f735fd672a
* Copy in incidental windows tests. * Update incidental test aliases. * Add support plugins. * Update target references. * Update sanity ignores. * Update integration-aliases test. * Add to CI.
203 lines
5.5 KiB
Python
203 lines
5.5 KiB
Python
#!/usr/bin/python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
# Copyright: (c) 2017, Ansible Project
|
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
# this is a windows documentation stub. actual code lives in the .ps1
|
|
# file of the same name
|
|
|
|
ANSIBLE_METADATA = {'metadata_version': '1.1',
|
|
'status': ['preview'],
|
|
'supported_by': 'community'}
|
|
|
|
DOCUMENTATION = r'''
|
|
---
|
|
module: win_whoami
|
|
version_added: "2.5"
|
|
short_description: Get information about the current user and process
|
|
description:
|
|
- Designed to return the same information as the C(whoami /all) command.
|
|
- Also includes information missing from C(whoami) such as logon metadata like
|
|
logon rights, id, type.
|
|
notes:
|
|
- If running this module with a non admin user, the logon rights will be an
|
|
empty list as Administrator rights are required to query LSA for the
|
|
information.
|
|
seealso:
|
|
- module: win_credential
|
|
- module: win_group_membership
|
|
- module: win_user_right
|
|
author:
|
|
- Jordan Borean (@jborean93)
|
|
'''
|
|
|
|
EXAMPLES = r'''
|
|
- name: Get whoami information
|
|
win_whoami:
|
|
'''
|
|
|
|
RETURN = r'''
|
|
authentication_package:
|
|
description: The name of the authentication package used to authenticate the
|
|
user in the session.
|
|
returned: success
|
|
type: str
|
|
sample: Negotiate
|
|
user_flags:
|
|
description: The user flags for the logon session, see UserFlags in
|
|
U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa380128).
|
|
returned: success
|
|
type: str
|
|
sample: Winlogon
|
|
upn:
|
|
description: The user principal name of the current user.
|
|
returned: success
|
|
type: str
|
|
sample: Administrator@DOMAIN.COM
|
|
logon_type:
|
|
description: The logon type that identifies the logon method, see
|
|
U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa380129.aspx).
|
|
returned: success
|
|
type: str
|
|
sample: Network
|
|
privileges:
|
|
description: A dictionary of privileges and their state on the logon token.
|
|
returned: success
|
|
type: dict
|
|
sample: {
|
|
"SeChangeNotifyPrivileges": "enabled-by-default",
|
|
"SeRemoteShutdownPrivilege": "disabled",
|
|
"SeDebugPrivilege": "enabled"
|
|
}
|
|
label:
|
|
description: The mandatory label set to the logon session.
|
|
returned: success
|
|
type: complex
|
|
contains:
|
|
domain_name:
|
|
description: The domain name of the label SID.
|
|
returned: success
|
|
type: str
|
|
sample: Mandatory Label
|
|
sid:
|
|
description: The SID in string form.
|
|
returned: success
|
|
type: str
|
|
sample: S-1-16-12288
|
|
account_name:
|
|
description: The account name of the label SID.
|
|
returned: success
|
|
type: str
|
|
sample: High Mandatory Level
|
|
type:
|
|
description: The type of SID.
|
|
returned: success
|
|
type: str
|
|
sample: Label
|
|
impersonation_level:
|
|
description: The impersonation level of the token, only valid if
|
|
C(token_type) is C(TokenImpersonation), see
|
|
U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa379572.aspx).
|
|
returned: success
|
|
type: str
|
|
sample: SecurityAnonymous
|
|
login_time:
|
|
description: The logon time in ISO 8601 format
|
|
returned: success
|
|
type: str
|
|
sample: '2017-11-27T06:24:14.3321665+10:00'
|
|
groups:
|
|
description: A list of groups and attributes that the user is a member of.
|
|
returned: success
|
|
type: list
|
|
sample: [
|
|
{
|
|
"account_name": "Domain Users",
|
|
"domain_name": "DOMAIN",
|
|
"attributes": [
|
|
"Mandatory",
|
|
"Enabled by default",
|
|
"Enabled"
|
|
],
|
|
"sid": "S-1-5-21-1654078763-769949647-2968445802-513",
|
|
"type": "Group"
|
|
},
|
|
{
|
|
"account_name": "Administrators",
|
|
"domain_name": "BUILTIN",
|
|
"attributes": [
|
|
"Mandatory",
|
|
"Enabled by default",
|
|
"Enabled",
|
|
"Owner"
|
|
],
|
|
"sid": "S-1-5-32-544",
|
|
"type": "Alias"
|
|
}
|
|
]
|
|
account:
|
|
description: The running account SID details.
|
|
returned: success
|
|
type: complex
|
|
contains:
|
|
domain_name:
|
|
description: The domain name of the account SID.
|
|
returned: success
|
|
type: str
|
|
sample: DOMAIN
|
|
sid:
|
|
description: The SID in string form.
|
|
returned: success
|
|
type: str
|
|
sample: S-1-5-21-1654078763-769949647-2968445802-500
|
|
account_name:
|
|
description: The account name of the account SID.
|
|
returned: success
|
|
type: str
|
|
sample: Administrator
|
|
type:
|
|
description: The type of SID.
|
|
returned: success
|
|
type: str
|
|
sample: User
|
|
login_domain:
|
|
description: The name of the domain used to authenticate the owner of the
|
|
session.
|
|
returned: success
|
|
type: str
|
|
sample: DOMAIN
|
|
rights:
|
|
description: A list of logon rights assigned to the logon.
|
|
returned: success and running user is a member of the local Administrators group
|
|
type: list
|
|
sample: [
|
|
"SeNetworkLogonRight",
|
|
"SeInteractiveLogonRight",
|
|
"SeBatchLogonRight",
|
|
"SeRemoteInteractiveLogonRight"
|
|
]
|
|
logon_server:
|
|
description: The name of the server used to authenticate the owner of the
|
|
logon session.
|
|
returned: success
|
|
type: str
|
|
sample: DC01
|
|
logon_id:
|
|
description: The unique identifier of the logon session.
|
|
returned: success
|
|
type: int
|
|
sample: 20470143
|
|
dns_domain_name:
|
|
description: The DNS name of the logon session, this is an empty string if
|
|
this is not set.
|
|
returned: success
|
|
type: str
|
|
sample: DOMAIN.COM
|
|
token_type:
|
|
description: The token type to indicate whether it is a primary or
|
|
impersonation token.
|
|
returned: success
|
|
type: str
|
|
sample: TokenPrimary
|
|
'''
|