Class: Chef::Util::Windows::NetUser

Inherits:
Chef::Util::Windows show all
Defined in:
lib/chef/util/windows/net_user.rb

Overview

wrapper around a subset of the NetUser* APIs. nothing Chef specific, but not complete enough to be its own gem, so util for now.

Constant Summary collapse

LOGON32_PROVIDER_DEFAULT = 
0
LOGON32_LOGON_NETWORK = 
3

Instance Method Summary collapse

Constructor Details

#initialize(username) ⇒ NetUser

Returns a new instance of NetUser.



117
118
119
120
 
# File 'lib/chef/util/windows/net_user.rb', line 117

def initialize(username)
  @username = username
  @name = multi_to_wide(username)
end

Instance Method Details

#add(args) ⇒ Object 



151
152
153
154
155
156
157
158
159
160
161
162
163
 
# File 'lib/chef/util/windows/net_user.rb', line 151

def add(args)
  user = (args)
  buffer = (user)

  rc = NetUserAdd.call(nil, 3, buffer, rc)
  if rc != NERR_Success
    raise ArgumentError, get_last_error(rc)
  end

  #usri3_primary_group_id:
  #"When you call the NetUserAdd function, this member must be DOMAIN_GROUP_RID_USERS"
  NetLocalGroupAddMembers(nil, multi_to_wide("Users"), 3, buffer[0,PTR_SIZE], 1)
end

#check_enabledObject 



208
209
210
 
# File 'lib/chef/util/windows/net_user.rb', line 208

def check_enabled
  (get_info()[:flags] & UF_ACCOUNTDISABLE) != 0
end

#deleteObject 



181
182
183
184
185
186
 
# File 'lib/chef/util/windows/net_user.rb', line 181

def delete
  rc = NetUserDel.call(nil, @name)
  if rc != NERR_Success
    raise ArgumentError, get_last_error(rc)
  end
end

#disable_accountObject 



188
189
190
191
192
193
194
195
196
 
# File 'lib/chef/util/windows/net_user.rb', line 188

def 
  user_modify do |user|
    user[:flags] |= UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#enable_accountObject 



198
199
200
201
202
203
204
205
206
 
# File 'lib/chef/util/windows/net_user.rb', line 198

def 
  user_modify do |user|
    user[:flags] &= ~UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#get_infoObject 



136
137
138
139
140
141
142
143
144
145
146
147
148
149
 
# File 'lib/chef/util/windows/net_user.rb', line 136

def get_info
  ptr  = 0.chr * PTR_SIZE
  rc = NetUserGetInfo.call(nil, @name, 3, ptr)

  if rc != NERR_Success
    raise ArgumentError, get_last_error(rc)
  end

  ptr = ptr.unpack('L')[0]
  buffer = 0.chr * 
  memcpy(buffer, ptr, buffer.size)
  NetApiBufferFree(ptr)
  (buffer)
end

#update(args) ⇒ Object 



173
174
175
176
177
178
179
 
# File 'lib/chef/util/windows/net_user.rb', line 173

def update(args)
  user_modify do |user|
    args.each do |key,val|
      user[key] = val
    end
  end
end

#user_modify(&proc) ⇒ Object 



165
166
167
168
169
170
171
 
# File 'lib/chef/util/windows/net_user.rb', line 165

def user_modify(&proc)
  user = get_info
  user[:last_logon] = user[:units_per_week] = 0 #ignored as per USER_INFO_3 doc
  user[:logon_hours] = nil #PBYTE field; \0 == no changes
  proc.call(user)
  set_info(user)
end

#validate_credentials(passwd) ⇒ Object

XXX for an extra painful alternative, see: support.microsoft.com/kb/180548



125
126
127
128
129
130
131
132
133
134
 
# File 'lib/chef/util/windows/net_user.rb', line 125

def validate_credentials(passwd)
  token = 0.chr * PTR_SIZE
  res = LogonUser.call(@username, nil, passwd,
                       LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, token)
  if res == 0
    return false
  end
  ::Windows::Handle::CloseHandle.call(token.unpack('L')[0])
  return true
end