class Chef::Util::Windows::NetUser

wrapper around a subset of the NetUser* APIs. nothing Chef specific, but not complete enough to be its own gem, so util for now.

Constants

LOGON32_LOGON_NETWORK
LOGON32_PROVIDER_DEFAULT
NetUser
Security
USER_INFO_3_TRANSFORM
Win32APIError

Public Class Methods

new(username) click to toggle source
# File lib/chef/util/windows/net_user.rb, line 89
def initialize(username)
  @username = username
end

Public Instance Methods

add(args) click to toggle source
# File lib/chef/util/windows/net_user.rb, line 120
def add(args)
  transformed_args = transform_usri3(args)
  NetUser.net_user_add_l3(nil, transformed_args)
  NetUser.net_local_group_add_member(nil, Chef::ReservedNames::Win32::Security::SID.BuiltinUsers.account_simple_name, args[:name])
end
check_enabled() click to toggle source
# File lib/chef/util/windows/net_user.rb, line 169
def check_enabled
  (get_info()[:flags] & NetUser::UF_ACCOUNTDISABLE) != 0
end
delete() click to toggle source
# File lib/chef/util/windows/net_user.rb, line 143
def delete
  NetUser.net_user_del(nil, @username)
rescue Chef::Exceptions::Win32APIError => e
  raise ArgumentError, e
end
disable_account() click to toggle source
# File lib/chef/util/windows/net_user.rb, line 149
def disable_account
  user_modify do |user|
    user[:flags] |= NetUser::UF_ACCOUNTDISABLE
    # This does not set the password to nil. It (for some reason) means to ignore updating the field.
    # See similar behavior for the logon_hours field documented at
    # http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end
enable_account() click to toggle source
# File lib/chef/util/windows/net_user.rb, line 159
def enable_account
  user_modify do |user|
    user[:flags] &= ~NetUser::UF_ACCOUNTDISABLE
    # This does not set the password to nil. It (for some reason) means to ignore updating the field.
    # See similar behavior for the logon_hours field documented at
    # http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx
    user[:password] = nil
  end
end
get_info() click to toggle source
# File lib/chef/util/windows/net_user.rb, line 111
def get_info
  begin
    ui3 = NetUser.net_user_get_info_l3(nil, @username)
  rescue Chef::Exceptions::Win32APIError => e
    raise ArgumentError, e
  end
  usri3_to_hash(ui3)
end
update(args) click to toggle source
# File lib/chef/util/windows/net_user.rb, line 135
def update(args)
  user_modify do |user|
    args.each do |key, val|
      user[key] = val
    end
  end
end
user_modify() { |user| ... } click to toggle source

FIXME: yard with @yield

# File lib/chef/util/windows/net_user.rb, line 127
def user_modify
  user = get_info
  user[:last_logon] = user[:units_per_week] = 0 # ignored as per USER_INFO_3 doc
  user[:logon_hours] = nil # PBYTE field; \0 == no changes
  yield(user)
  set_info(user)
end
validate_credentials(passwd) click to toggle source

XXX for an extra painful alternative, see: support.microsoft.com/kb/180548

# File lib/chef/util/windows/net_user.rb, line 96
def validate_credentials(passwd)
  token = Security.logon_user(@username, nil, passwd,
             LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT)
  true
rescue Chef::Exceptions::Win32APIError => e
  Chef::Log.trace(e)
  # we're only interested in the incorrect password failures
  if e.to_s =~ /System Error Code: 1326/
    return false
  end
  # all other exceptions will assume we cannot logon for a different reason
  Chef::Log.trace("Unable to login with the specified credentials. Assuming the credentials are valid.")
  true
end

Private Instance Methods

set_info(args) click to toggle source
# File lib/chef/util/windows/net_user.rb, line 81
def set_info(args)
  rc = NetUser.net_user_set_info_l3(nil, @username, transform_usri3(args))
rescue Chef::Exceptions::Win32APIError => e
  raise ArgumentError, e
end
transform_usri3(args) click to toggle source
# File lib/chef/util/windows/net_user.rb, line 66
def transform_usri3(args)
  args.inject({}) do |memo, (k, v)|
    memo[USER_INFO_3_TRANSFORM[k]] = v
    memo
  end
end
usri3_to_hash(usri3) click to toggle source
# File lib/chef/util/windows/net_user.rb, line 73
def usri3_to_hash(usri3)
  t = USER_INFO_3_TRANSFORM.invert
  usri3.inject({}) do |memo, (k, v)|
    memo[t[k]] = v
    memo
  end
end