Class: Inspec::Resources::WindowsGroup
- Defined in:
- lib/inspec/resources/groups.rb
Instance Attribute Summary
Attributes inherited from GroupInfo
Instance Method Summary collapse
-
#groups ⇒ Object
returns all local groups.
Methods inherited from GroupInfo
Constructor Details
This class inherits a constructor from Inspec::Resources::GroupInfo
Instance Method Details
#groups ⇒ Object
returns all local groups
236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 |
# File 'lib/inspec/resources/groups.rb', line 236 def groups script = <<-EOH Function ConvertTo-SID { Param([byte[]]$BinarySID) (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value } $Computername = $Env:Computername $adsi = [ADSI]"WinNT://$Computername" $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach { $name = $_.Name[0] $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0] $group =[ADSI]$_.Path $members = $_.Members() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) } # An empty collection of these objects isn't properly converted to an empty array by ConvertTo-Json if(-not [bool]$members) { $members = @() } new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain = $Computername; members = $members} } $groups | ConvertTo-Json -Depth 3 EOH cmd = inspec.powershell(script) # cannot rely on exit code for now, successful command returns exit code 1 # return nil if cmd.exit_status != 0, try to parse json begin groups = JSON.parse(cmd.stdout) rescue JSON::ParserError => _e return [] end # ensure we have an array of groups groups = [groups] unless groups.is_a?(Array) groups end |