def get_groups(self): if self.member_of: return self.member_of from wpc.group import group as Group # we have to import here to avoid circular import g1 = [] g2 = [] try: g1 = win32net.NetUserGetLocalGroups(wpc.conf.remote_server, self.get_name(), 0) except: pass try: g2 = win32net.NetUserGetGroups(wpc.conf.remote_server, self.get_name()) except: pass for g in g2: g1.append(g[0]) for group in g1: gsid, s, i = wpc.conf.cache.LookupAccountName( wpc.conf.remote_server, group) self.member_of.append(Group(gsid)) return self.member_of
def test_impersonate(): with Impersonate(): # Some functions like print do not work with this. Hard to debug. user = os.getlogin() domain = '.'.join(socket.getfqdn().split('.')[1:]) groups = win32net.NetUserGetGroups(domain, user) groups = ', '.join(map(lambda r:r[0], groups)) print("user: " + os.getlogin()) return render_template('test_groups.html', current_user=user, groups=groups, function=test_impersonate.__name__) # current_user is also defined in Jinja's context
def get_user_groups(name, sid=False): """ Get the groups to which a user belongs Args: name (str): The user name to query sid (bool): True will return a list of SIDs, False will return a list of group names Returns: list: A list of group names or sids """ groups = [] if name.upper() == "SYSTEM": # 'win32net.NetUserGetLocalGroups' will fail if you pass in 'SYSTEM'. groups = ["SYSTEM"] else: try: groups = win32net.NetUserGetLocalGroups(None, name) except (win32net.error, pywintypes.error) as exc: # ERROR_ACCESS_DENIED, NERR_DCNotFound, RPC_S_SERVER_UNAVAILABLE if exc.winerror in (5, 1722, 2453, 1927, 1355): # Try without LG_INCLUDE_INDIRECT flag, because the user might # not have permissions for it or something is wrong with DC groups = win32net.NetUserGetLocalGroups(None, name, 0) else: # If this fails, try once more but instead with global groups. try: groups = win32net.NetUserGetGroups(None, name) except win32net.error as exc: if exc.winerror in (5, 1722, 2453, 1927, 1355): # Try without LG_INCLUDE_INDIRECT flag, because the user might # not have permissions for it or something is wrong with DC groups = win32net.NetUserGetLocalGroups(None, name, 0) except pywintypes.error: if exc.winerror in (5, 1722, 2453, 1927, 1355): # Try with LG_INCLUDE_INDIRECT flag, because the user might # not have permissions for it or something is wrong with DC groups = win32net.NetUserGetLocalGroups(None, name, 1) else: raise if not sid: return groups ret_groups = [] for group in groups: ret_groups.append(get_sid_from_name(group)) return ret_groups