This repository has been archived by the owner on Apr 22, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
configureKerberosClient.sh
executable file
·52 lines (45 loc) · 1.94 KB
/
configureKerberosClient.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
#!/bin/bash
echo "==================================================================================="
echo "==== Kerberos Client =============================================================="
echo "==================================================================================="
KADMIN_PRINCIPAL_FULL=$KADMIN_PRINCIPAL@$REALM
echo "REALM: $REALM"
echo "KADMIN_PRINCIPAL_FULL: $KADMIN_PRINCIPAL_FULL"
echo "KADMIN_PASSWORD: $KADMIN_PASSWORD"
echo ""
function kadminCommand {
kadmin -p $KADMIN_PRINCIPAL_FULL -w $KADMIN_PASSWORD -q "$1"
}
echo "==================================================================================="
echo "==== /etc/krb5.conf ==============================================================="
echo "==================================================================================="
tee /etc/krb5.conf <<EOF
[libdefaults]
default_realm = $REALM
dns_canonicalize_hostname = false
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
$REALM = {
kdc = ${KDC_HOST}
admin_server = ${KDC_HOST}
}
EOF
echo ""
echo "==================================================================================="
echo "==== Testing ======================================================================"
echo "==================================================================================="
until kadminCommand "list_principals $KADMIN_PRINCIPAL_FULL"; do
>&2 echo "KDC is unavailable - sleeping 1 sec"
sleep 1
done
echo "KDC and Kadmin are operational"
echo ""
echo "==================================================================================="
echo "==== Add divolte principals ==========================================="
echo "==================================================================================="
echo "Add divolte user"
kadminCommand "addprinc -pw divolte divolte/$(hostname -f)@${REALM}"
echo "Create divolte keytab"
kadminCommand "xst -k /divolte.keytab divolte/$(hostname -f)"
exit 0