Difference between revisions of "Active Directory Join Linux Windows"

From UVOO Tech Wiki
Jump to navigation Jump to search
(Created page with "# Join script join-ad.sh ``` #!/bin/bash set -eux DEFAULT_OU="OU=Example,DC=corp,DC=example,DC=com" unjoin_domain() { echo "Unjoining from the current domain..." if...")
 
(No difference)

Latest revision as of 18:25, 28 February 2025

Join script

join-ad.sh 

#!/bin/bash
set -eux

DEFAULT_OU="OU=Example,DC=corp,DC=example,DC=com"

unjoin_domain() {
    echo "Unjoining from the current domain..."
    if sudo realm leave; then
        echo "Domain unjoin complete. You may now rejoin the domain."
    else
        echo "Failed to unjoin domain. Please check your configuration."
    fi
}

REALM_OUTPUT=$(realm list 2>/dev/null || true)

if [[ -z "$REALM_OUTPUT" ]]; then
    echo "This machine is not joined to any domain."
else
    echo "This machine is already joined to a domain."
    echo "$REALM_OUTPUT"
    read -r -p "Do you want to unjoin the domain before proceeding? (y/n): " UNJOIN_CHOICE || true
    if [[ "${UNJOIN_CHOICE:-n}" =~ ^[Yy]$ ]]; then
        unjoin_domain
    else
        echo "Exiting. No changes made."
    fi
    exit 0
fi

read -p "Enter domain (e.g. example.com): " DOMAIN
read -p "Enter admin username: " ADMIN_USER
echo ""
read -p "Enter computer OU (default: $DEFAULT_OU): " COMPUTER_OU
COMPUTER_OU=${COMPUTER_OU:-"$DEFAULT_OU"}

if grep -qi ubuntu /etc/os-release; then
    echo "Detected Ubuntu. Installing required packages..."
    sudo apt update && sudo apt install -y realmd sssd adcli samba-common-bin krb5-user packagekit
elif grep -qi -E "rhel|centos|fedora" /etc/os-release; then
    echo "Detected Red Hat/CentOS/Fedora. Installing required packages..."
    sudo yum install -y realmd sssd adcli samba-common oddjob oddjob-mkhomedir krb5-workstation
else
    echo "Unsupported OS. Exiting."
    exit 1
fi

realm discover "$DOMAIN"

echo "Will perform join in 10 seconds. ctrl-c to cancel"; sleep 10

sudo realm join --computer-ou="$COMPUTER_OU" --user="$ADMIN_USER" "$DOMAIN"

realm list
# realm leave

Powershell Windows

$NewDomain = "corp.example.com"
$OUPath = "OU=Example,DC=corp,DC=example,DC=com"
$NewDomainUser = "internal\<new join account>"
$NewDomainPassword = ConvertTo-SecureString "YourSecurePassword" -AsPlainText -Force
$NewDomainCredential = New-Object System.Management.Automation.PSCredential ($NewDomainUser, $NewDomainPassword)

$UnjoinDomainUser = "extendhealth\svc-domjoin"
$UnjoinDomainPassword = ConvertTo-SecureString "YourSecurePassword" -AsPlainText -Force
$UnjoinDomainCredential = New-Object System.Management.Automation.PSCredential ($UnjoinDomainUser, $UnjoinDomainPassword)

# Remove from current domain and join to new domain
Add-Computer -DomainName $NewDomain `
             -Credential $NewDomainCredential `
             -OUPath $OUPath `
             -UnjoinDomainCredential $UnjoinDomainCredential `
             -Force `
             -Restart
Retrieved from "https://tech.uvoo.io/index.php?title=Active_Directory_Join_Linux_Windows&oldid=5538"