|
@@ -71,12 +71,14 @@ sudo realm deny --all
|
|
|
# Allow login to domain groups
|
|
# Allow login to domain groups
|
|
|
sudo realm permit -g "Domain Admins"
|
|
sudo realm permit -g "Domain Admins"
|
|
|
sudo realm permit -g "Access - Admin - All Servers"
|
|
sudo realm permit -g "Access - Admin - All Servers"
|
|
|
|
|
+sudo realm permit -g "Access - Admin - All Linux Servers"
|
|
|
sudo realm permit -g "Access - Admin - $HOST"
|
|
sudo realm permit -g "Access - Admin - $HOST"
|
|
|
sudo realm permit -g "AnsibleAdmins"
|
|
sudo realm permit -g "AnsibleAdmins"
|
|
|
|
|
|
|
|
# Set up sudoers file
|
|
# Set up sudoers file
|
|
|
echo "%Domain\ Admins ALL=(ALL:ALL) ALL" | sudo tee /etc/sudoers.d/LocalAdmins > /dev/null
|
|
echo "%Domain\ Admins ALL=(ALL:ALL) ALL" | sudo tee /etc/sudoers.d/LocalAdmins > /dev/null
|
|
|
echo "%Access\ -\ Admin\ -\ All\ Servers ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
echo "%Access\ -\ Admin\ -\ All\ Servers ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
|
|
|
+echo "%Access\ -\ Admin\ -\ All\ Linux\ Servers ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
|
echo "%Access\ -\ Admin\ -\ $HOST ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
echo "%Access\ -\ Admin\ -\ $HOST ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
|
echo "%AnisbleAdmins ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
echo "%AnisbleAdmins ALL=(ALL) ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
|
echo "Ansible ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
|
echo "Ansible ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers.d/LocalAdmins > /dev/null
|
