Class: Chef::Util::Windows::NetUser

Inherits:
Chef::Util::Windows show all
Defined in:
lib/chef/util/windows/net_user.rb

Overview

wrapper around a subset of the NetUser* APIs. nothing Chef specific, but not complete enough to be its own gem, so util for now.

Constant Summary collapse

LOGON32_PROVIDER_DEFAULT =
Security::LOGON32_PROVIDER_DEFAULT
LOGON32_LOGON_NETWORK =
Security::LOGON32_LOGON_NETWORK

Instance Method Summary collapse

Constructor Details

#initialize(username) ⇒ NetUser

Returns a new instance of NetUser


88
89
90
# File 'lib/chef/util/windows/net_user.rb', line 88

def initialize(username)
  @username = username
end

Instance Method Details

#add(args) ⇒ Object


112
113
114
115
116
# File 'lib/chef/util/windows/net_user.rb', line 112

def add(args)
  transformed_args = transform_usri3(args)
  NetUser.net_user_add_l3(nil, transformed_args)
  NetUser.net_local_group_add_member(nil, Chef::ReservedNames::Win32::Security::SID.BuiltinUsers., args[:name])
end

#check_enabledObject


161
162
163
# File 'lib/chef/util/windows/net_user.rb', line 161

def check_enabled
  (get_info()[:flags] & NetUser::UF_ACCOUNTDISABLE) != 0
end

#deleteObject


135
136
137
138
139
# File 'lib/chef/util/windows/net_user.rb', line 135

def delete
  NetUser.net_user_del(nil, @username)
rescue Chef::Exceptions::Win32APIError => e
  raise ArgumentError, e
end

#disable_accountObject


141
142
143
144
145
146
147
148
149
# File 'lib/chef/util/windows/net_user.rb', line 141

def 
  user_modify do |user|
    user[:flags] |= NetUser::UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#enable_accountObject


151
152
153
154
155
156
157
158
159
# File 'lib/chef/util/windows/net_user.rb', line 151

def 
  user_modify do |user|
    user[:flags] &= ~NetUser::UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#get_infoObject


103
104
105
106
107
108
109
110
# File 'lib/chef/util/windows/net_user.rb', line 103

def get_info
  begin
    ui3 = NetUser.net_user_get_info_l3(nil, @username)
  rescue Chef::Exceptions::Win32APIError => e
    raise ArgumentError, e
  end
  usri3_to_hash(ui3)
end

#update(args) ⇒ Object


127
128
129
130
131
132
133
# File 'lib/chef/util/windows/net_user.rb', line 127

def update(args)
  user_modify do |user|
    args.each do |key, val|
      user[key] = val
    end
  end
end

#user_modify {|user| ... } ⇒ Object

FIXME: yard with @yield

Yields:

  • (user)

119
120
121
122
123
124
125
# File 'lib/chef/util/windows/net_user.rb', line 119

def user_modify
  user = get_info
  user[:last_logon] = user[:units_per_week] = 0 #ignored as per USER_INFO_3 doc
  user[:logon_hours] = nil #PBYTE field; \0 == no changes
  yield(user)
  set_info(user)
end

#validate_credentials(passwd) ⇒ Object

XXX for an extra painful alternative, see: http://support.microsoft.com/kb/180548


95
96
97
98
99
100
101
# File 'lib/chef/util/windows/net_user.rb', line 95

def validate_credentials(passwd)
  token = Security.logon_user(@username, nil, passwd,
             LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT)
  return true
rescue Chef::Exceptions::Win32APIError
  return false
end