def get_domain_sid():
policy_handle = win32security.GetPolicyHandle(
'', win32security.POLICY_ALL_ACCESS)
sid = win32security.LsaQueryInformationPolicy(
policy_handle, win32security.PolicyDnsDomainInformation)[4]
sid = str(sid).split(':')[1]
win32security.LsaClose(policy_handle)
return sid
import win32security
policy_handle = win32security.GetPolicyHandle('',
win32security.POLICY_ALL_ACCESS)
privatedata = 'some sensitive data'
keyname = 'tmp'
win32security.LsaStorePrivateData(policy_handle, keyname, privatedata)
retrieveddata = win32security.LsaRetrievePrivateData(policy_handle, keyname)
assert retrieveddata == privatedata
# passing None deletes key
win32security.LsaStorePrivateData(policy_handle, keyname, None)
win32security.LsaClose(policy_handle)
def GetLocalSecurityPolicyHandle(systemName, desiredAccess):
# Context manager for GetPolicyHandle
policyHandle = win32security.GetPolicyHandle(systemName, desiredAccess)
yield policyHandle
win32security.LsaClose(policyHandle)
def startasync(self, args, config):
"""
First checks for a valid installation, then checks the grid,
then registers the action: "node HOST start"
"""
self.check_access(config=config)
self.checkice()
self.check_node(args)
if self._isWindows():
self.checkwindows(args)
if 0 == self.status(args, node_only=True):
self.ctx.die(876, "Server already running")
self._initDir()
# Do a check to see if we've started before.
self._regdata()
self.check([])
user = args.user
pasw = args.password
descript = self._descript(args)
if self._isWindows():
svc_name = "OMERO.%s" % args.node
output = self._query_service(svc_name)
# Now check if the server exists
if 0 <= output.find("DOESNOTEXIST"):
binpath = """icegridnode.exe "%s" --deploy "%s" --service\
%s""" % (self._icecfg(), descript, svc_name)
# By default: "NT Authority\Local System"
if not user:
try:
user = config.as_map()["omero.windows.user"]
except KeyError:
user = None
if user is not None and len(user) > 0:
if not "\\" in user:
computername = win32api.GetComputerName()
user = "******".join([computername, user])
try:
# See #9967, code based on http://mail.python.org/\
# pipermail/python-win32/2010-October/010791.html
self.ctx.out("Granting SeServiceLogonRight to service"
" user \"%s\"" % user)
policy_handle = win32security.LsaOpenPolicy(
None, win32security.POLICY_ALL_ACCESS)
sid_obj, domain, tmp = \
win32security.LookupAccountName(None, user)
win32security.LsaAddAccountRights(
policy_handle, sid_obj, ('SeServiceLogonRight', ))
win32security.LsaClose(policy_handle)
except pywintypes.error, details:
self.ctx.die(
200, "Error during service user set up:"
" (%s) %s" % (details[0], details[2]))
if not pasw:
try:
pasw = config.as_map()["omero.windows.pass"]
except KeyError:
pasw = self._ask_for_password(
" for service user \"%s\"" % user)
else:
pasw = None
hscm = win32service.OpenSCManager(
None, None, win32service.SC_MANAGER_ALL_ACCESS)
try:
self.ctx.out("Installing %s Windows service." % svc_name)
hs = win32service.CreateService(
hscm, svc_name, svc_name,
win32service.SERVICE_ALL_ACCESS,
win32service.SERVICE_WIN32_OWN_PROCESS,
win32service.SERVICE_AUTO_START,
win32service.SERVICE_ERROR_NORMAL, binpath, None, 0,
None, user, pasw)
self.ctx.out("Successfully installed %s Windows service." %
svc_name)
win32service.CloseServiceHandle(hs)
finally:
win32service.CloseServiceHandle(hscm)
# Then check if the server is already running
if 0 <= output.find("RUNNING"):
self.ctx.die(
201, "%s is already running. Use stop first" % svc_name)
# Finally, try to start the service - delete if startup fails
hscm = win32service.OpenSCManager(
None, None, win32service.SC_MANAGER_ALL_ACCESS)
try:
try:
hs = win32service.OpenService(
hscm, svc_name, win32service.SC_MANAGER_ALL_ACCESS)
win32service.StartService(hs, None)
self.ctx.out("Starting %s Windows service." % svc_name)
except pywintypes.error, details:
self.ctx.out("%s service startup failed: (%s) %s" %
(svc_name, details[0], details[2]))
win32service.DeleteService(hs)
self.ctx.die(202, "%s service deleted." % svc_name)
finally:
win32service.CloseServiceHandle(hs)
win32service.CloseServiceHandle(hscm)
