%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /proc/thread-self/root/proc/3522530/root/lib/python2.7/site-packages/salt/states/
Upload File :
Create Path :
Current File : //proc/thread-self/root/proc/3522530/root/lib/python2.7/site-packages/salt/states/win_lgpo.pyo

�
���^c@@s�dZddlmZmZmZddlZddlZddlZddl	Zddl
mZeje
�ZdZidd6Zd�Zd	�Zdddded
d�ZdS(u5
Manage Windows Local Group Policy
=================================

.. versionadded:: 2016.11.0

This state allows configuring local Windows Group Policy

The state can be used to ensure the setting of a single policy or multiple policies in one pass.

Single policies must specify the policy name, the setting, and the policy class (Machine/User/Both)

Example single policy configuration

.. code-block:: yaml

    Ensure Account Lockout Duration:
      lgpo.set:
        - name: Account lockout duration
        - setting: 90
        - policy_class: Machine

.. code-block:: yaml

    Account lockout duration:
      gpo.set:
        - setting: 120
        - policy_class: Machine

Multiple policy configuration

.. code-block:: yaml

    Company Local Group Policy:
        lgpo.set:
            - computer_policy:
                Deny logon locally: Guest
                Account lockout duration: 120
                Account lockout threshold: 10
                Reset account lockout counter after: 1440
                Enforce password history: 24
                Maximum password age: 60
                Minimum password age: 1
                Minimum password length: 14
                Password must meet complexity requirements: Enabled
                Store passwords using reversible encryption: Disabled
                Configure Automatic Updates:
                    Configure automatic updating: 4 - Auto download and schedule the intsall
                    Scheduled install day: 7 - Every Saturday
                    Scheduled install time: 17:00
                Specify intranet Microsoft update service location:
                    Set the intranet update service for detecting updates: http://mywsus
                    Set the intranet statistics server: http://mywsus
            - user_policy:
                Do not process the legacy run list: Enabled

.. code-block:: text

    server_policy:
      lgpo.set:
        - computer_policy:
            Maximum password age: 60
            Minimum password age: 1
            Minimum password length: 14
            Account lockout duration: 1440
            Account lockout threshold: 10
            Reset account lockout counter after: 1440
            Manage auditing and security log:
              - "BUILTIN\Administrators"
            Replace a process level token:
              - "NT AUTHORITY\NETWORK SERVICE"
              - "NT AUTHORITY\LOCAL SERVICE"
            "Accounts: Guest account status": Disabled
            "Accounts: Rename guest account": Not_4_U
            "Audit: Audit the use of Backup and Restore privilege": Enabled
            "Interactive logon: Do not display last user name": Enabled
            "Network\DNS Client\Dynamic update": Disabled
            "System\Logon\Do not display the Getting Started welcome screen at logon": Enabled
            "Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Select RDP transport protocols":
                "Select Transport Type": "Use both UDP and TCP"
            "Windows Components\Windows Update\Allow Automatic Updates immediate installation": Enabled
            "Windows Components\Windows Update\Allow non-administrators to receive update notifications": Disabled
            "Windows Components\Windows Update\Always automatically restart at the scheduled time":
                "The restart timer will give users this much time to save their work (minutes)": 15
            "Windows Components\Windows Update\Automatic Updates detection frequency":
                "Check for updates at the following interval (hours)": 1
            "Windows Components\Windows Update\Configure Automatic Updates":
                "Configure automatic updating": 4 - Auto download and schedule the install
                "Install during automatic maintenance": False
                "Scheduled install day": 7 - Every Saturday
                "Scheduled install time": "17:00"
            "Windows Components\Windows Update\Delay Restart for scheduled installations":
                "Wait the following period before proceeding with a scheduled restart (minutes)": 1
            "Windows Components\Windows Update\No auto-restart with logged on users for scheduled automatic updates installations": Disabled
            "Windows Components\Windows Update\Re-prompt for restart with scheduled installations":
                "Wait the following period before prompting again with a scheduled restart (minutes)": 30
            "Windows Components\Windows Update\Reschedule Automatic Updates scheduled installations": Disabled
            "Windows Components\Windows Update\Specify intranet Microsoft update service location":
                "Set the intranet update service for detecting updates": http://mywsus
                "Set the intranet statistics server": http://mywsus
        - cumulative_rights_assignments: True

i(tabsolute_importtunicode_literalstprint_functionN(tsixulgpousetuset_cC@sdtkrtStS(u7
    load this state if the win_lgpo module exists
    ulgpo.set(t__salt__t__virtualname__tFalse(((s8/usr/lib/python2.7/site-packages/salt/states/win_lgpo.pyt__virtual__{scC@s�t|tj�r||kSt|t�r]t|t�rVtjjj||�ikStSnAt|t	�r�t|t	�r�tjjj
||�ikStSndS(ue
    Helper function that returns ``True`` if the policies are the same,
    otherwise ``False``
    N(t
isinstanceRtstring_typestlisttsalttutilstdatat
compare_listsRtdictt
compare_dicts(t
new_policytcurrent_policy((s8/usr/lib/python2.7/site-packages/salt/states/win_lgpo.pyt_compare_policies�s


