Class: Inspec::Resources::WindowsGroup
- Defined in:
- lib/inspec/resources/groups.rb
Instance Attribute Summary
Attributes inherited from GroupInfo
Instance Method Summary collapse
-
#groups ⇒ Object
returns all local groups.
Methods inherited from GroupInfo
Constructor Details
This class inherits a constructor from Inspec::Resources::GroupInfo
Instance Method Details
#groups ⇒ Object
returns all local groups
316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 |
# File 'lib/inspec/resources/groups.rb', line 316 def groups script = <<-EOH Function ConvertTo-SID { Param([byte[]]$BinarySID) (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value } $Computername = $Env:Computername $adsi = [ADSI]"WinNT://$Computername" $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach { $name = $_.Name[0] $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0] $group =[ADSI]$_.Path $members = $_.Members() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) } # An empty collection of these objects isn't properly converted to an empty array by ConvertTo-Json if(-not [bool]$members) { $members = @() } new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain = $Computername; members = $members} } $groups | ConvertTo-Json -Depth 3 EOH cmd = inspec.powershell(script) # cannot rely on exit code for now, successful command returns exit code 1 # return nil if cmd.exit_status != 0, try to parse json begin groups = JSON.parse(cmd.stdout) rescue JSON::ParserError => _e return [] end # ensure we have an array of groups groups = [groups] unless groups.is_a?(Array) groups end |