diff --git a/BashScripts/install-fileserver-as-dc-member.sh b/BashScripts/install-fileserver-as-dc-member.sh
new file mode 100644
index 0000000..fed92fb
--- /dev/null
+++ b/BashScripts/install-fileserver-as-dc-member.sh
@@ -0,0 +1,170 @@
+# Install using: sudo su -c "bash <(wget -qO- /url/to/install-fileserver-as-dc-member.sh)"
+
+# Make sure script is ran as root
+if [[ $EUID -ne 0 ]]; then
+        exec sudo /bin/bash "$0" "$@"
+fi
+read -e -p "Enter DC administrator username: " -i $(logname) ADMINUSER
+read -e -p "Enter realm: " -i "myspace.local" DCREALM
+read -e -p "Enter workgroup: " -i "MYSPACE" WORKGROUP
+read -e -p "Enter fileserver hostname: " -i "ubuntulabb" FSHOSTNAME
+read -e -p "Enter dc hostname: " -i "dc1" DCHOSTNAME
+read -e -p "Enter dc/dns IP: " -i "192.168.0.9" DNSIP
+
+apt install -y samba
+apt install -y realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit
+hostnamectl set-hostname ${FSHOSTNAME,,}.${DCREALM,,}
+
+systemctl disable systemd-resolved.service
+systemctl stop systemd-resolved.service
+# systemctl status systemd-resolved.service
+
+# Update /etc/resolv.conf with DC as nameserver
+sed -i -E "s/nameserver .*?/nameserver $DNSIP/" /etc/resolv.conf
+
+realm discover ${DCREALM,,}
+realm join -U $ADMINUSER ${DCREALM,,}
+realm list
+
+# Update /usr/share/pam-configs/mkhomedir
+sed -i -E "s/Default:.*?/Default: yes/" /usr/share/pam-configs/mkhomedir
+sed -i -E "s/Priority:.*?/Priority: 900/" /usr/share/pam-configs/mkhomedir
+sed -i -E "s/Session-Interactive-Only:.*?//" /usr/share/pam-configs/mkhomedir
+# sed -i '/Session-Interactive-Only:.*?/d' /usr/share/pam-configs/mkhomedir
+
+pam-auth-update
+# pam-auth-update --enable mkhomedir
+
+systemctl restart sssd
+# systemctl status sssd
+
+id $ADMINUSER@${DCREALM,,}
+
+realm permit --all
+mkdir -p /var/fileshare/data
+chmod -R uga+rwx /var/fileshare/
+
+echo "%domain\ admins@${DCREALM,,} ALL=(ALL) ALL">/etc/sudoers.d/domain-admins
+
+apt -y install winbind libpam-winbind libnss-winbind krb5-config
+
+sudo tee /etc/krb5.conf > /dev/null <<EOL
+[libdefaults]
+    default_realm = ${DCREALM^^}
+    dns_lookup_realm = true
+    dns_lookup_kdc = true
+    ticket_lifetime = 24h
+    renew_lifetime = 7d
+    forwardable = true
+
+[realms]
+    ${DCREALM^^} = {
+        kdc = ${DCHOSTNAME,,}.${DCREALM,,}
+        admin_server = ${DCHOSTNAME,,}.${DCREALM,,}
+        default_domain = ${DCREALM,,}
+    }
+
+[domain_realm]
+    .${DCREALM,,} = ${DCREALM^^}
+    ${DCREALM,,} = ${DCREALM^^}
+EOL
+
+sudo tee /etc/nsswitch.conf > /dev/null <<EOL
+passwd: compat winbind
+group: compat winbind
+shadow: compat winbind
+
+hosts: files dns
+networks: files
+
+protocols: db files
+services: db files
+ethers: db files
+rpc: db files
+
+netgroup: nis
+EOL
+
+sudo tee /etc/pam.d/common-session > /dev/null <<EOL
+session [default=1]     pam_permit.so
+session requisite       pam_deny.so
+session required        pam_permit.so
+session optional        pam_umask.so
+session required        pam_unix.so
+session required        pam_mkhomedir.so skel=/etc/skel/ umask=0077
+session required        pam_winbind.so
+session optional        pam_sss.so
+session optional        pam_systemd.so
+EOL
+
+sudo tee /etc/pam.d/common-session-noninteractive > /dev/null <<EOL
+session [default=1]     pam_permit.so
+session requisite       pam_deny.so
+session required        pam_permit.so
+session optional        pam_umask.so
+session required        pam_unix.so
+session required        pam_mkhomedir.so skel=/etc/skel/ umask=0077
+session required        pam_winbind.so
+session optional        pam_winbind.so
+EOL
+
+sudo tee /etc/samba/smb.conf > /dev/null <<EOL
+[global]
+   workgroup = ${WORKGROUP^^}
+   realm = ${DCREALM,,}
+   security = ads
+   encrypt passwords = yes
+   idmap config * : backend = tdb
+   idmap config * : range = 3000-7999
+   idmap config ${DCREALM,,} : backend = rid
+   idmap config ${DCREALM,,} : range = 10000-999999
+   template homedir = /home/%U
+   template shell = /bin/bash
+   winbind use default domain = true
+   winbind offline logon = false
+
+[data]
+        comment = Samba File Server Share
+        path = /var/fileshare/data
+        browsable = yes
+        guest ok = yes
+        read only = no
+        create mask = 777
+        force create mode = 777
+        directory mask = 777
+        force directory mode = 777
+        valid users = "@${WORKGROUP^^}\domain users"
+        # force user = root
+        # force group = root
+        writeable = yes
+        # admin users = root
+        oplocks = yes
+        # valid users = @"${DCREALM,,}+Domain Users"
+[/data]
+EOL
+
+sudo tee /etc/security/pam_winbind.conf > /dev/null <<EOL
+[global]
+debug = no
+EOL
+
+echo "Rejoining domain..."
+# kinit $ADMINUSER@${DCREALM,,}
+net ads join -U $ADMINUSER -S ${DCHOSTNAME,,}.${DCREALM,,}
+
+# systemctl restart smbd
+smbcontrol smbd reload-config
+systemctl restart winbind
+
+# Clear Winbind cache
+service winbind stop
+service smbd stop
+net cache flush
+rm /var/lib/samba/*.tdb
+service smbd start
+service winbind start
+
+echo "Found admin user:"
+getent passwd ${WORKGROUP^^}\\$ADMINUSER
+echo "Found domain users:"
+wbinfo --domain-users