SysAdmin

Troubleshooting 1sudo realm list 2authselect current 3sssctl domain-list 4sssctl config-check 5getent -s files passwd 6getent -s sss passwd user 7getent passwd 8dig -t SRV _ldap._tcp.example.com 9sssctl user-checks toto -s sshd -a auth SSSD process config to link to AD Prerequisites : Need port 369 and 3268 for RHEL8 : 1dnf -y install realmd adcli sssd oddjob oddjob-mkhomedir samba-common-tools krb5-workstation authselect-compat 2 3realm discover example.com 4realm join example.com -U svc-sssd --client-software=sssd --os-name=RedHat --os-version=8 5 6sudo authselect select sssd with-mkhomedir 7sudo systemctl enable --now oddjobd.service inside /etc/sssd/sssd.conf 1[sssd] 2services = nss, pam, ssh, sudo 3domains = example.com 4config_file_version = 2 5default_domain_suffix = example.com 6 7[domain/example.com] 8default_shell = /bin/bash 9override_shell = /bin/bash 10 11ad_domain = example.com 12krb5_realm = example.com 13realmd_tags = manages-system joined-with-adcli 14cache_credentials = True 15id_provider = ad 16krb5_store_password_if_offline = True 17ldap_id_mapping = True 18ldap_user_objectsid = objectSid 19ldap_group_objectsid = objectSid 20ldap_user_primary_group = primaryGroupID 21 22use_fully_qualified_names = True 23fallback_homedir = /home/%u 24 25access_provider = ad 26ldap_access_order=filter,expire 27ldap_account_expire_policy = ad 28ad_access_filter = (memberOf=CN=INTERNAL Team,OU=team-platform,OU=test-groups,DC=example,DC=com) 29 30 31[nss] 32homedir_substring = /home 33 34[pam] 35pam_pwd_expiration_warning = 7 36pam_account_expired_message = Account expired, please contact AD administrator. 37pam_account_locked_message = Account locked, please contact AD administrator. 38pam_verbosity = 3 39 40[ssh] 41 42[sudo] Reload config: 1sss_cache -E; systemctl restart sssd ; sss_cache -E 2systemctl status sssd define sudoers rights /etc/sudoers.d/admin : 1%EXAMPLE.COM\\internal\ team ALL=(ALL) ALL reload sudoers rights: 1realm permit -g 'internal team@example.com'

Tmux git clone https://github.com/tmux-plugins/tmux-logging.git Commandes line tmux new -s ma_session : Create new session. tmux attach : Attach to the last used session. tmux attach -t X : Attach to ymux sessions with X number. tmux ls : List active tmux sessions. tmux split-window -dh "!!" : Run command in separate panel. tmux source-file ~/.tmux.conf : Reload config Base Commandes with key-binding C-b w : List sessions/panels. C-b x : Close panel or session.

Unicode with With echo echo $’\xae’ = “®” Digraphs in VIM Vim has a special shorthand for entering characters with diacritical marks. If you need some familiar variant of a Latin alphabet character you’ll be able to input it with the digraph system. Digraph input is started in insert or command mode (but not normal mode) by pressing Ctrl-k, then two printable characters in succession. The first is often the “base” form of the letter, and the second denotes the appropriate embellishment.

Tutorials https://vimvalley.com/ https://vim-adventures.com/ https://www.vimgolf.com/ Plugins 1# HCL 2mkdir -p ~/.vim/pack/jvirtanen/start 3cd ~/.vim/pack/jvirtanen/start 4git clone https://github.com/jvirtanen/vim-hcl.git 5 6# Justfile 7mkdir -p ~/.vim/pack/vendor/start 8cd ~/.vim/pack/vendor/start 9git clone https://github.com/NoahTheDuke/vim-just.git Fun Facts trigger a vim tutorial vimtutor the most powerfull command: . : Repeat the last modification repete toutes les dernieres modif realisees. * : Where the cursor is located, keep in memory the word and goes to next one. .* : together repeat an action on next word.