Initialisation depot

2026-02-10 12:12:11 +01:00
commit c3176e8d79
818 changed files with 52573 additions and 0 deletions
--- a/Migration/create_samba_computers.sh
+++ b/Migration/create_samba_computers.sh
@@ -0,0 +1,139 @@
+#!/bin/bash
+
+# Script to create Samba4 computer accounts from CSV file using ldbmodify
+# Usage: ./create_samba_computers.sh
+
+# Set script directory for relative paths
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+CSV_FILE="$SCRIPT_DIR/Transfert/computers.csv"
+TEMPLATE_FILE="$SCRIPT_DIR/computer.ldif.orig"
+TEMP_LDIF="$SCRIPT_DIR/computer.ldif"
+
+# Check if running as root
+if [[ $EUID -ne 0 ]]; then
+    echo "Error: This script must be run as root to access Samba's LDB database."
+    echo "Please run with: sudo $0"
+    exit 1
+fi
+
+# Check if required files exist
+if [[ ! -f "$CSV_FILE" ]]; then
+    echo "Error: CSV file not found at $CSV_FILE"
+    exit 1
+fi
+
+if [[ ! -f "$TEMPLATE_FILE" ]]; then
+    echo "Error: Template file not found at $TEMPLATE_FILE"
+    exit 1
+fi
+
+# Check if ldbmodify is available
+if ! command -v ldbmodify &> /dev/null; then
+    echo "Error: ldbmodify command not found. Please ensure Samba4 is installed."
+    exit 1
+fi
+
+# Function to clean up temp file
+cleanup() {
+    if [[ -f "$TEMP_LDIF" ]]; then
+        rm -f "$TEMP_LDIF"
+        echo "Cleaned up temporary file: $TEMP_LDIF"
+    fi
+}
+
+# Set trap to cleanup on exit
+trap cleanup EXIT
+
+echo "Starting Samba4 computer account creation process..."
+echo "Reading computers from: $CSV_FILE"
+echo "Using template: $TEMPLATE_FILE"
+echo ""
+
+# Counter for statistics
+total_computers=0
+successful_computers=0
+failed_computers=0
+
+# Read CSV file line by line (skip header)
+while IFS=',' read -r NAME OBJECTSID; do
+    # Skip header line
+    if [[ "$NAME" == "NAME" && "$OBJECTSID" == "OBJECTSID" ]]; then
+        continue
+    fi
+    
+    total_computers=$((total_computers + 1))
+    
+    # Trim whitespace and newlines from variables
+    NAME=$(echo "$NAME" | tr -d '\r\n' | xargs)
+    OBJECTSID=$(echo "$OBJECTSID" | tr -d '\r\n' | xargs)
+    
+    echo "Processing computer $total_computers: $NAME"
+    
+    # Check if any required field is empty
+    if [[ -z "$NAME" || -z "$OBJECTSID" ]]; then
+        echo "  Warning: Skipping computer due to missing data (NAME='$NAME', OBJECTSID='$OBJECTSID')"
+        failed_computers=$((failed_computers + 1))
+        continue
+    fi
+    
+    # Validate ObjectSID format
+    if [[ ! "$OBJECTSID" =~ ^S-1-5-21- ]]; then
+        echo "  Warning: Skipping computer due to invalid ObjectSID format: $OBJECTSID"
+        failed_computers=$((failed_computers + 1))
+        continue
+    fi
+    
+    # Create computer.ldif from template by replacing placeholders
+    if ! cp "$TEMPLATE_FILE" "$TEMP_LDIF" 2>/dev/null; then
+        echo "  ✗ Failed to copy template file"
+        failed_computers=$((failed_computers + 1))
+        continue
+    fi
+    
+    # Use sed to replace placeholders (handle special characters properly)
+    sed -i "s|NAME|$NAME|g" "$TEMP_LDIF"
+    sed -i "s|OBJECTSID|$OBJECTSID|g" "$TEMP_LDIF"
+    
+    echo "  Created LDIF file for computer: $NAME"
+    
+    # Execute ldbmodify command
+    if ldbmodify -H /var/lib/samba/private/sam.ldb --controls="local_oid:1.3.6.1.4.1.7165.4.3.12:0" "$TEMP_LDIF" 2>/dev/null; then
+        echo "  ✓ Successfully created computer account: $NAME"
+        successful_computers=$((successful_computers + 1))
+    else
+        echo "  ✗ Failed to create computer account: $NAME"
+        echo "    Computer may already exist or check Samba permissions."
+        failed_computers=$((failed_computers + 1))
+    fi
+    
+    echo ""
+done < "$CSV_FILE"
+
+# Display final statistics
+echo "========================================="
+echo "Computer account creation process completed!"
+echo "Total computers processed: $total_computers"
+echo "Successfully created: $successful_computers"
+echo "Failed: $failed_computers"
+echo "========================================="
+
+# Note about permissions and next steps
+if [[ $failed_computers -gt 0 ]]; then
+    echo ""
+    echo "Note: If computer accounts failed to be created, possible causes:"
+    echo "1. Computer account already exists in the domain"
+    echo "2. ObjectSID conflict or duplication"
+    echo "3. Samba4 service not running: sudo systemctl status samba-ad-dc"
+fi
+
+if [[ $successful_computers -gt 0 ]]; then
+    echo ""
+    echo "✅ Computer accounts created successfully!"
+    echo "Next steps for each workstation:"
+    echo "1. On each computer, open PowerShell as Administrator"
+    echo "2. Run: Reset-ComputerMachinePassword -Credential <AdminAccount> -Server <DC_IP>"
+    echo "3. Reboot the computer to complete the domain rejoin process"
+    echo ""
+    echo "To verify created computer accounts:"
+    echo "samba-tool computer list"
+fi