Détails du package

smp-audit-local-admins

retour Revenir à la liste des packages

smp-audit-local-admins

Fichier control :

package           : smp-audit-local-admins
version           : 25
architecture      : all
section           : base
priority          : optional
name              : 
categories        : 
maintainer        : Simon Fonteneau
description       : Audit local administrators
depends           : 
conflicts         : 
maturity          : 
locale            : 
target_os         : windows
min_os_version    : 
max_os_version    : 
min_wapt_version  : 
sources           : 
installed_size    : 
impacted_process  : 
description_fr    : Audit les administateurs locaux
description_pl    : 
description_de    : 
description_es    : 
description_pt    : 
description_it    : 
description_nl    : 
description_ru    : 
audit_schedule    : 60
editor            : 
keywords          : 
licence           : 
homepage          : 
package_uuid      : 3678728f-9432-49dd-92b5-18e810e09d91
valid_from        : 
valid_until       : 
forced_install_on : 
changelog         : 
signer            : wapt.lesfourmisduweb.org
signer_fingerprint: 1e54425be03a2a3ea1a264b40d984c31f17a6a489a3b722acb993cbf6561e903
signature         : sRxg5vbLcXf4k5lucEBNiuQY+65Uii1AbUmxOwZFwe8XlIueG+jxZXgpvhXIsKdPcv+qV9oZ7eDviyv2G75ig2xs6fvvHR6nxads3m5Wbf94bN55xQDBJnnEcD1j7GzT1wqI/WfsTKZRe/+IAg+hBOtpuc4SqihrU9rGzE7akZT82pbnLoEr1ar24H3RnIuMZIbLWVLDZN1Fpj5FI23eA75Vn68BGzOfVApRU4m4Yt1m4Jv28uzEkgzvZ/QSKfmZ/8luIZmyJWbJYO1inafjbKtxf/0g23AsXYkQVYR0KQ6Avkk2l9gK3xMDXm5flwIVMNUsLQG06MnhWIuaocG9tA==
signature_date    : 2020-07-04T01:18:15.968164
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_os_version,max_os_version,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,signer,signer_fingerprint,signature_date,signed_attributes



Fichier setup.py :

# -*- coding: utf-8 -*-
from setuphelpers import *
import win32security
import win32net
import os

uninstallkey = []

#Give domain Name
domain_name = os.environ['USERDOMAIN']

#define allowed user in admin list
allow_admins_list = ['%s\\tisadmin' % get_computername(), r'%s\tis-adm' % domain_name]


def install():
    pass

def audit():

    #domain admins group name
    name_group_admin = get_name_with_sid('S-1-5-32-544')

    #local user administrator group name
    local_administrator = str(get_computername() + '\\' + get_name_with_sid(win32security.ConvertSidToStringSid(win32net.NetUserModalsGet(get_computername(), 2)['domain_id']) + '-500')).lower()

    #allowed for local administror user and domain name ...
    allow_admin = [local_administrator, domain_name.lower() + '\\' ]

    # Try add "domain admins" group in allow admin list
    try:
        allow_admin.append(str('%s\\%s'.lower() % (domain_name,get_name_with_sid('%s-512' % get_domain_sid()))).lower())
    except:
        print('Domain Controleur unavailed ?')
        pass

    #convert allow_admins_list in lower and add in allow_admin liste
    newlist = []
    for l in allow_admins_list:
        newlist.append(l.lower())
    allow_admin.extend(newlist)


    # print bad user in admin list
    listerror =  []
    admins_users  = local_group_members(name_group_admin)
    for user in admins_users:
        if not user.lower() in allow_admin:
            listerror.append(user)
    if listerror:
        print ('Bad user in admin list %s' %  ','.join(listerror) )
        return 'ERROR'
    print('List admins user : %s' % ' '.join(admins_users))
    return 'OK'


# Get Name With SID
def get_name_with_sid(sid):
    sid = win32security.GetBinarySid(sid)
    name, domain, typ = win32security.LookupAccountSid(wincomputername(), sid)
    return name


# Found Domain SID
def get_domain_sid():
    umi2 = win32net.NetUserModalsGet(win32net.NetGetDCName(), 2)
    domain_sid = umi2['domain_id']
    return win32security.ConvertSidToStringSid(domain_sid)