Category Archives: Linux (Ubuntu/CentOS)
Script to grab all the domain groups for a user on a Linux system with Active Directory connection
#!/bin/sh
clear
USIDTEMP=”/var/tmp/USIDstr.tmp”
GSIDTEMP=”/var/tmp/GSIDstr.tmp”
NAMETEMP=”/var/tmp/NAMEstr.tmp”
#Reseting String storage veribles
>$USIDTEMP
>$GSIDTEMP
>$NAMETEMP
echo “command line to usergroup checker
please supply the domain you wish to check”
read DOM
DOMAIN=$(echo $DOM | tr [a-z] [A-Z])
clear
echo “What username do you wish to list groups for?”
read USERNAME
clear
USERSID=$(WINBINDD_SOCKET_DIR=/var/samba/$DOMAIN/ wbinfo –name-to-sid=$USERNAME &> $USIDTEMP)
echo “check Remote Proceedure Call (RPC) connection to domain”
echo ” “
WINBINDD_SOCKET_DIR=/var/samba/$DOMAIN/ wbinfo -t
echo ” “
echo “———————————————————“
echo ” “
echo “Current Domain Controller Bound To”
echo ” “
WINBINDD_SOCKET_DIR=/var/samba/$DOMAIN/ wbinfo –dc-info=$DOMAIN
echo ” “
echo “———————————————————“
echo ” “
echo “Check All List Domain In $DOMAIN current Status: “
echo ” “
WINBINDD_SOCKET_DIR=/var/samba/$DOMAIN/ wbinfo –online-status
echo ” “
echo “———————————————————“
echo ” “
echo ” “
#Save the username sid to a tmp file
WINBINDD_SOCKET_DIR=/var/samba/$DOMAIN/ wbinfo –name-to-sid=$USERNAME &> $USIDTEMP
#Read in the USID
cat $USIDTEMP | while read LINE
do
USERSID=$(echo $LINE | gawk ‘{print $1}’)
echo ” “
echo “Groups found for $USERNAME are:”
echo ” “
GROUPSID=$(WINBINDD_SOCKET_DIR=/var/samba/$DOMAIN/ wbinfo –user-sids=$USERSID &> $GSIDTEMP )
cat $GSIDTEMP | while read GLINE
do
>$NAMETEMP
TEST=$(WINBINDD_SOCKET_DIR=/var/samba/$DOMAIN/ wbinfo –sid-to-name=$GLINE &> $NAMETEMP)
cat $NAMETEMP | gawk ‘BEGIN{FS=”\\”}{print $1″,”$2}’ | while read NLINE
do
T=$(echo $NLINE | rev | cut -c1)
if [ $T = 2 ]; then
echo $NLINE | gawk ‘BEGIN{FS=”,”}{print $1″\\”$2}’|sed ‘s/.$//’
fi
done
done
done
Common Linux Commands
#ping google.com
#ping -I ethF 192.168.1.1 (from a particular source interface)
#traceroute google.com
#/sbin/ifconfig (all active network interfaces and some interface statistics)(add or change IP addresses)
# ifconfig -a
# ip addr
#setup (to change the default interface or changing the interface IPs etc)
#reboot
#clear (to clear the screen)
#ip neigh flush all (clear arp cache)
#ifconfig
#dig http://www.google.com (just like nslookup in windows)
#curl http://bbc.co.uk
#route -n (or route (to print the routing table in linux)
#route add default gw 10.0.1.1 eth0 (to add a default route)
#route add -net 10.0.1.0 netmask 255.255.255.0 gw 10.0.1.1
#route del -net 10.0.1.0 netmask 255.255.255.0 gw 10.0.1.1
To add a route on the windows machine to force route the traffic through a particular gateway when two connections are connected on it
c:/>route ADD “network” MASK “subnet mask” “gateway ip”
c:/>route ADD 8.8.8.8 MASK 255.255.255.0 192.168.1.12
or
c:/>route ADD 10.10.10.0 MASK 255.255.255.0 192.168.1.12
To mount a USB under the linux shell (USB should be in FAT32 and it should the first partition as FAT32)
#tail -f /var/log/messages-2014-10-23 (to see which directory it is read as e.g. /dev/sdb1 , once plugged in)
#cat /proc/partitions (to see which /dev/ directory it is plugged into) or #fdisk -l
#mkdir /tmp/usb (create a mount point)
#mount /dev/sdb1 /tmp/usb
#cp /var/archive/backup123. /tmp/usb
#unmount /tmp/usb
System information commands
#vmstat (summary information for system load and usage, but does not show individual processes)
#ps aux (display all processes running on the Linux system)(to search for specific processes or list them all)
#ps aux | grep auth (all the processes that have auth in them)
#ps auxf | sort -nr -k 4 | head -10 (shows the top 10 memory consuming processes)
#cat /proc/cpuinfo (lot of information about the system and the hardware associated)
#cat /proc/meminfo (information on memory and memory usage)
#cat /proc/mounts (various file systems and where they are mounted and which options have been used)
#df -h (Show a summary of disk usage and some useful key combinations Keyboard Combinations SHIFT + PAGE UP scroll up the screen CTRL + C stop a running command eg ping)
iftop to monitor traffic bandwidth usage
iftop -i ethF
iftop -i ethF -f “dst host Linux.com”
iftop -i ethF -f “dst host 8.8.8.8”
Netstat commands on Linux
To see the number of concurrent DNS requests at a time through the Smoothwall:
netstat -anp | grep dnsmasq | wc -l
To see the number of sessions open through the external connection:
netstat -an | wc -l
To see the process ID ofthe windows process using netstat:
netstat -a -n -o
