forked from perl-libwin32/win32-netadmin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathNetAdmin.pm
424 lines (323 loc) · 10.5 KB
/
NetAdmin.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
package Win32::NetAdmin;
#
#NetAdmin.pm
#Written by [email protected]
#
$VERSION = '0.13';
require Exporter;
require DynaLoader;
require Win32 unless defined &Win32::IsWinNT;
die "The Win32::NetAdmin module works only on Windows NT" unless Win32::IsWinNT();
@ISA= qw( Exporter DynaLoader );
# Items to export into callers namespace by default. Note: do not export
# names by default without a very good reason. Use EXPORT_OK instead.
# Do not simply export all your public functions/methods/constants.
@EXPORT = qw(
DOMAIN_ALIAS_RID_ACCOUNT_OPS
DOMAIN_ALIAS_RID_ADMINS
DOMAIN_ALIAS_RID_BACKUP_OPS
DOMAIN_ALIAS_RID_GUESTS
DOMAIN_ALIAS_RID_POWER_USERS
DOMAIN_ALIAS_RID_PRINT_OPS
DOMAIN_ALIAS_RID_REPLICATOR
DOMAIN_ALIAS_RID_SYSTEM_OPS
DOMAIN_ALIAS_RID_USERS
DOMAIN_GROUP_RID_ADMINS
DOMAIN_GROUP_RID_GUESTS
DOMAIN_GROUP_RID_USERS
DOMAIN_USER_RID_ADMIN
DOMAIN_USER_RID_GUEST
FILTER_TEMP_DUPLICATE_ACCOUNT
FILTER_NORMAL_ACCOUNT
FILTER_INTERDOMAIN_TRUST_ACCOUNT
FILTER_WORKSTATION_TRUST_ACCOUNT
FILTER_SERVER_TRUST_ACCOUNT
SV_TYPE_WORKSTATION
SV_TYPE_SERVER
SV_TYPE_SQLSERVER
SV_TYPE_DOMAIN_CTRL
SV_TYPE_DOMAIN_BAKCTRL
SV_TYPE_TIMESOURCE
SV_TYPE_AFP
SV_TYPE_NOVELL
SV_TYPE_DOMAIN_MEMBER
SV_TYPE_PRINT
SV_TYPE_PRINTQ_SERVER
SV_TYPE_DIALIN
SV_TYPE_DIALIN_SERVER
SV_TYPE_XENIX_SERVER
SV_TYPE_NT
SV_TYPE_WFW
SV_TYPE_POTENTIAL_BROWSER
SV_TYPE_BACKUP_BROWSER
SV_TYPE_MASTER_BROWSER
SV_TYPE_DOMAIN_MASTER
SV_TYPE_DOMAIN_ENUM
SV_TYPE_SERVER_UNIX
SV_TYPE_SERVER_MFPN
SV_TYPE_SERVER_NT
SV_TYPE_SERVER_OSF
SV_TYPE_SERVER_VMS
SV_TYPE_WINDOWS
SV_TYPE_DFS
SV_TYPE_ALTERNATE_XPORT
SV_TYPE_LOCAL_LIST_ONLY
SV_TYPE_ALL
UF_TEMP_DUPLICATE_ACCOUNT
UF_NORMAL_ACCOUNT
UF_INTERDOMAIN_TRUST_ACCOUNT
UF_WORKSTATION_TRUST_ACCOUNT
UF_SERVER_TRUST_ACCOUNT
UF_MACHINE_ACCOUNT_MASK
UF_ACCOUNT_TYPE_MASK
UF_DONT_EXPIRE_PASSWD
UF_SETTABLE_BITS
UF_SCRIPT
UF_ACCOUNTDISABLE
UF_HOMEDIR_REQUIRED
UF_LOCKOUT
UF_PASSWD_NOTREQD
UF_PASSWD_CANT_CHANGE
USE_FORCE
USE_LOTS_OF_FORCE
USE_NOFORCE
USER_PRIV_MASK
USER_PRIV_GUEST
USER_PRIV_USER
USER_PRIV_ADMIN
);
@EXPORT_OK = qw(
GetError
GetDomainController
GetAnyDomainController
UserCreate
UserDelete
UserGetAttributes
UserSetAttributes
UserChangePassword
UsersExist
GetUsers
GroupCreate
GroupDelete
GroupGetAttributes
GroupSetAttributes
GroupAddUsers
GroupDeleteUsers
GroupIsMember
GroupGetMembers
LocalGroupCreate
LocalGroupDelete
LocalGroupGetAttributes
LocalGroupSetAttributes
LocalGroupIsMember
LocalGroupGetMembers
LocalGroupGetMembersWithDomain
LocalGroupAddUsers
LocalGroupDeleteUsers
GetServers
GetTransports
LoggedOnUsers
GetAliasFromRID
GetUserGroupFromRID
GetServerDisks
);
$EXPORT_TAGS{ALL}= \@EXPORT_OK;
=head1 NAME
Win32::NetAdmin - Manage network groups and users in Perl
=head1 SYNOPSIS
use Win32::NetAdmin;
=head1 DESCRIPTION
This module offers control over the administration of groups and users over a
network.
