class Ohai::Util::Win32::GroupHelper
Constants
- BUILTIN_ADMINISTRATORS_SID
Per support.microsoft.com/kb/243330 SID: S-1-5-32-544 is the internal name for the Administrators group, which lets us work properly in environments with a renamed or localized name for the Administrators group
Public Class Methods
windows_root_group_name()
click to toggle source
# File lib/ohai/util/win32/group_helper.rb, line 31 def self.windows_root_group_name administrators_group_name_result = nil administrators_sid_result = FFI::MemoryPointer.new(:pointer) convert_result = Win32.convert_string_sid_to_sid(BUILTIN_ADMINISTRATORS_SID, administrators_sid_result) last_win32_error = Win32.get_last_error if convert_result == 0 raise "ERROR: failed to to convert sid string '#{BUILTIN_ADMINISTRATORS_SID}' to a Windows SID structure because Win32 API function ConvertStringSidToSid returned #{last_win32_error}." end administrators_group_name_buffer = 0.chr * 260 administrators_group_name_length = [administrators_group_name_buffer.length].pack("L") domain_name_length_buffer = [260].pack("L") sid_use_result = 0.chr * 4 # Use LookupAccountSid rather than WMI's Win32_Group class because WMI will attempt # to include (unneeded) Active Directory groups by querying AD, which is a performance # and reliability issue since AD might not be reachable. Additionally, in domains with # thousands of groups, the WMI query is very slow, on the order of minutes, even to # get the first result. So we use LookupAccountSid which is a purely local lookup # of the built-in group, with no need to access AD, and thus no failure modes related # to network conditions or query performance. lookup_boolean_result = Win32.lookup_account_sid( nil, administrators_sid_result.read_pointer, administrators_group_name_buffer, administrators_group_name_length, nil, domain_name_length_buffer, sid_use_result) last_win32_error = Win32.get_last_error Win32.local_free(administrators_sid_result.read_pointer) if lookup_boolean_result == 0 raise "ERROR: failed to find root group (i.e. builtin\\administrators) for sid #{BUILTIN_ADMINISTRATORS_SID} because Win32 API function LookupAccountSid returned #{last_win32_error}." end administrators_group_name_buffer.strip end