uen-USc!C@s�i|d6td6id6dd6}dddd	g}|rq|rq|rqd
}	|	d}	t|d<|	|d<|S|r�|r�d}	t|d<|	|d<|S|r�|s�|r�d
}	|	d}	|	d}	t|d<|	|d<|S|r|j�|krd}	t|d<|	|d<|S|s�|r1|r1d	}n|r@d}n|rOd}n|r�t|t�r�d}	t|d<|	|d<|S|r?t|t�r?d}	t|d<|	|d<|Sn�i}i}|j�d	kr�|||<|||<nP|j�dkr|||<n1|j�dks2|j�dkr?|||<ni}
idd6|d6id6|
d<idd6|d6id6|
d<x�tj|
�D]�\}}|dr�x�tj|d�D]o\}
}td|
|d|�}|dr||
|d|
<q�dj|d|dg�|d<t|d<q�Wq�q�W|dsE|Stdd|d|dt�}t	j
d |�g}x4tj|
�D]#\}}d:}|r�|d|kr�x�tj|d�D]�\}
}t}|
||dkr�t}|
}n�|
j�d!�||dD�krcx�||dD].}|
j�|j�kr.t}|}Pq.q.WnQxN|d|
d"D]:}t	j
d#|�|||dkrvt}|}PqvqvW|r�t	j
d$|
�t}tj
jj|d|
d%t�j�}tj
jj||d|d%t�j�}tj
jj|�}tj
jj|�}t||�}|s[g}|d|
d&r�|r�xV|d|
D]=}|||d|kr�t}q�|jd'j|��q�Wnt}|rt	j
d(|
�t	j
d)||�|j|
�q�|r=d*j|
d+j|��|d<q�d,j|
�|d|d<q�t	j
d-|
�d,j|
�|d|d<q�|j|
�t	j
d.|
�q�Wq�q�Wtd/r�|r�d:|d<d0jd1j|��|d<q�d2|d<n�|r�td3d4|d5|d6|d|�} | r�| |d<tj
jj|tdd|d|dt��|d<|dr�d7jd1j|��|d<q�d8jd1j|��|d<q�t|d<d9j| �|d<n|S(;u�
    Ensure the specified policy is set

    name
        the name of a single policy to configure

    setting
        the configuration setting for the single named policy
        if this argument is used the computer_policy/user_policy arguments will be ignored

    policy_class
        the policy class of the single named policy to configure
        this can "machine", "user", or "both"

    computer_policy
        a dict of policyname: value pairs of a set of computer policies to configure
        if this argument is used, the name/setting/policy_class arguments will be ignored

    user_policy
        a dict of policyname: value pairs of a set of user policies to configure
        if this argument is used, the name/setting/policy_class arguments will be ignored

    cumulative_rights_assignments
        determine if any user right assignment policies specified will be cumulative
        or explicit

    adml_language
        the adml language to use for AMDX policy data/display conversions
    unameuresultuchangesuucommentumachineucomputeruuserubothuGAt least one of the parameters setting, computer_policy, or user_policyu must be specified.uMA single policy setting was specified but the policy_class was not specified.uVThe setting and computer_policy/user_policy parameters are mutually exclusive.  PleaseuQ specify either a policy name and setting or a computer_policy and/or user_policyu dictu<The policy_class parameter must be one of the following: {0}u0The computer_policy must be specified as a dict.u,The user_policy must be specified as a dict.uUser Configurationuoutput_sectionurequested_policyu
policy_lookupuComputer Configurationulgpo.get_policy_infot
adml_languageupolicy_foundu umessageulgpo.gettpolicy_classthierarchical_returnucurrent policy == %scs@s|]}|j�VqdS(N(tlower(t.0tk((s8/usr/lib/python2.7/site-packages/salt/states/win_lgpo.pys	<genexpr>supolicy_aliasesuchecking alias %su0need to compare %s from current/requested policyt	sort_keysurights_assignmentu""{0}" is already granted the rightu%%s current policy != requested policyuwe compared %s to %su"{0}" is already set ({1})
u, u"{0}" is already set
u0%s current setting matches the requested settingu*policy %s is not set, we will configure itutestu-The following policies are set to change:
{0}u
u.All specified policies are properly configuredulgpo.settcomputer_policytuser_policytcumulative_rights_assignmentsu#The following policies changed:
{0}u4The following policies are in the correct state:
{0}u;Errors occurred while attempting to configure policies: {0}N(tTrueRRRRRt	iteritemsRtjointlogtdebugtNoneRRtjsontdumpstloadsRtappendtformatt__opts__t
dictdiffert	deep_diff(!tnametsettingRRRRRtrettpolicy_classestmsgtpol_datatp_classtp_datatpolicy_nametpolicy_settingtlookupRtpolicy_changestpolicy_sectiontpolicy_datatpol_idt
currently_settp_nametaliastchangestrequested_policy_jsontcurrent_policy_jsontrequested_policy_checktcurrent_policy_checktpolicies_are_equaltadditional_policy_commentstusert_ret((s8/usr/lib/python2.7/site-packages/salt/states/win_lgpo.pytset_�s<$













			






$



 
	
!
	 	$	)-		
"	
	


	


(t__doc__t
__future__RRRtloggingtsalt.utils.dataRtsalt.utils.dictdiffertsalt.utils.jsontsalt.extRt	getLoggert__name__R!Rt__func_alias__RRR#RRG(((s8/usr/lib/python2.7/site-packages/salt/states/win_lgpo.pyt<module>hs"
		

Zerion Mini Shell 1.0