diff options
| author | Tim Smith <tsmith@chef.io> | 2020-05-12 16:04:06 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-12 16:04:06 -0700 |
| commit | 2a9615da1380868090f87d73bf1c5167297beefa (patch) | |
| tree | e7282689ac7b556941665a90c63e6930152fd3ae | |
| parent | 3584adcbfea1896ad72b03a7a60a70666873bd35 (diff) | |
| parent | 79723f084c57778c4a4fd2d08c891a3c175005e1 (diff) | |
| download | chef-2a9615da1380868090f87d73bf1c5167297beefa.tar.gz | |
Merge pull request #9842 from chef/im/update_resource_doc_examples
Add examples to windows_security_policy
| -rw-r--r-- | lib/chef/resource/windows_security_policy.rb | 29 | ||||
| -rw-r--r-- | lib/chef/resource/windows_user_privilege.rb | 42 |
2 files changed, 71 insertions, 0 deletions
diff --git a/lib/chef/resource/windows_security_policy.rb b/lib/chef/resource/windows_security_policy.rb index fdbbc9c0a6..ffcbb8d139 100644 --- a/lib/chef/resource/windows_security_policy.rb +++ b/lib/chef/resource/windows_security_policy.rb @@ -43,6 +43,35 @@ class Chef description "Use the **windows_security_policy** resource to set a security policy on the Microsoft Windows platform." introduced "16.0" + examples <<~DOC + **Set Administrator Account to Enabled**: + + ```ruby + windows_security_policy 'EnableAdminAccount' do + secvalue '1' + action :set + end + ``` + + **Rename Administrator Account**: + + ```ruby + windows_security_policy 'NewAdministratorName' do + secvalue 'AwesomeChefGuy' + action :set + end + ``` + + **Set Guest Account to Disabled**: + + ```ruby + windows_security_policy 'EnableGuestAccount' do + secvalue '0' + action :set + end + ``` + DOC + property :secoption, String, name_property: true, required: true, equal_to: policy_names, description: "The name of the policy to be set on windows platform to maintain its security." diff --git a/lib/chef/resource/windows_user_privilege.rb b/lib/chef/resource/windows_user_privilege.rb index b64de5368a..f159b20226 100644 --- a/lib/chef/resource/windows_user_privilege.rb +++ b/lib/chef/resource/windows_user_privilege.rb @@ -72,6 +72,48 @@ class Chef introduced "16.0" + examples <<~DOC + **Set the SeNetworkLogonRight Privilege for the Builtin Administrators Group and Authenticated Users**: + + ```ruby + windows_user_privilege 'Netowrk Logon Rights' do + privilege 'SeNetworkLogonRight' + users ['BUILTIN\Administrators', 'NT AUTHORITY\Authenticated Users'] + action :set + end + ``` + + **Add the SeDenyRemoteInteractiveLogonRight Privilege to the Builtin Guests and Local Accounts User Groups**: + + ```ruby + windows_user_privilege 'Remote interactive logon' do + privilege 'SeDenyRemoteInteractiveLogonRight' + users ['Builtin\Guests', 'NT AUTHORITY\Local Account'] + action :add + end + ``` + + **Provide only the Builtin Guests and Administrator Groups with the SeCreatePageFile Privilege**: + + ```ruby + windows_user_privilege 'Create Pagefile' do + privilege 'SeCreatePagefilePrivilege' + users ['BUILTIN\Guests', 'BUILTIN\Administrators'] + action :set + end + ``` + + **Remove the SeCreatePageFile Privilege from the Builtin Guests Group**: + + ```ruby + windows_user_privilege 'Create Pagefile' do + privilege 'SeCreatePagefilePrivilege' + users ['BUILTIN\Guests'] + action :remove + end + ``` + DOC + property :principal, String, description: "An optional property to add the user to the given privilege. Use only with add and remove action.", name_property: true |