#!/bin/bash # Script to create Samba4 computer accounts from CSV file using ldbmodify # Usage: ./create_samba_computers.sh # Set script directory for relative paths SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" CSV_FILE="$SCRIPT_DIR/Transfert/computers.csv" TEMPLATE_FILE="$SCRIPT_DIR/computer.ldif.orig" TEMP_LDIF="$SCRIPT_DIR/computer.ldif" # Check if running as root if [[ $EUID -ne 0 ]]; then echo "Error: This script must be run as root to access Samba's LDB database." echo "Please run with: sudo $0" exit 1 fi # Check if required files exist if [[ ! -f "$CSV_FILE" ]]; then echo "Error: CSV file not found at $CSV_FILE" exit 1 fi if [[ ! -f "$TEMPLATE_FILE" ]]; then echo "Error: Template file not found at $TEMPLATE_FILE" exit 1 fi # Check if ldbmodify is available if ! command -v ldbmodify &> /dev/null; then echo "Error: ldbmodify command not found. Please ensure Samba4 is installed." exit 1 fi # Function to clean up temp file cleanup() { if [[ -f "$TEMP_LDIF" ]]; then rm -f "$TEMP_LDIF" echo "Cleaned up temporary file: $TEMP_LDIF" fi } # Set trap to cleanup on exit trap cleanup EXIT echo "Starting Samba4 computer account creation process..." echo "Reading computers from: $CSV_FILE" echo "Using template: $TEMPLATE_FILE" echo "" # Counter for statistics total_computers=0 successful_computers=0 failed_computers=0 # Read CSV file line by line (skip header) while IFS=',' read -r NAME OBJECTSID; do # Skip header line if [[ "$NAME" == "NAME" && "$OBJECTSID" == "OBJECTSID" ]]; then continue fi total_computers=$((total_computers + 1)) # Trim whitespace and newlines from variables NAME=$(echo "$NAME" | tr -d '\r\n' | xargs) OBJECTSID=$(echo "$OBJECTSID" | tr -d '\r\n' | xargs) echo "Processing computer $total_computers: $NAME" # Check if any required field is empty if [[ -z "$NAME" || -z "$OBJECTSID" ]]; then echo " Warning: Skipping computer due to missing data (NAME='$NAME', OBJECTSID='$OBJECTSID')" failed_computers=$((failed_computers + 1)) continue fi # Validate ObjectSID format if [[ ! "$OBJECTSID" =~ ^S-1-5-21- ]]; then echo " Warning: Skipping computer due to invalid ObjectSID format: $OBJECTSID" failed_computers=$((failed_computers + 1)) continue fi # Create computer.ldif from template by replacing placeholders if ! cp "$TEMPLATE_FILE" "$TEMP_LDIF" 2>/dev/null; then echo " ✗ Failed to copy template file" failed_computers=$((failed_computers + 1)) continue fi # Use sed to replace placeholders (handle special characters properly) sed -i "s|NAME|$NAME|g" "$TEMP_LDIF" sed -i "s|OBJECTSID|$OBJECTSID|g" "$TEMP_LDIF" echo " Created LDIF file for computer: $NAME" # Execute ldbmodify command if ldbmodify -H /var/lib/samba/private/sam.ldb --controls="local_oid:1.3.6.1.4.1.7165.4.3.12:0" "$TEMP_LDIF" 2>/dev/null; then echo " ✓ Successfully created computer account: $NAME" successful_computers=$((successful_computers + 1)) else echo " ✗ Failed to create computer account: $NAME" echo " Computer may already exist or check Samba permissions." failed_computers=$((failed_computers + 1)) fi echo "" done < "$CSV_FILE" # Display final statistics echo "=========================================" echo "Computer account creation process completed!" echo "Total computers processed: $total_computers" echo "Successfully created: $successful_computers" echo "Failed: $failed_computers" echo "=========================================" # Note about permissions and next steps if [[ $failed_computers -gt 0 ]]; then echo "" echo "Note: If computer accounts failed to be created, possible causes:" echo "1. Computer account already exists in the domain" echo "2. ObjectSID conflict or duplication" echo "3. Samba4 service not running: sudo systemctl status samba-ad-dc" fi if [[ $successful_computers -gt 0 ]]; then echo "" echo "✅ Computer accounts created successfully!" echo "Next steps for each workstation:" echo "1. On each computer, open PowerShell as Administrator" echo "2. Run: Reset-ComputerMachinePassword -Credential -Server " echo "3. Reboot the computer to complete the domain rejoin process" echo "" echo "To verify created computer accounts:" echo "samba-tool computer list" fi