Class: Chef::Util::Windows::NetUser
- Inherits:
-
Chef::Util::Windows
- Object
- Chef::Util::Windows
- Chef::Util::Windows::NetUser
- Defined in:
- lib/chef/util/windows/net_user.rb
Overview
wrapper around a subset of the NetUser* APIs. nothing Chef specific, but not complete enough to be its own gem, so util for now.
Constant Summary collapse
- LOGON32_PROVIDER_DEFAULT =
Security::LOGON32_PROVIDER_DEFAULT
- LOGON32_LOGON_NETWORK =
Security::LOGON32_LOGON_NETWORK
Instance Method Summary collapse
- #add(args) ⇒ Object
- #check_enabled ⇒ Object
- #delete ⇒ Object
- #disable_account ⇒ Object
- #enable_account ⇒ Object
- #get_info ⇒ Object
-
#initialize(username) ⇒ NetUser
constructor
A new instance of NetUser.
- #update(args) ⇒ Object
-
#user_modify {|user| ... } ⇒ Object
FIXME: yard with @yield.
-
#validate_credentials(passwd) ⇒ Object
XXX for an extra painful alternative, see: support.microsoft.com/kb/180548.
Constructor Details
#initialize(username) ⇒ NetUser
Returns a new instance of NetUser.
89 90 91 |
# File 'lib/chef/util/windows/net_user.rb', line 89 def initialize(username) @username = username end |
Instance Method Details
#add(args) ⇒ Object
121 122 123 124 125 |
# File 'lib/chef/util/windows/net_user.rb', line 121 def add(args) transformed_args = transform_usri3(args) NetUser.net_user_add_l3(nil, transformed_args) NetUser.net_local_group_add_member(nil, Chef::ReservedNames::Win32::Security::SID.BuiltinUsers.account_simple_name, args[:name]) end |
#check_enabled ⇒ Object
170 171 172 |
# File 'lib/chef/util/windows/net_user.rb', line 170 def check_enabled (get_info[:flags] & NetUser::UF_ACCOUNTDISABLE) != 0 end |
#delete ⇒ Object
144 145 146 147 148 |
# File 'lib/chef/util/windows/net_user.rb', line 144 def delete NetUser.net_user_del(nil, @username) rescue Chef::Exceptions::Win32APIError => e raise ArgumentError, e end |
#disable_account ⇒ Object
150 151 152 153 154 155 156 157 158 |
# File 'lib/chef/util/windows/net_user.rb', line 150 def disable_account user_modify do |user| user[:flags] |= NetUser::UF_ACCOUNTDISABLE # This does not set the password to nil. It (for some reason) means to ignore updating the field. # See similar behavior for the logon_hours field documented at # http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx user[:password] = nil end end |
#enable_account ⇒ Object
160 161 162 163 164 165 166 167 168 |
# File 'lib/chef/util/windows/net_user.rb', line 160 def enable_account user_modify do |user| user[:flags] &= ~NetUser::UF_ACCOUNTDISABLE # This does not set the password to nil. It (for some reason) means to ignore updating the field. # See similar behavior for the logon_hours field documented at # http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx user[:password] = nil end end |
#get_info ⇒ Object
112 113 114 115 116 117 118 119 |
# File 'lib/chef/util/windows/net_user.rb', line 112 def get_info begin ui3 = NetUser.net_user_get_info_l3(nil, @username) rescue Chef::Exceptions::Win32APIError => e raise ArgumentError, e end usri3_to_hash(ui3) end |
#update(args) ⇒ Object
136 137 138 139 140 141 142 |
# File 'lib/chef/util/windows/net_user.rb', line 136 def update(args) user_modify do |user| args.each do |key, val| user[key] = val end end end |
#user_modify {|user| ... } ⇒ Object
FIXME: yard with @yield
128 129 130 131 132 133 134 |
# File 'lib/chef/util/windows/net_user.rb', line 128 def user_modify user = get_info user[:last_logon] = user[:units_per_week] = 0 # ignored as per USER_INFO_3 doc user[:logon_hours] = nil # PBYTE field; \0 == no changes yield(user) set_info(user) end |
#validate_credentials(passwd) ⇒ Object
XXX for an extra painful alternative, see: support.microsoft.com/kb/180548
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 |
# File 'lib/chef/util/windows/net_user.rb', line 96 def validate_credentials(passwd) token = Security.logon_user(@username, nil, passwd, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT) true rescue Chef::Exceptions::Win32APIError => e Chef::Log.trace(e) # we're only interested in the incorrect password failures if e.to_s =~ /System Error Code: 1326/ return false end # all other exceptions will assume we cannot logon for a different reason Chef::Log.trace("Unable to login with the specified credentials. Assuming the credentials are valid.") true end |