#!/bin/bash

LOG_FILE="/var/log/inspect.log"

RET_BLANK=""
RET_SUCCESS="yes"
RET_FAILURE="no"
TIP_OPERARION_RESULT="RESULT"
TIP_JOINED_DOMAIN="JOINED DOMAIN"
TIP_DOMAIN_CONTROL_STATUS="DOMAIN AVAILABLE"

Result=""

#加入AD域状态 巡检项217借用脚本执行
if [ "$1" = "checkADDomain" ];then
    checkInfo=$( /usr/local/bin/nas_proto_auth -c show-join | grep \<join_state\>1\< )
    if [ "X$checkInfo" = "X" ];then
        echo "join_state:no"
    else
        echo "join_state:yes"
    fi
    HotPatchCheck=$(ls /var/huawei/patch/cur/sph/)
    if [ $? -ne 0 ];then
        echo "HotPatchCheck:Have no HotPatch"
        exit 0
    fi
    echo "HotPatchCheck:${HotPatchCheck}"
    exit 0
fi


function LOG 
{
   time=$(date)
   echo [${time}][$$]$@ >> $LOG_FILE
}

ad_joined_xml=$(/usr/local/bin/nas_proto_auth -c show-join|grep -E '<status>|<join_state>')
status=$(echo $ad_joined_xml|awk -F '<status>' '{print $2}'|awk -F '</status>' '{print $1}')
if [ "$status"x != "0"x ]; then
    LOG "[$FUNCNAME]nas_proto_auth show-join failed $status"
    Result="$TIP_OPERARION_RESULT:$RET_FAILURE||$TIP_JOINED_DOMAIN:$RET_BLANK||$TIP_DOMAIN_CONTROL_STATUS:$RET_BLANK"
    echo $Result
    exit 0
fi

ad_joined=$(echo $ad_joined_xml|awk -F '<join_state>' '{print $2}'|awk -F '</join_state>' '{print $1}')
if [ "$ad_joined"x != "1"x ]; then
    LOG "[$FUNCNAME]nas_proto_auth -c show-join false:$ad_joined"
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_FAILURE||$TIP_DOMAIN_CONTROL_STATUS:$RET_BLANK"
    echo $Result
    exit 0
fi

domain_fqdn_xml=$(/usr/local/bin/nas_proto_cfg -c get_ad_server|grep -E '<status>|<value>')
status=$(echo $domain_fqdn_xml|awk -F '<status>' '{print $2}'|awk -F '</status>' '{print $1}')
if [ "$status"x != "0"x ]; then
    LOG "[$FUNCNAME]nas_proto_cfg get_ad_server failed $status."
    Result="$TIP_OPERARION_RESULT:$RET_FAILURE||$TIP_JOINED_DOMAIN:$RET_SUCCESS||$TIP_DOMAIN_CONTROL_STATUS:$RET_BLANK"
    echo $Result
    exit 0
fi

domain_fqdn=$(echo $domain_fqdn_xml|awk -F '<value>' '{print $2}'|awk -F '</value>' '{print $1}')
kerbers_svc_rr="_kerberos._tcp.dc._msdcs"
dc_list=$(nslookup -q=srv $kerbers_svc_rr.$domain_fqdn|grep $kerbers_svc_rr|grep 'service ='|awk  '{print $NF}')
dc_num=$(echo $dc_list|awk '{print NF}')
alive_dc=0

for((i=1;i<=$dc_num;i++));do
    dc_fqdn_raw=$(echo $dc_list|awk '{print $'$i'}')
    if [ -z "$dc_fqdn_raw" ]; then
        continue
    fi
    
    last_char=$(echo ${dc_fqdn_raw: -1})
    dc_fqdn=""
    if [ $last_char = "." ]; then
        dc_fqdn=$(echo ${dc_fqdn_raw%.*})
    else
        dc_fqdn=$dc_fqdn_raw
    fi
	dc_ip4_list=$(nslookup  $dc_fqdn|grep 'Address: '|awk  '{print $NF}')
	dc_ip4_num=$(echo $dc_ip4_list|awk '{print NF}')
	dc_ip6_list=$(nslookup  -q=AAAA $dc_fqdn|grep 'AAAA address '|awk  '{print $NF}')
	dc_ip6_num=$(echo $dc_ip6_list|awk '{print NF}')

	for ((j=1;j<=$dc_ip4_num;j++)); do
		dc_ip_raw=$(echo $dc_ip4_list|awk '{print $'$j'}')
		if [ -z "$dc_ip_raw" ]; then
			continue
		fi
		
		last_char=$(echo ${dc_ip_raw: -1})
		dc_ip=""
		if [ $last_char = "." ]; then
			dc_ip=$(echo ${dc_ip_raw%.*})
		else
			dc_ip=$dc_ip_raw
		fi
		
		LOG "[$FUNCNAME]check $j/$dc_num dc $dc_ip starting"
		ping_rsp=$(ping $dc_ip -c 3 -w 7 2> /dev/null |grep 'ttl='|wc -l)
		if [ $ping_rsp -gt 0 ]; then
			alive_dc=1
			LOG "[$FUNCNAME]dc $dc_ip is reachable"
			break
		else
			LOG "[$FUNCNAME]WARN:dc $dc_ip is unreachable"
		fi
	done
       if [ "$alive_dc"x != "0"x ]; then
       break
       fi

	for ((j=1;j<=$dc_ip6_num;j++)); do
		dc_ip_raw=$(echo $dc_ip6_list|awk '{print $'$j'}')
		if [ -z "$dc_ip_raw" ]; then
			continue
		fi
		
		last_char=$(echo ${dc_ip_raw: -1})
		dc_ip=""
		if [ $last_char = "." ]; then
			dc_ip=$(echo ${dc_ip_raw%.*})
		else
			dc_ip=$dc_ip_raw
		fi
		
		LOG "[$FUNCNAME]check $j/$dc_num dc $dc_ip starting"
		ping_rsp=$(ping6 $dc_ip -c 3 -w 7 2> /dev/null |grep 'ttl='|wc -l)
		if [ $ping_rsp -gt 0 ]; then
			alive_dc=1
			LOG "[$FUNCNAME]dc $dc_ip is reachable"
			break
		else
			LOG "[$FUNCNAME]WARN:dc $dc_ip is unreachable"
		fi
	done
       if [ "$alive_dc"x != "0"x ]; then
       break
       fi
done

if [ $alive_dc -eq 0 ]; then
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_SUCCESS||$TIP_DOMAIN_CONTROL_STATUS:$RET_FAILURE"
else
    Result="$TIP_OPERARION_RESULT:$RET_SUCCESS||$TIP_JOINED_DOMAIN:$RET_SUCCESS||$TIP_DOMAIN_CONTROL_STATUS:$RET_SUCCESS"
fi

echo $Result
exit 0
