class Inspec::Resources::WindowsGroup

def groups

returns all local groups

def groups
  script = <<-EOH
    Function ConvertTo-SID { Param([byte[]]$BinarySID)
      (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
    }
    $Computername = $Env:Computername
    $adsi = [ADSI]"WinNT://$Computername"
    $groups = $adsi.Children | where {$_.SchemaClassName -eq 'group'} | ForEach {
      $name = $_.Name[0]
      $sid = ConvertTo-SID -BinarySID $_.ObjectSID[0]
      $group =[ADSI]$_.Path
      $members = $_.Members() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) }
      # An empty collection of these objects isn't properly converted to an empty array by ConvertTo-Json
      if(-not [bool]$members) {
        $members = @()
      }
      new-object psobject -property @{name = $group.Name[0]; gid = $sid; domain = $Computername; members = $members}
    }
    $groups | ConvertTo-Json -Depth 3
  EOH
  cmd = inspec.powershell(script)
  # cannot rely on exit code for now, successful command returns exit code 1
  # return nil if cmd.exit_status != 0, try to parse json
  begin
    groups = JSON.parse(cmd.stdout)
  rescue JSON::ParserError => _e
    return []
  end
  # ensure we have an array of groups
  groups = [groups] if !groups.is_a?(Array)
  groups
end

Modules

Classes

class Inspec::Resources::WindowsGroup

def groups

Namespace

Parent class

Instance Methods

Defined in