Class: Puppet::Util::ADSI::User

Inherits:

Object

• Object
• Puppet::Util::ADSI::User

Extended by:

Enumerable

Defined in:

lib/puppet/util/adsi.rb

Instance Attribute Summary

• #name ⇒ Object readonly
• #native_user ⇒ Object
• #sid ⇒ Object readonly

Class Method Summary

• .create(name) ⇒ Object
• .delete(name) ⇒ Object
• .each(&block) ⇒ Object
• .exists?(name) ⇒ Boolean
• .logon(name, password) ⇒ Object
• .parse_name(name) ⇒ Object
• .uri(name, host = '.') ⇒ Object

Instance Method Summary

• #[](attribute) ⇒ Object
• #[]=(attribute, value) ⇒ Object
• #add_flag(flag_name, value) ⇒ Object
• #add_to_groups(*group_names) ⇒ Object (also: #add_to_group)
• #commit ⇒ Object
• #groups ⇒ Object
• #initialize(name, native_user = nil) ⇒ User constructor

  A new instance of User.

• #password=(password) ⇒ Object
• #password_is?(password) ⇒ Boolean
• #remove_from_groups(*group_names) ⇒ Object (also: #remove_from_group)
• #set_groups(desired_groups, minimum = true) ⇒ Object
• #uri ⇒ Object

Constructor Details

#initialize(name, native_user = nil) ⇒ User

Returns a new instance of User.

# File 'lib/puppet/util/adsi.rb', line 73

def initialize(name, native_user = nil)
  @name = name
  @native_user = native_user
end

Instance Attribute Details

#name ⇒ Object (readonly)

# File 'lib/puppet/util/adsi.rb', line 72

def name
  @name
end

#native_user ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 71

def native_user
  @native_user
end

#sid ⇒ Object (readonly)

# File 'lib/puppet/util/adsi.rb', line 72

def sid
  @sid
end

Class Method Details

.create(name) ⇒ Object

Raises:

• (Puppet::Error)

# File 'lib/puppet/util/adsi.rb', line 186

def self.create(name)
  # Windows error 1379: The specified local group already exists.
  raise Puppet::Error.new( "Cannot create user if group '#{name}' exists." ) if Puppet::Util::ADSI::Group.exists? name
  new(name, Puppet::Util::ADSI.create(name, 'user'))
end

.delete(name) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 196

def self.delete(name)
  Puppet::Util::ADSI.delete(name, 'user')
end

.each(&block) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 200

def self.each(&block)
  wql = Puppet::Util::ADSI.execquery('select name from win32_useraccount where localaccount = "TRUE"')

  users = []
  wql.each do |u|
    users << new(u.name)
  end

  users.each(&block)
end

.exists?(name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/puppet/util/adsi.rb', line 192

def self.exists?(name)
  Puppet::Util::ADSI::connectable?(User.uri(*User.parse_name(name)))
end

.logon(name, password) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 108

def self.logon(name, password)
  Puppet::Util::Windows::User.password_is?(name, password)
end

.parse_name(name) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 78

def self.parse_name(name)
  if name =~ /\//
    raise Puppet::Error.new( "Value must be in DOMAIN\\user style syntax" )
  end

  matches = name.scan(/((.*)\\)?(.*)/)
  domain = matches[0][1] || '.'
  account = matches[0][2]

  return account, domain
end

.uri(name, host = '.') ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 98

def self.uri(name, host = '.')
  host = '.' if ['NT AUTHORITY', 'BUILTIN', Socket.gethostname].include?(host)

  Puppet::Util::ADSI.uri(name, 'user', host)
end

Instance Method Details

#[](attribute) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 112

def [](attribute)
  native_user.Get(attribute)
end

#[]=(attribute, value) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 116

def []=(attribute, value)
  native_user.Put(attribute, value)
end

#add_flag(flag_name, value) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 133

def add_flag(flag_name, value)
  flag = native_user.Get(flag_name) rescue 0

  native_user.Put(flag_name, flag | value)

  commit
end

#add_to_groups(*group_names) ⇒ Object Also known as: add_to_group

# File 'lib/puppet/util/adsi.rb', line 155

def add_to_groups(*group_names)
  group_names.each do |group_name|
    Puppet::Util::ADSI::Group.new(group_name).add_member_sids(sid)
  end
end

#commit ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 120

def commit
  begin
    native_user.SetInfo unless native_user.nil?
  rescue Exception => e
    raise Puppet::Error.new( "User update failed: #{e}" )
  end
  self
end

#groups ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 148

def groups
  # WIN32OLE objects aren't enumerable, so no map
  groups = []
  native_user.Groups.each {|g| groups << g.Name} rescue nil
  groups
end

#password=(password) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 141

def password=(password)
  native_user.SetPassword(password)
  commit
  fADS_UF_DONT_EXPIRE_PASSWD = 0x10000
  add_flag("UserFlags", fADS_UF_DONT_EXPIRE_PASSWD)
end

#password_is?(password) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/puppet/util/adsi.rb', line 129

def password_is?(password)
  self.class.logon(name, password)
end

#remove_from_groups(*group_names) ⇒ Object Also known as: remove_from_group

# File 'lib/puppet/util/adsi.rb', line 162

def remove_from_groups(*group_names)
  group_names.each do |group_name|
    Puppet::Util::ADSI::Group.new(group_name).remove_member_sids(sid)
  end
end

#set_groups(desired_groups, minimum = true) ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 169

def set_groups(desired_groups, minimum = true)
  return if desired_groups.nil? or desired_groups.empty?

  desired_groups = desired_groups.split(',').map(&:strip)

  current_groups = self.groups

  # First we add the user to all the groups it should be in but isn't
  groups_to_add = desired_groups - current_groups
  add_to_groups(*groups_to_add)

  # Then we remove the user from all groups it is in but shouldn't be, if
  # that's been requested
  groups_to_remove = current_groups - desired_groups
  remove_from_groups(*groups_to_remove) unless minimum
end

#uri ⇒ Object

# File 'lib/puppet/util/adsi.rb', line 104

def uri
  self.class.uri(sid.account, sid.domain)
end