1
module Puppet::Util::ADSI
15
raise Puppet::Error.new( "ADSI connection error: #{e}" )
19
def create(name, resource_type)
20
Puppet::Util::ADSI.connect(computer_uri).Create(resource_type, name)
23
def delete(name, resource_type)
24
Puppet::Util::ADSI.connect(computer_uri).Delete(resource_type, name)
30
Win32API.new('kernel32', 'GetComputerName', ['P','P'], 'I').call(buf, buf.length.to_s)
31
@computer_name = buf.unpack("A*")
37
"WinNT://#{computer_name}"
40
def wmi_resource_uri( host = '.' )
41
"winmgmts:{impersonationLevel=impersonate}!//#{host}/root/cimv2"
44
def uri(resource_name, resource_type)
45
"#{computer_uri}/#{resource_name},#{resource_type}"
49
connect(wmi_resource_uri).execquery(query)
52
def sid_for_account(name)
56
"SELECT Sid from Win32_Account
57
WHERE Name = '#{name}' AND LocalAccount = true"
58
).each {|u| sid ||= u.Sid}
67
attr_accessor :native_user
69
def initialize(name, native_user = nil)
71
@native_user = native_user
75
@native_user ||= Puppet::Util::ADSI.connect(uri)
79
Puppet::Util::ADSI.uri(name, 'user')
86
def self.logon(name, password)
87
fLOGON32_LOGON_NETWORK = 3
88
fLOGON32_PROVIDER_DEFAULT = 0
90
logon_user = Win32API.new("advapi32", "LogonUser", ['P', 'P', 'P', 'L', 'L', 'P'], 'L')
91
close_handle = Win32API.new("kernel32", "CloseHandle", ['P'], 'V')
94
if logon_user.call(name, "", password, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, token) != 0
95
close_handle.call(token.unpack('L')[0])
103
native_user.Get(attribute)
106
def []=(attribute, value)
107
native_user.Put(attribute, value)
112
native_user.SetInfo unless native_user.nil?
113
rescue Exception => e
114
raise Puppet::Error.new( "User update failed: #{e}" )
119
def password_is?(password)
120
self.class.logon(name, password)
123
def add_flag(flag_name, value)
124
flag = native_user.Get(flag_name) rescue 0
126
native_user.Put(flag_name, flag | value)
131
def password=(password)
132
native_user.SetPassword(password)
134
fADS_UF_DONT_EXPIRE_PASSWD = 0x10000
135
add_flag("UserFlags", fADS_UF_DONT_EXPIRE_PASSWD)
139
# WIN32OLE objects aren't enumerable, so no map
141
native_user.Groups.each {|g| groups << g.Name}
145
def add_to_groups(*group_names)
146
group_names.each do |group_name|
147
Puppet::Util::ADSI::Group.new(group_name).add_member(@name)
150
alias add_to_group add_to_groups
152
def remove_from_groups(*group_names)
153
group_names.each do |group_name|
154
Puppet::Util::ADSI::Group.new(group_name).remove_member(@name)
157
alias remove_from_group remove_from_groups
159
def set_groups(desired_groups, minimum = true)
160
return if desired_groups.nil? or desired_groups.empty?
162
desired_groups = desired_groups.split(',').map(&:strip)
164
current_groups = self.groups
166
# First we add the user to all the groups it should be in but isn't
167
groups_to_add = desired_groups - current_groups
168
add_to_groups(*groups_to_add)
170
# Then we remove the user from all groups it is in but shouldn't be, if
171
# that's been requested
172
groups_to_remove = current_groups - desired_groups
173
remove_from_groups(*groups_to_remove) unless minimum
176
def self.create(name)
177
new(name, Puppet::Util::ADSI.create(name, 'user'))
180
def self.exists?(name)
181
Puppet::Util::ADSI::connectable?(User.uri(name))
184
def self.delete(name)
185
Puppet::Util::ADSI.delete(name, 'user')
188
def self.each(&block)
189
wql = Puppet::Util::ADSI.execquery("select * from win32_useraccount")
193
users << new(u.name, u)
203
attr_accessor :native_group
205
def initialize(name, native_group = nil)
207
@native_group = native_group
215
Puppet::Util::ADSI.uri(name, 'group')
219
@native_group ||= Puppet::Util::ADSI.connect(uri)
224
native_group.SetInfo unless native_group.nil?
225
rescue Exception => e
226
raise Puppet::Error.new( "Group update failed: #{e}" )
231
def add_members(*names)
233
native_group.Add(Puppet::Util::ADSI::User.uri(name))
236
alias add_member add_members
238
def remove_members(*names)
240
native_group.Remove(Puppet::Util::ADSI::User.uri(name))
243
alias remove_member remove_members
246
# WIN32OLE objects aren't enumerable, so no map
248
native_group.Members.each {|m| members << m.Name}
252
def set_members(desired_members)
253
return if desired_members.nil? or desired_members.empty?
255
current_members = self.members
257
# First we add all missing members
258
members_to_add = desired_members - current_members
259
add_members(*members_to_add)
261
# Then we remove all extra members
262
members_to_remove = current_members - desired_members
263
remove_members(*members_to_remove)
266
def self.create(name)
267
new(name, Puppet::Util::ADSI.create(name, 'group'))
270
def self.exists?(name)
271
Puppet::Util::ADSI.connectable?(Group.uri(name))
274
def self.delete(name)
275
Puppet::Util::ADSI.delete(name, 'group')
278
def self.each(&block)
279
wql = Puppet::Util::ADSI.execquery( "select * from win32_group" )
283
groups << new(g.name, g)