HOSTNAME=RWUSDCKRSL1
DOMAIN_NAME=ravenwolf.org
DOMAIN_NAME_UC=RAVENWOLF.ORG
DOMAIN_USER=sanderson
DOMAIN_USER_FULL=$DOMAIN_USER@$DOMAIN_NAME_UC

hostnamectl set-hostname $HOSTNAME

; Install Components
sudo apt-get install krb5-user samba sssd sssd-tools libnss-sss libpam-sss ntp ntpdate realmd adcli

; Update NTP Config
sed -e '\|server $DOMAIN_NAME|h; ${x;s/incl//;{g;t};a\' -e 'server $DOMAIN_NAME' -e '}' /etc/ntp.conf > /etc/ntp.conf

; Force an NTP Update
sudo systemctl stop ntp
sudo ntpdate $DOMAIN_NAME
sudo systemctl start ntp

; Find the Domain
sudo realm discover $DOMAIN_NAME_UC

; Join the Domain
kinit $DOMAIN_USER
sudo realm join --verbose $DOMAIN_NAME_UC -U $DOMAIN_USER --install=/

; Edit the SSD
; Comment out the following line
; use_fully_qualified_names = True
sed -i '/^use_fully_qualified_names = True/s/^/#/g' /etc/sssd/sssd.conf 
sudo service sssd restart

; Setup Home Directory
; Add the following line in this /etc/pam.d/common-session below the line 'session optional pam_sss.so' and save it:
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077
sed -i '/session optional.*pam_sss.so/a some session required pam_mkhomedir.so skel=/etc/skel/ umask=0077' /etc/pam.d/common-session

; Add suport for Domain Admins to /etc/sudoers
; Add 'AAD DC Administrators' group members as admins.
; %Domain\ Admins ALL=(ALL) NOPASSWD:ALL
sed -e '\|\%Domain\ Admins ALL=(ALL) NOPASSWD:ALL|h; ${x;s/incl//;{g;t};a\' -e '\%Domain\ Admins ALL=(ALL) NOPASSWD:ALL' -e '}' /etc/sudoers > /etc/sudoers