Class: Inspec::Resources::WindowsGroup
- Defined in:
- lib/inspec/resources/groups.rb
Instance Attribute Summary
Attributes inherited from GroupInfo
Instance Method Summary collapse
-
#groups ⇒ Object
returns all local groups.
Methods inherited from GroupInfo
Constructor Details
This class inherits a constructor from Inspec::Resources::GroupInfo
Instance Method Details
#groups ⇒ Object
returns all local groups
264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 |
# File 'lib/inspec/resources/groups.rb', line 264 def groups script = <<-EOH Function ConvertTo-SID { Param([byte[]]$BinarySID) (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value } $Computername = $Env:Computername $adsi = [ADSI]"WinNT://$Computername" $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach { $name = $_.Name[0] $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0] $group =[ADSI]$_.Path $members = $_.Members() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) } # An empty collection of these objects isn't properly converted to an empty array by ConvertTo-Json if(-not [bool]$members) { $members = @() } new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain = $Computername; members = $members} } $groups | ConvertTo-Json -Depth 3 EOH cmd = inspec.powershell(script) # cannot rely on exit code for now, successful command returns exit code 1 # return nil if cmd.exit_status != 0, try to parse json begin groups = JSON.parse(cmd.stdout) rescue JSON::ParserError => _e return [] end # ensure we have an array of groups groups = [groups] unless groups.is_a?(Array) groups end |