Class: Chef::Util::Windows::NetUser

Inherits:
Chef::Util::Windows show all
Defined in:
lib/chef/util/windows/net_user.rb

Overview

wrapper around a subset of the NetUser* APIs. nothing Chef specific, but not complete enough to be its own gem, so util for now.

Constant Summary collapse

LOGON32_PROVIDER_DEFAULT =
0
LOGON32_LOGON_NETWORK =
3

Instance Method Summary collapse

Constructor Details

#initialize(username) ⇒ NetUser

Returns a new instance of NetUser.



118
119
120
121
# File 'lib/chef/util/windows/net_user.rb', line 118

def initialize(username)
  @username = username
  @name = multi_to_wide(username)
end

Instance Method Details

#add(args) ⇒ Object



154
155
156
157
158
159
160
161
162
163
164
165
166
# File 'lib/chef/util/windows/net_user.rb', line 154

def add(args)
  user = (args)
  buffer = (user)

  rc = NetUserAdd.call(nil, 3, buffer, rc)
  if rc != NERR_Success
    raise ArgumentError, get_last_error(rc)
  end

  #usri3_primary_group_id:
  #"When you call the NetUserAdd function, this member must be DOMAIN_GROUP_RID_USERS"
  NetLocalGroupAddMembers(nil, multi_to_wide("Users"), 3, buffer[0,PTR_SIZE], 1)
end

#check_enabledObject



211
212
213
# File 'lib/chef/util/windows/net_user.rb', line 211

def check_enabled
  (get_info()[:flags] & UF_ACCOUNTDISABLE) != 0
end

#deleteObject



184
185
186
187
188
189
# File 'lib/chef/util/windows/net_user.rb', line 184

def delete
  rc = NetUserDel.call(nil, @name)
  if rc != NERR_Success
    raise ArgumentError, get_last_error(rc)
  end
end

#disable_accountObject



191
192
193
194
195
196
197
198
199
# File 'lib/chef/util/windows/net_user.rb', line 191

def 
  user_modify do |user|
    user[:flags] |= UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#enable_accountObject



201
202
203
204
205
206
207
208
209
# File 'lib/chef/util/windows/net_user.rb', line 201

def 
  user_modify do |user|
    user[:flags] &= ~UF_ACCOUNTDISABLE
    #This does not set the password to nil. It (for some reason) means to ignore updating the field.
    #See similar behavior for the logon_hours field documented at
    #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end

#get_infoObject



137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
# File 'lib/chef/util/windows/net_user.rb', line 137

def get_info
  ptr  = 0.chr * PTR_SIZE
  rc = NetUserGetInfo.call(nil, @name, 3, ptr)

  if rc == NERR_UserNotFound
    raise Chef::Exceptions::UserIDNotFound, get_last_error(rc)
  elsif rc != NERR_Success
    raise ArgumentError, get_last_error(rc)
  end

  ptr = ptr.unpack('L')[0]
  buffer = 0.chr * SIZEOF_USER_INFO_3
  memcpy(buffer, ptr, buffer.size)
  NetApiBufferFree(ptr)
  (buffer)
end

#update(args) ⇒ Object



176
177
178
179
180
181
182
# File 'lib/chef/util/windows/net_user.rb', line 176

def update(args)
  user_modify do |user|
    args.each do |key,val|
      user[key] = val
    end
  end
end

#user_modify(&proc) ⇒ Object



168
169
170
171
172
173
174
# File 'lib/chef/util/windows/net_user.rb', line 168

def user_modify(&proc)
  user = get_info
  user[:last_logon] = user[:units_per_week] = 0 #ignored as per USER_INFO_3 doc
  user[:logon_hours] = nil #PBYTE field; \0 == no changes
  proc.call(user)
  set_info(user)
end

#validate_credentials(passwd) ⇒ Object

XXX for an extra painful alternative, see: support.microsoft.com/kb/180548



126
127
128
129
130
131
132
133
134
135
# File 'lib/chef/util/windows/net_user.rb', line 126

def validate_credentials(passwd)
  token = 0.chr * PTR_SIZE
  res = LogonUser.call(@username, nil, passwd,
                       LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, token)
  if res == 0
    return false
  end
  ::Windows::Handle::CloseHandle.call(token.unpack('L')[0])
  return true
end