=head1 FUNCTIONS
=head2 NOTE
All of the functions return false if they fail, unless otherwise noted.
When a function fails call Win32::NetAdmin::GetError() rather than
GetLastError() or $^E to retrieve the error code.
C<server> is optional for all the calls below. If not given the local machine is
assumed.
=over 10
=item GetError()
Returns the error code of the last call to this module.
=item GetDomainController(server, domain, returnedName)
Returns the name of the domain controller for server.
=item GetAnyDomainController(server, domain, returnedName)
Returns the name of any domain controller for a domain that is directly trusted
by the server.
=item UserCreate(server, userName, password, passwordAge, privilege, homeDir, comment, flags, scriptPath)
Creates a user on server with password, passwordAge, privilege, homeDir, comment,
flags, and scriptPath.
=item UserDelete(server, user)
Deletes a user from server.
=item UserGetAttributes(server, userName, password, passwordAge, privilege, homeDir, comment, flags, scriptPath)
Gets password, passwordAge, privilege, homeDir, comment, flags, and scriptPath
for user.
=item UserSetAttributes(server, userName, password, passwordAge, privilege, homeDir, comment, flags, scriptPath)
Sets password, passwordAge, privilege, homeDir, comment, flags, and scriptPath
for user.
=item UserChangePassword(domainname, username, oldpassword, newpassword)
Changes a users password. Can be run under any account.
=item UsersExist(server, userName)
Checks if a user exists.
=item GetUsers(server, filter, userRef)
Fills userRef with user names if it is an array reference and with the user
names and the full names if it is a hash reference.
=item GroupCreate(server, group, comment)
Creates a group.
=item GroupDelete(server, group)
Deletes a group.
=item GroupGetAttributes(server, groupName, comment)
Gets the comment.
=item GroupSetAttributes(server, groupName, comment)
Sets the comment.
=item GroupAddUsers(server, groupName, users)
Adds a user to a group.
=item GroupDeleteUsers(server, groupName, users)
Deletes a users from a group.
=item GroupIsMember(server, groupName, user)
Returns TRUE if user is a member of groupName.
=item GroupGetMembers(server, groupName, userArrayRef)
Fills userArrayRef with the members of groupName.
=item LocalGroupCreate(server, group, comment)
Creates a local group.
=item LocalGroupDelete(server, group)
Deletes a local group.
=item LocalGroupGetAttributes(server, groupName, comment)
Gets the comment.
=item LocalGroupSetAttributes(server, groupName, comment)
Sets the comment.
=item LocalGroupIsMember(server, groupName, user)
Returns TRUE if user is a member of groupName.
=item LocalGroupGetMembers(server, groupName, userArrayRef)
Fills userArrayRef with the members of groupName.
=item LocalGroupGetMembersWithDomain(server, groupName, userRef)
This function is similar LocalGroupGetMembers but accepts an array or
a hash reference. Unlike LocalGroupGetMembers it returns each user name
as C<DOMAIN\USERNAME>. If a hash reference is given, the function
returns to each user or group name the type (group, user, alias etc.).
The possible types are as follows:
$SidTypeUser = 1;
$SidTypeGroup = 2;
$SidTypeDomain = 3;
$SidTypeAlias = 4;
$SidTypeWellKnownGroup = 5;
$SidTypeDeletedAccount = 6;
$SidTypeInvalid = 7;
$SidTypeUnknown = 8;
=item LocalGroupAddUsers(server, groupName, users)
Adds a user to a group.
=item LocalGroupDeleteUsers(server, groupName, users)
Deletes a users from a group.
=item GetServers(server, domain, flags, serverRef)
Gets an array of server names or an hash with the server names and the
comments as seen in the Network Neighborhood or the server manager.
For flags, see SV_TYPE_* constants.
