Class: Inspec::Resources::WindowsGroup

Inherits:
GroupInfo
  • Object
show all
Defined in:
lib/resources/groups.rb

Instance Attribute Summary

Attributes inherited from GroupInfo

#inspec

Instance Method Summary collapse

Methods inherited from GroupInfo

#initialize

Constructor Details

This class inherits a constructor from Inspec::Resources::GroupInfo

Instance Method Details

#groupsObject

returns all local groups



160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
 
# File 'lib/resources/groups.rb', line 160

def groups
  script = <<-EOH
Function  ConvertTo-SID { Param([byte[]]$BinarySID)
  (New-Object  System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
}

$Computername =  $Env:Computername
$adsi  = [ADSI]"WinNT://$Computername"
$groups = $adsi.Children | where {$_.SchemaClassName -eq  'group'} |  ForEach {
  $name = $_.Name[0]
  $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0]
  $group =[ADSI]$_.Path
  new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain=$Computername}
}
$groups | ConvertTo-Json -Depth 3
  EOH
  cmd = inspec.powershell(script)
  # cannot rely on exit code for now, successful command returns exit code 1
  # return nil if cmd.exit_status != 0, try to parse json
  begin
    groups = JSON.parse(cmd.stdout)
  rescue JSON::ParserError => _e
    return []
  end

  # ensure we have an array of groups
  groups = [groups] if !groups.is_a?(Array)
  groups
end