blob: 3c787f3217001a8280ba8eae1368ef4dc68a8f6e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
|
---
- name: create profile (check mode)
win_user_profile:
username: '{{ test_username }}'
state: present
register: create_profile_check
check_mode: True
- name: check if profile was created (check mode)
win_stat:
path: C:\Users\{{ test_username }}
register: create_profile_actual_check
- name: assert create profile (check mode)
assert:
that:
- create_profile_check is changed
- create_profile_check.path|lower == "c:\\users\\" + test_username
- not create_profile_actual_check.stat.exists
- name: create profile
win_user_profile:
username: '{{ test_username }}'
state: present
register: create_profile
- name: check if profile was created
win_stat:
path: C:\Users\{{ test_username }}
register: create_profile_actual
- name: assert create profile
assert:
that:
- create_profile is changed
- create_profile.path|lower == "c:\\users\\" + test_username
- create_profile_actual.stat.exists
- name: create profile (idempotent)
win_user_profile:
username: '{{ test_username }}'
state: present
register: create_profile_again
- name: assert create profile (idempotent)
assert:
that:
- not create_profile_again is changed
- create_profile_again.path|lower == "c:\\users\\" + test_username
- name: remove profile (check mode)
win_user_profile:
username: '{{ test_username }}'
state: absent
register: remove_profile_check
check_mode: True
- name: check if profile was removed (check mode)
win_stat:
path: C:\Users\{{ test_username }}
register: remove_profile_actual_check
- name: assert remove profile (check mode)
assert:
that:
- remove_profile_check is changed
- remove_profile_check.path|lower == "c:\\users\\" + test_username
- remove_profile_actual_check.stat.exists
- name: remove profile
win_user_profile:
username: '{{ test_username }}'
state: absent
register: remove_profile
- name: check if profile was removed
win_stat:
path: C:\Users\{{ test_username }}
register: remove_profile_actual
- name: assert remove profile
assert:
that:
- remove_profile is changed
- remove_profile.path|lower == "c:\\users\\" + test_username
- not remove_profile_actual.stat.exists
- name: remove profile (idempotent)
win_user_profile:
username: '{{ test_username }}'
state: absent
register: remove_profile_again
- name: assert remove profile (idempotent)
assert:
that:
- not remove_profile_again is changed
- remove_profile_again.path == None
- name: create profile with specific base path
win_user_profile:
username: '{{ test_username }}'
name: test_username_profile
state: present
register: create_profile_basename
- name: check if profile with specific base path was created
win_stat:
path: C:\Users\test_username_profile
register: create_profile_basename_actual
- name: assert create profile with specific base path
assert:
that:
- create_profile_basename is changed
- create_profile_basename.path|lower == "c:\\users\\test_username_profile"
- create_profile_basename_actual.stat.exists
- name: remove profile with specific base path
win_user_profile:
username: '{{ test_username }}'
state: absent
register: remove_profile_basename
- name: check if profile with specific base path was removed
win_stat:
path: C:\Users\test_username_profile
register: remove_profile_basename_actual
- name: assert remove profile with specific base path
assert:
that:
- remove_profile_basename is changed
- remove_profile_basename.path|lower == "c:\\users\\test_username_profile"
- not remove_profile_basename_actual.stat.exists
- name: create dummy profile folder
win_file:
path: C:\Users\{{ test_username }}
state: directory
- block:
- name: create profile folder with conflict (check mode)
win_user_profile:
username: '{{ test_username }}'
state: present
register: create_profile_conflict_check
check_mode: True
- name: get result of create profile folder with conflict (check mode)
win_stat:
path: C:\Users\{{ test_username }}.000
register: create_profile_conflict_actual_check
- name: assert create profile folder with conflict (check mode)
assert:
that:
- create_profile_conflict_check is changed
# The check mode path calc is dumb, doesn't check for conflicts
- create_profile_conflict_check.path|lower == "c:\\users\\" + test_username
- not create_profile_conflict_actual_check.stat.exists
- name: create profile folder with conflict
win_user_profile:
username: '{{ test_username }}'
state: present
register: create_profile_conflict
- name: get result of create profile with conflict
win_stat:
path: C:\Users\{{ test_username }}.000
register: create_profile_conflict_actual
- name: assert create profile folder with conflict
