diff options
author | Adam Edwards <adamed@opscode.com> | 2013-06-25 08:29:18 -0700 |
---|---|---|
committer | Adam Edwards <adamed@opscode.com> | 2013-06-25 08:29:18 -0700 |
commit | 0bbca25e15aea90c3802feb425a0b11194fadf9e (patch) | |
tree | 17cbe1b5b7f7b9c77f487ec9c695e2fefee5b6ec | |
parent | a85200206e8f6c7165cd9e0e47a294b76be278a2 (diff) | |
parent | 003b3ee70fa17dbb0b538f25684480a49dd19333 (diff) | |
download | chef-0bbca25e15aea90c3802feb425a0b11194fadf9e.tar.gz |
Merge pull request #855 from opscode/adamed-8391-password-policy
OC-8391: Chef::Provider::User::Windows fails with local password policies
-rw-r--r-- | lib/chef/util/windows/net_user.rb | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/lib/chef/util/windows/net_user.rb b/lib/chef/util/windows/net_user.rb index 97d8f33834..eb68f6cebc 100644 --- a/lib/chef/util/windows/net_user.rb +++ b/lib/chef/util/windows/net_user.rb @@ -37,9 +37,14 @@ class Chef::Util::Windows::NetUser < Chef::Util::Windows #[:symbol_name, default_val] #default_val duals as field type #array index duals as structure offset + + #OC-8391 + #Changing [:password, nil], to [:password, ""], + #if :password is set to nil, windows user creation api ignores the password policy applied + #thus initializing it with empty string value. USER_INFO_3 = [ [:name, nil], - [:password, nil], + [:password, ""], [:password_age, 0], [:priv, 0], #"The NetUserAdd and NetUserSetInfo functions ignore this member" [:home_dir, nil], @@ -183,12 +188,20 @@ class Chef::Util::Windows::NetUser < Chef::Util::Windows def disable_account user_modify do |user| user[:flags] |= UF_ACCOUNTDISABLE + #This does not set the password to nil. It (for some reason) means to ignore updating the field. + #See similar behavior for the logon_hours field documented at + #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx + user[:password] = nil end end def enable_account user_modify do |user| user[:flags] &= ~UF_ACCOUNTDISABLE + #This does not set the password to nil. It (for some reason) means to ignore updating the field. + #See similar behavior for the logon_hours field documented at + #http://msdn.microsoft.com/en-us/library/windows/desktop/aa371338%28v=vs.85%29.aspx + user[:password] = nil end end |