/QAS_4.tgz tar xvzf QAS_4.tgz cd /home/sysop/QAS_4_0_1_22 ./install.sh -q vasclnt ./install.sh -q vasgp /opt/quest/bin/vastool configure pam common-password apt-get -y install expect ############################# install qas tempscript="fbm_qas_install.expect" if [ ! -f ./$tempscript ] then wget $MASTERURL/bin/$tempscript fi chmod +x $tempscript ./$tempscript $USERNAME $PASS exit 0
#!/usr/bin/expect -f # Script de expect. Script pide pasar parametros en la instalacion de l aaplicacion QAS # Con expect, esos parametros se pasan de forma automatica. #echo "dentro expect" # Se definen la svariables USERNAME y PASS con el valor de los parametros que recibe el script. set USERNAME [lindex $argv 0] set PASS [lindex $argv 1] # ejecutar el fichero ./install.sh del instalador de QAS spawn /opt/quest/bin/vastool -u $USERNAME join corp.barcelonamedia.org # contestar las preguntas de la instalacion de QAS de forma desatendida sleep 1 expect "CORP.ACTIVEDIRECTORYDOMAIN.ORG:*" sleep 1 send "$PASS\r" sleep 60
One thought on “Link Unix machines to AD using Quest Autentication Services. Install it using expect.”
Comments are closed.