def destroy(self):
sid = self.getSid()
if sid is None:
return
succefulDelete = False
try:
win32profile.DeleteProfile(sid)
succefulDelete = True
except:
pass
if not succefulDelete:
if not self.unload(sid):
Logger.error("Unable to unload User reg key for user %s" %
(self.name))
return False
try:
win32profile.DeleteProfile(sid)
succefulDelete = True
except Exception, e:
Logger.warn("Unable to unload user reg: %s" % (str(e)))
try:
path = r"SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\%s" % (
sid)
Reg.DeleteTree(win32con.HKEY_LOCAL_MACHINE, path)
except Exception, err:
Logger.warn("RegDeleteTree of %s return: %s" %
(path, str(err)))
return False
def destroy(self):
sid = self.getSid()
if sid is None:
return
succefulDelete = False
try:
win32profile.DeleteProfile(sid)
succefulDelete = True
except:
pass
if not succefulDelete:
if not self.unload(sid):
Logger.error("Unable to unload User reg key for user %s" %
(self.name))
return False
try:
win32profile.DeleteProfile(sid)
succefulDelete = True
except Exception:
Logger.exception("Unable to unload user reg")
try:
path = r"SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\%s" % (
sid)
Reg.DeleteTree(win32con.HKEY_LOCAL_MACHINE, path)
except Exception:
Logger.exception("RegDeleteTree of %s return: " % path)
return False
# Todo: remove the directory
#Platform.DeleteDirectory(userdir)
try:
win32net.NetUserDel(None, self.name)
except Exception:
Logger.exception("Unable to delete user")
return False
return True
def remove_from_disk(self):
try:
sid = win32security.LookupAccountName(None,
self._get_username())[0]
string_sid = win32security.ConvertSidToStringSid(sid)
win32profile.DeleteProfile(string_sid)
win32net.NetUserDel(None, self._get_username())
except pywintypes.error, details:
if details[0] == 2221:
# "The user name cannot be found."
raise IOError("User %s doesn't exist" % self._get_username())
else:
raise
def delete(name, purge=False, force=False):
'''
Remove a user from the minion
Args:
name (str): The name of the user to delete
purge (bool, optional): Boolean value indicating that the user profile
should also be removed when the user account is deleted. If set to
True the profile will be removed. Default is False.
force (bool, optional): Boolean value indicating that the user account
should be deleted even if the user is logged in. True will log the
user out and delete user.
Returns:
bool: True if successful, otherwise False
CLI Example:
.. code-block:: bash
salt '*' user.delete name
'''
if six.PY2:
name = _to_unicode(name)
# Check if the user exists
try:
user_info = win32net.NetUserGetInfo(None, name, 4)
except win32net.error as exc:
log.error('User not found: {0}'.format(name))
log.error('nbr: {0}'.format(exc.winerror))
log.error('ctx: {0}'.format(exc.funcname))
log.error('msg: {0}'.format(exc.strerror))
return False
# Check if the user is logged in
# Return a list of logged in users
try:
sess_list = win32ts.WTSEnumerateSessions()
except win32ts.error as exc:
log.error('No logged in users found')
log.error('nbr: {0}'.format(exc.winerror))
log.error('ctx: {0}'.format(exc.funcname))
log.error('msg: {0}'.format(exc.strerror))
# Is the user one that is logged in
logged_in = False
session_id = None
for sess in sess_list:
if win32ts.WTSQuerySessionInformation(None, sess['SessionId'],
win32ts.WTSUserName) == name:
session_id = sess['SessionId']
logged_in = True
# If logged in and set to force, log the user out and continue
# If logged in and not set to force, return false
if logged_in:
if force:
try:
win32ts.WTSLogoffSession(win32ts.WTS_CURRENT_SERVER_HANDLE,
session_id, True)
except win32ts.error as exc:
log.error('User not found: {0}'.format(name))
log.error('nbr: {0}'.format(exc.winerror))
log.error('ctx: {0}'.format(exc.funcname))
log.error('msg: {0}'.format(exc.strerror))
return False
else:
log.error('User {0} is currently logged in.'.format(name))
return False
# Remove the User Profile directory
if purge:
try:
sid = getUserSid(name)
win32profile.DeleteProfile(sid)
except pywintypes.error as exc:
(number, context, message) = exc
if number == 2: # Profile Folder Not Found
pass
else:
log.error('Failed to remove profile for {0}'.format(name))
log.error('nbr: {0}'.format(exc.winerror))
log.error('ctx: {0}'.format(exc.funcname))
log.error('msg: {0}'.format(exc.strerror))
return False
# And finally remove the user account
try:
win32net.NetUserDel(None, name)
except win32net.error as exc:
(number, context, message) = exc
log.error('Failed to delete user {0}'.format(name))
log.error('nbr: {0}'.format(exc.winerror))
log.error('ctx: {0}'.format(exc.funcname))
log.error('msg: {0}'.format(exc.strerror))
return False
return True
def delete(name, purge=False, force=False):
'''
Remove a user from the minion
:param name:
The name of the user to delete
:param purge:
Boolean value indicating that the user profile should also be removed when
the user account is deleted. If set to True the profile will be removed.
