110 lines
3.3 KiB
Bash
110 lines
3.3 KiB
Bash
#!/bin/bash
|
|
|
|
##########################################################################
|
|
# Shellscript : Script
|
|
# Autor : Jobst Heinermann, macenterprise gmbh
|
|
# Copyright : macenterprise 2019
|
|
##########################################################################
|
|
|
|
|
|
#function
|
|
ask () {
|
|
osascript <<EOF - 2>/dev/null
|
|
tell application "SystemUIServer"
|
|
activate
|
|
text returned of (display dialog "$1" default answer "")
|
|
end tell
|
|
EOF
|
|
}
|
|
|
|
askhidden () {
|
|
osascript <<EOF - 2>/dev/null
|
|
tell application "SystemUIServer"
|
|
activate
|
|
text returned of (display dialog "$1" default answer "" with hidden answer)
|
|
end tell
|
|
EOF
|
|
}
|
|
|
|
askolddir () {
|
|
osascript <<EOF - 2>/dev/null
|
|
set strPath to POSIX file "/Users/"
|
|
set f to (choose folder with prompt "$1" default location strPath)
|
|
set posixF to POSIX path of f
|
|
tell application "Finder" to set filesDir to container of f as alias as text
|
|
set posixDir to POSIX path of filesDir
|
|
posixF
|
|
|
|
EOF
|
|
}
|
|
|
|
asknewdir () {
|
|
osascript <<EOF - 2>/dev/null
|
|
tell application "SystemUIServer"
|
|
activate
|
|
text returned of (display dialog "$1" default answer "")
|
|
end tell
|
|
EOF
|
|
}
|
|
|
|
DecryptString() {
|
|
# Usage: ~$ DecryptString "Encrypted String" "Salt" "Passphrase"
|
|
echo "${1}" | /usr/bin/openssl enc -aes256 -d -a -A -S "${2}" -k "${3}"
|
|
}
|
|
|
|
#Prüfungen
|
|
#diba.corp.int erreichbar?
|
|
AD_ING="diba.corp.int" #AD Domaine
|
|
AD_STAT=$(dsconfigad -show | awk '/Active Directory Domain/{print $NF}') #AD Domain auf System
|
|
|
|
ping -c1 $AD_ING 1>/dev/null 2>/dev/null
|
|
SUCCESS=$?
|
|
|
|
#Binding OK?
|
|
if [[ "$AD_STAT" = "$AD_ING" && $SUCCESS -eq 0 ]]
|
|
then
|
|
osascript -e 'tell application "SystemUIServer" to display dialog "AD ist erreichbar und konfiguriert!" buttons {"OK"} default button "OK"'
|
|
else
|
|
osascript -e 'tell application "SystemUIServer" to display dialog "AD ist nicht erreichbar !" buttons {"OK"} default button "OK"' && exit 1
|
|
fi
|
|
|
|
|
|
#Variabeln
|
|
# Abfrage der Userinfos
|
|
# PDIR=$(askolddir 'Bitte User auswählen') || exit #Pfad zum Homefolder
|
|
# UDIR=$(echo $PDIR | sed 's/.$//') #Bereiningung des Pfad
|
|
# ONAME=$(echo $UDIR | cut -d'/' -f3-) #Separierung des Username
|
|
# NDIR=$(asknewdir 'Bitte Personalnummer eingeben') || exit #legt neuen User & Pfadnamen fest
|
|
PNUM=$(ask 'Bitte Personalnummer eingeben') || exit #Personalnummer
|
|
# FNAME=$(ask 'Bitte den Namen des User eingeben') || exit #Fullname
|
|
ADMIN="ladmin" #lokaler Admin
|
|
PASS=$(askhidden 'Bitte das Passwort des User eingeben') || exit #User Passwort
|
|
APASS=$(DecryptString "$4" "$5" "$6") #Admin Passwort
|
|
AGRP="DOMDIBACORP\Domain Users" #User Gruppe im AD
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#User löschen
|
|
# sudo dscl . delete /Users/"$ONAME"
|
|
|
|
sleep 5
|
|
|
|
# sudo chown -R "$PNUM":"$AGRP" /Users/"$ONAME"
|
|
|
|
# sudo mv "$UDIR" /Users/"$PNUM"
|
|
|
|
# Meldung
|
|
# sudo osascript -e 'tell application "SystemUIServer" to display dialog "Benutzer wurde lokal gelöscht!" buttons {"OK"} default button "OK"'
|
|
|
|
# Anlegen des Users aus dem AD (inkl. SercureToken)
|
|
sudo /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -n "$PNUM" -p "$PASS" -a "$ADMIN" -U "$APASS"
|
|
|
|
# Meldung
|
|
sudo osascript -e 'tell application "SystemUIServer" to display dialog "AD-Benutzer wurde erfolgreich angelegt!" buttons {"OK"} default button "OK"'
|
|
|
|
|
|
|
|
exit 0 |