mirror of https://github.com/jumpserver/jumpserver
feat: windows accounts gather
wangruidong
老广
parent
eb901b2946
commit
d280b9699d
|
|
@ -1,8 +1,21 @@
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
|
from datetime import datetime
|
||||||
|
|
||||||
__all__ = ['GatherAccountsFilter']
|
__all__ = ['GatherAccountsFilter']
|
||||||
|
|
||||||
|
|
||||||
|
def parse_date(date_str, default=''):
|
||||||
|
if not date_str:
|
||||||
|
return default
|
||||||
|
if date_str == 'Never':
|
||||||
|
return None
|
||||||
|
try:
|
||||||
|
dt = datetime.strptime(date_str, '%Y/%m/%d %H:%M:%S')
|
||||||
|
return timezone.make_aware(dt, timezone.get_current_timezone())
|
||||||
|
except ValueError:
|
||||||
|
return default
|
||||||
|
|
||||||
|
|
||||||
# TODO 后期会挪到 playbook 中
|
# TODO 后期会挪到 playbook 中
|
||||||
class GatherAccountsFilter:
|
class GatherAccountsFilter:
|
||||||
def __init__(self, tp):
|
def __init__(self, tp):
|
||||||
|
|
@ -101,11 +114,26 @@ class GatherAccountsFilter:
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def windows_filter(info):
|
def windows_filter(info):
|
||||||
info = info[4:-2]
|
|
||||||
result = {}
|
result = {}
|
||||||
for i in info:
|
for user_details in info['user_details']:
|
||||||
for username in i.split():
|
user_info = {}
|
||||||
result[username] = {}
|
lines = user_details['stdout_lines']
|
||||||
|
for line in lines:
|
||||||
|
if not line.strip():
|
||||||
|
continue
|
||||||
|
parts = line.split(' ', 1)
|
||||||
|
if len(parts) == 2:
|
||||||
|
key, value = parts
|
||||||
|
user_info[key.strip()] = value.strip()
|
||||||
|
user = {
|
||||||
|
'username': user_info.get('User name', ''),
|
||||||
|
'groups': user_info.get('Global Group memberships', ''),
|
||||||
|
'date_password_change': parse_date(user_info.get('Password last set', '')),
|
||||||
|
'date_password_expired': parse_date(user_info.get('Password expires', '')),
|
||||||
|
'date_last_login': parse_date(user_info.get('Last logon', '')),
|
||||||
|
'can_change_password': user_info.get('User may change password', 'Yes')
|
||||||
|
}
|
||||||
|
result[user['username']] = user
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def run(self, method_id_meta_mapper, info):
|
def run(self, method_id_meta_mapper, info):
|
||||||
|
|
|
||||||
|
|
@ -1,14 +1,32 @@
|
||||||
- hosts: demo
|
- hosts: demo
|
||||||
gather_facts: no
|
gather_facts: no
|
||||||
tasks:
|
tasks:
|
||||||
- name: Gather windows account
|
- name: Run net user command to get all users
|
||||||
ansible.builtin.win_shell: net user
|
win_shell: net user
|
||||||
register: result
|
register: user_list_output
|
||||||
ignore_errors: true
|
|
||||||
|
|
||||||
- name: Define info by set_fact
|
- name: Parse all users from net user command
|
||||||
ansible.builtin.set_fact:
|
set_fact:
|
||||||
info: "{{ result.stdout_lines }}"
|
all_users: >-
|
||||||
|
{%- set users = [] -%}
|
||||||
|
{%- for line in user_list_output.stdout_lines -%}
|
||||||
|
{%- if loop.index > 4 and line.strip() != "" and not line.startswith("The command completed") -%}
|
||||||
|
{%- for user in line.split() -%}
|
||||||
|
{%- set _ = users.append(user) -%}
|
||||||
|
{%- endfor -%}
|
||||||
|
{%- endif -%}
|
||||||
|
{%- endfor -%}
|
||||||
|
{{ users }}
|
||||||
|
|
||||||
|
- name: Run net user command for each user to get details
|
||||||
|
win_shell: net user {{ item }}
|
||||||
|
loop: "{{ all_users }}"
|
||||||
|
register: user_details
|
||||||
|
ignore_errors: yes
|
||||||
|
|
||||||
|
- set_fact:
|
||||||
|
info:
|
||||||
|
user_details: "{{ user_details.results }}"
|
||||||
|
|
||||||
- debug:
|
- debug:
|
||||||
var: info
|
var: info
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue