Class: Inspec::Resources::WindowsGroup

Inherits:
GroupInfo
  • Object
show all
Defined in:
lib/resources/groups.rb

Instance Attribute Summary

Attributes inherited from GroupInfo

#inspec

Instance Method Summary collapse

Methods inherited from GroupInfo

#initialize

Constructor Details

This class inherits a constructor from Inspec::Resources::GroupInfo

Instance Method Details

#groupsObject

returns all local groups



185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
 
# File 'lib/resources/groups.rb', line 185

def groups
  script = <<~EOH
    Function  ConvertTo-SID { Param([byte[]]$BinarySID)
      (New-Object  System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
    }

    $Computername =  $Env:Computername
    $adsi  = [ADSI]"WinNT://$Computername"
    $groups = $adsi.Children | where {$_.SchemaClassName -eq  'group'} |  ForEach {
      $name = $_.Name[0]
      $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0]
      $group =[ADSI]$_.Path
      new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain=$Computername}
    }
    $groups | ConvertTo-Json -Depth 3
  EOH
  cmd = inspec.powershell(script)
  # cannot rely on exit code for now, successful command returns exit code 1
  # return nil if cmd.exit_status != 0, try to parse json
  begin
    groups = JSON.parse(cmd.stdout)
  rescue JSON::ParserError => _e
    return []
  end

  # ensure we have an array of groups
  groups = [groups] if !groups.is_a?(Array)
  groups
end