#!/bin/bash

if [ -z "$1" ]
then
    echo "Error: Please specify the secret-id."
    exit 1
fi

sudo yum update -y
sudo yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y
sudo cat /etc/resolv.conf
userName=$(aws secretsmanager get-secret-value --secret-id $1 --version-stage AWSCURRENT --output json | jq -r '.SecretString' | jq -r .userName)
paswrd=$(aws secretsmanager get-secret-value --secret-id $1 --version-stage AWSCURRENT --output json | jq -r '.SecretString' | jq -r .password)
domain=$(aws secretsmanager get-secret-value --secret-id $1 --version-stage AWSCURRENT --output json | jq -r '.SecretString' | jq -r .domain)
sudo echo $paswrd | sudo realm join --user=$userName $domain
sudo realm list
sudo sed -i '/PasswordAuthentication no/c #PasswordAuthentication no' /etc/ssh/sshd_config
sudo sed -i '/PasswordAuthentication yes/c #PasswordAuthentication yes' /etc/ssh/sshd_config
sudo sed -i '$ a PasswordAuthentication yes' /etc/ssh/sshd_config
sudo service sshd restart