=item GetTransports(server, transportRef)
Enumerates the network transports of a computer. If transportRef is an array
reference, it is filled with the transport names. If transportRef is a hash
reference then a hash of hashes is filled with the data for the transports.
=item LoggedOnUsers(server, userRef)
Gets an array or hash with the users logged on at the specified computer. If
userRef is a hash reference, the value is a semicolon separated string of
username, logon domain and logon server.
=item GetAliasFromRID(server, RID, returnedName)
=item GetUserGroupFromRID(server, RID, returnedName)
Retrieves the name of an alias (i.e local group) or a user group for a RID
from the specified server. These functions can be used for example to get the
account name for the administrator account if it is renamed or localized.
Possible values for C<RID>:
DOMAIN_ALIAS_RID_ACCOUNT_OPS
DOMAIN_ALIAS_RID_ADMINS
DOMAIN_ALIAS_RID_BACKUP_OPS
DOMAIN_ALIAS_RID_GUESTS
DOMAIN_ALIAS_RID_POWER_USERS
DOMAIN_ALIAS_RID_PRINT_OPS
DOMAIN_ALIAS_RID_REPLICATOR
DOMAIN_ALIAS_RID_SYSTEM_OPS
DOMAIN_ALIAS_RID_USERS
DOMAIN_GROUP_RID_ADMINS
DOMAIN_GROUP_RID_GUESTS
DOMAIN_GROUP_RID_USERS
DOMAIN_USER_RID_ADMIN
DOMAIN_USER_RID_GUEST
=item GetServerDisks(server, arrayRef)
Returns an array with the disk drives of the specified server. The array
contains two-character strings (drive letter followed by a colon).
=back
=head1 EXAMPLE
# Simple script using Win32::NetAdmin to set the login script for
# all members of the NT group "Domain Users". Only works if you
# run it on the PDC. (From Robert Spier <[email protected]>)
#
# FILTER_TEMP_DUPLICATE_ACCOUNTS
# Enumerates local user account data on a domain controller.
#
# FILTER_NORMAL_ACCOUNT
# Enumerates global user account data on a computer.
#
# FILTER_INTERDOMAIN_TRUST_ACCOUNT
# Enumerates domain trust account data on a domain controller.
#
# FILTER_WORKSTATION_TRUST_ACCOUNT
# Enumerates workstation or member server account data on a domain
# controller.
#
# FILTER_SERVER_TRUST_ACCOUNT
# Enumerates domain controller account data on a domain controller.
use Win32::NetAdmin qw(GetUsers GroupIsMember
UserGetAttributes UserSetAttributes);
my %hash;
GetUsers("", FILTER_NORMAL_ACCOUNT , \%hash)
or die "GetUsers() failed: $^E";
foreach (keys %hash) {
my ($password, $passwordAge, $privilege,
$homeDir, $comment, $flags, $scriptPath);
if (GroupIsMember("", "Domain Users", $_)) {
print "Updating $_ ($hash{$_})\n";
UserGetAttributes("", $_, $password, $passwordAge, $privilege,
$homeDir, $comment, $flags, $scriptPath)
or die "UserGetAttributes() failed: $^E";
$scriptPath = "dnx_login.bat"; # this is the new login script
UserSetAttributes("", $_, $password, $passwordAge, $privilege,
$homeDir, $comment, $flags, $scriptPath)
or die "UserSetAttributes() failed: $^E";
}
}
=head1 LICENSE
This library is free software and may be distributed under the same terms
as perl itself.
=cut
sub AUTOLOAD {
my($constname);
($constname = $AUTOLOAD) =~ s/.*:://;
#reset $! to zero to reset any current errors.
local $! = 0;
my $val = constant($constname);
if ($! != 0) {
if ($! =~ /Invalid/) {
$AutoLoader::AUTOLOAD = $AUTOLOAD;
goto &AutoLoader::AUTOLOAD;
}
else {
($pack,$file,$line) = caller;
die "Your vendor has not defined Win32::NetAdmin macro $constname, used in $file at line $line.";
}
}
eval "sub $AUTOLOAD { $val }";
goto &$AUTOLOAD;
}
$SidTypeUser = 1;
$SidTypeGroup = 2;
$SidTypeDomain = 3;
$SidTypeAlias = 4;
$SidTypeWellKnownGroup = 5;
$SidTypeDeletedAccount = 6;
$SidTypeInvalid = 7;
$SidTypeUnknown = 8;
sub GetError() {
our $__lastError;
$__lastError;
}
bootstrap Win32::NetAdmin;
1;
__END__