32 lines
1.1 KiB
Bash
Executable File
32 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
echo -n "What is the IP address of the vsim? "
|
|
read VSIM
|
|
|
|
echo -n "What is the IP address of the KDC? "
|
|
read KDC
|
|
|
|
KRB_REALM=`ssh $KDC "cat /etc/krb5.conf" | grep " = {" | awk '{print $1}'`
|
|
LC_REALM=`echo $KRB_REALM | tr '[:upper:]' '[:lower:]'`
|
|
VSERVER=`ssh admin@$VSIM "vserver show" | grep data | awk '{print $1}'`
|
|
LIFS=`ssh admin@$VSIM "kerberos interface show" | grep $VSERVER | awk '{print $2}'`
|
|
|
|
echo
|
|
echo -n "Joining vserver $VSERVER to Kerberos realm $KRB_REALM on lif(s): "
|
|
echo $LIFS | sed 's/ /, /g'
|
|
|
|
ssh_vsim () {
|
|
ssh admin@$VSIM "$*" | grep -v "Last login time" | sed '/^[[:space:]]*$/d'
|
|
}
|
|
|
|
ssh_vsim vserver nfs kerberos realm create -realm $KRB_REALM -kdc-vendor other -kdc-ip $KDC -kdc-port 88 -clock-skew 5 -adminserver-ip $KDC -adminserver-port 749 -passwordserver-ip $KDC -passwordserver-port 464 -vserver $VSERVER
|
|
|
|
for lif in $LIFS; do
|
|
ssh_vsim kerberos interface enable -lif $lif -vserver $VSERVER -keytab-uri http://$KDC/$lif.keytab -spn nfs/$lif.$LC_REALM@$KRB_REALM
|
|
done
|
|
|
|
echo
|
|
ssh_vsim nfs kerberos realm show
|
|
echo
|
|
ssh_vsim nfs kerberos interface show
|