:param force:
Boolean value indicating that the user account should be deleted even if the
user is logged in. True will log the user out and delete user.
CLI Example:
.. code-block:: bash
salt '*' user.delete name
'''
# Check if the user exists
try:
user_info = win32net.NetUserGetInfo(None, name, 4)
except win32net.error as exc:
(number, context, message) = exc
log.error('User not found: {0}'.format(name))
log.error('nbr: {0}'.format(number))
log.error('ctx: {0}'.format(context))
log.error('msg: {0}'.format(message))
return False
# Check if the user is logged in
# Return a list of logged in users
try:
sess_list = win32ts.WTSEnumerateSessions()
except win32ts.error as exc:
(number, context, message) = exc
log.error('No logged in users found')
log.error('nbr: {0}'.format(number))
log.error('ctx: {0}'.format(context))
log.error('msg: {0}'.format(message))
# Is the user one that is logged in
logged_in = False
session_id = None
for sess in sess_list:
if win32ts.WTSQuerySessionInformation(None, sess['SessionId'],
win32ts.WTSUserName) == name:
session_id = sess['SessionId']
logged_in = True
# If logged in and set to force, log the user out and continue
# If logged in and not set to force, return false
if logged_in:
if force:
try:
win32ts.WTSLogoffSession(win32ts.WTS_CURRENT_SERVER_HANDLE,
session_id, True)
except win32ts.error as exc:
(number, context, message) = exc
log.error('User not found: {0}'.format(name))
log.error('nbr: {0}'.format(number))
log.error('ctx: {0}'.format(context))
log.error('msg: {0}'.format(message))
return False
else:
log.error('User {0} is currently logged in.'.format(name))
return False
# Remove the User Profile directory
if purge:
# If the profile is not defined, get the profile from the registry
if user_info['profile'] == '':
profiles_dir = __salt__['reg.read_key'](
hkey='HKEY_LOCAL_MACHINE',
path=
'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList',
key='ProfilesDirectory')
profiles_dir = profiles_dir.replace('%SystemDrive%',
os.environ['SystemDrive'])
user_info['profile'] = r'{0}\{1}'.format(profiles_dir, name)
# Make sure the profile exists before deleting it
# Otherwise this will throw an error
if os.path.exists(user_info['profile']):
sid = getUserSid(name)
try:
win32profile.DeleteProfile(sid)
except pywintypes.error as exc:
(number, context, message) = exc
log.error('Failed to remove profile for {0}'.format(name))
log.error('nbr: {0}'.format(number))
log.error('ctx: {0}'.format(context))
log.error('msg: {0}'.format(message))
return False
# And finally remove the user account
try:
win32net.NetUserDel(None, name)
except win32net.error as exc:
(number, context, message) = exc
log.error('Failed to delete user {0}'.format(name))
log.error('nbr: {0}'.format(number))
log.error('ctx: {0}'.format(context))
log.error('msg: {0}'.format(message))
return False
return True
def remove_account_profile(user_name=None):
# Remove the profile/files for the user
if user_name is None:
user_name = util.get_param(2, None)
if user_name is None:
p("}}enInvalid User name - not removing account profile!}}xx")
return False
# Log it out (if it is logged in)
UserAccounts.log_out_user(user_name)
# Get the SID for the user in question
user_sid = ""
try:
parts = win32security.LookupAccountName(None, user_name)
user_sid = win32security.ConvertSidToStringSid(parts[0])
except Exception as ex:
# Unable to find this user?
p("}}rnError - Invalid User - can't remove profile!}}xx " +
str(user_name))
return False
if user_sid == "":
# User doesn't exist?
p("}}rnInvalid User - can't remove profile!}}xx " + str(user_name))
return False
# We need more privileges to do this next part
UserAccounts.elevate_process_privilege_to_backup_restore()
# Make sure the registry hive is unloaded
#p("Unloading " + user_sid)
try:
win32api.RegUnLoadKey(win32con.HKEY_USERS, user_sid)
except Exception as ex:
p("}}ynUnable to unload user registry - likely not currently loaded, moving on...}}xx",
debug_level=4)
try:
win32profile.DeleteProfile(user_sid)
except Exception as ex:
p("}}ynUnable to remove profile folder - likely it doesn't exist.}}xx",
debug_level=4)
return True
#See if a profile exists
w = wmi.WMI()
profiles = w.Win32_UserProfile(SID=user_sid)
if len(profiles) < 1:
p("}}ynNo profile found for this user, skipping remove!}}xx")
return True
profile_path = ""
profile_loaded = False
for profile in profiles:
profile_path = profile.LocalPath
profile_loaded = profile.Loaded
profiles = None
# We know it exists
# Remove it from the registry list
RegistrySettings.remove_key("HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\" + \
"ProfileList\\" + user_sid)
# Delete the folder/files
try:
shutil.rmtree(profile_path)
except Exception as ex:
p("}}rnError - Unable to remove the profile folder at " + profile_path + "}}xx\n" + \
str(ex))
return False
return True
