class Chef::Util::Windows::NetUser
wrapper around a subset of the NetUser* APIs. nothing Chef
specific, but not complete enough to be its own gem, so util for now.
Constants
- LOGON32_LOGON_NETWORK
- LOGON32_PROVIDER_DEFAULT
- NetUser
- Security
- USER_INFO_3_TRANSFORM
- Win32APIError
Public Class Methods
Source
# File lib/chef/util/windows/net_user.rb, line 89 def initialize(username) @username = username end
Public Instance Methods
Source
# File lib/chef/util/windows/net_user.rb, line 121 def add(args) transformed_args = transform_usri3(args) NetUser.net_user_add_l3(nil, transformed_args) NetUser.net_local_group_add_member(nil, Chef::ReservedNames::Win32::Security::SID.BuiltinUsers.account_simple_name, args[:name]) end
Source
# File lib/chef/util/windows/net_user.rb, line 170 def check_enabled (get_info[:flags] & NetUser::UF_ACCOUNTDISABLE) != 0 end
Source
# File lib/chef/util/windows/net_user.rb, line 144 def delete NetUser.net_user_del(nil, @username) rescue Chef::Exceptions::Win32APIError => e raise ArgumentError, e end
Source
# File lib/chef/util/windows/net_user.rb, line 150 def disable_account user_modify do |user| user[:flags] |= NetUser::UF_ACCOUNTDISABLE # This does not set the password to nil. It (for some reason) means to ignore updating the field. # See similar behavior for the logon_hours field documented at # http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx user[:password] = nil end end
Source
# File lib/chef/util/windows/net_user.rb, line 160 def enable_account user_modify do |user| user[:flags] &= ~NetUser::UF_ACCOUNTDISABLE # This does not set the password to nil. It (for some reason) means to ignore updating the field. # See similar behavior for the logon_hours field documented at # http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx user[:password] = nil end end
Source
# File lib/chef/util/windows/net_user.rb, line 112 def get_info begin ui3 = NetUser.net_user_get_info_l3(nil, @username) rescue Chef::Exceptions::Win32APIError => e raise ArgumentError, e end usri3_to_hash(ui3) end
Source
# File lib/chef/util/windows/net_user.rb, line 136 def update(args) user_modify do |user| args.each do |key, val| user[key] = val end end end
Source
# File lib/chef/util/windows/net_user.rb, line 128 def user_modify user = get_info user[:last_logon] = user[:units_per_week] = 0 # ignored as per USER_INFO_3 doc user[:logon_hours] = nil # PBYTE field; \0 == no changes yield(user) set_info(user) end
FIXME: yard with @yield
Source
# File lib/chef/util/windows/net_user.rb, line 96 def validate_credentials(passwd) token = Security.logon_user(@username, nil, passwd, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT) true rescue Chef::Exceptions::Win32APIError => e Chef::Log.trace(e) # we're only interested in the incorrect password failures if /System Error Code: 1326/.match?(e.to_s) return false end # all other exceptions will assume we cannot logon for a different reason Chef::Log.trace("Unable to login with the specified credentials. Assuming the credentials are valid.") true end
XXX for an extra painful alternative, see: support.microsoft.com/kb/180548
Private Instance Methods
Source
# File lib/chef/util/windows/net_user.rb, line 81 def set_info(args) rc = NetUser.net_user_set_info_l3(nil, @username, transform_usri3(args)) rescue Chef::Exceptions::Win32APIError => e raise ArgumentError, e end
Source
# File lib/chef/util/windows/net_user.rb, line 66 def transform_usri3(args) args.inject({}) do |memo, (k, v)| memo[USER_INFO_3_TRANSFORM[k]] = v memo end end
Source
# File lib/chef/util/windows/net_user.rb, line 73 def usri3_to_hash(usri3) t = USER_INFO_3_TRANSFORM.invert usri3.inject({}) do |memo, (k, v)| memo[t[k]] = v memo end end