assert:
that:
- create_profile_conflict is changed
- create_profile_conflict.path|lower == "c:\\users\\" + test_username + ".000"
- create_profile_conflict_actual.stat.exists
- name: remove profile with conflict
win_user_profile:
username: '{{ test_username }}'
state: absent
register: remove_profile_conflict
- name: get result of profile folder after remove
win_stat:
path: C:\Users\{{ test_username }}.000
register: remove_profile_conflict_actual
- name: get result of dummy folder after remove
win_stat:
path: C:\Users\{{ test_username }}
register: remove_profile_conflict_dummy
- name: assert remove profile with conflict
assert:
that:
- remove_profile_conflict is changed
- remove_profile_conflict.path|lower == "c:\\users\\" + test_username + ".000"
- not remove_profile_conflict_actual.stat.exists
- remove_profile_conflict_dummy.stat.exists
always:
- name: remove dummy profile folder
win_file:
path: C:\Users\{{ test_username }}
state: absent
- name: create profile for deleted user by sid test
win_user_profile:
username: '{{ test_username_info.sid }}'
state: present
- name: delete user for deleted user with sid test
win_user:
name: '{{ test_username }}'
state: absent
- name: remove profile for remove profile by sid test
win_user_profile:
username: '{{ test_username_info.sid }}'
state: absent
register: remove_profile_deleted_sid
- name: check if profile was deleted for deleted user using a SID
win_stat:
path: C:\Users\{{ test_username }}
register: remove_profile_deleted_sid_actual
- name: assert remove profile for deleted user using a SID
assert:
that:
- remove_profile_deleted_sid is changed
- remove_profile_deleted_sid.path|lower == "c:\\users\\" + test_username
- not remove_profile_deleted_sid_actual.stat.exists
- name: recreate user for deleted user by name test
win_user:
name: '{{ test_username }}'
password: '{{ test_password }}'
state: present
register: test_orphan_user1
- name: create profile for deleted user by name test
win_user_profile:
username: '{{ test_username }}'
state: present
- name: delete user for remove profile by name test
win_user:
name: '{{ test_username }}'
state: absent
- name: remove profile for deleted user using a name
win_user_profile:
name: '{{ test_username }}'
state: absent
register: remove_profile_deleted_name
- name: check if profile was deleted for deleted user using a name
win_stat:
path: C:\Users\{{ test_username }}
register: remove_profile_deleted_name_actual
- name: assert remove profile for deleted user using a name
assert:
that:
- remove_profile_deleted_name is changed
- remove_profile_deleted_name.path|lower == "c:\\users\\" + test_username
- not remove_profile_deleted_name_actual.stat.exists
- name: remove profile for deleted user using a name (idempotent)
win_user_profile:
name: '{{ test_username }}'
state: absent
register: remove_profile_deleted_name_again
- name: assert remove profile for deleted user using a name (idempotent)
assert:
that:
- not remove_profile_deleted_name_again is changed
- name: recreate user for remove multiple user test
win_user:
name: '{{ test_username }}'
password: '{{ test_password }}'
state: present
register: test_orphan_user1
- name: create new profile for remove multiple user test
win_user_profile:
username: '{{ test_username }}'
state: present
register: orphan_user1_profile
- name: remove user 1 for remove multiple user test
win_user:
name: '{{ test_username }}'
state: absent
# win_file has issues with paths exceeding MAX_PATH, need to use rmdir instead
- name: remove profile folder for user 1
win_shell: rmdir /S /Q {{ orphan_user1_profile.path}}
args:
executable: cmd.exe
- name: create user 2 for remove multiple user test
win_user:
name: '{{ test_username }}'
password: '{{ test_password }}'
state: present
register: test_orphan_user2
- name: create new profile for orphan user 2
win_user_profile:
username: '{{ test_username }}'
state: present
register: orphan_user2_profile
- name: remove orphan user 2 for remove multiple user test
win_user:
name: '{{ test_username }}'
state: present
- name: fail to remove multiple profiles without flag
win_user_profile:
name: '{{ test_username }}'
state: absent
register: fail_remove_multiple
ignore_errors: True
- name: check if profile was removed
win_stat:
path: C:\Users\{{ test_username }}
register: fail_remove_multiple_actual
- name: assert that profile was not actually deleted
assert:
that:
- fail_remove_multiple.msg == "Found multiple profiles matching the path 'C:\\Users\\" + test_username + "', set 'remove_multiple=True' to remove all the profiles for this match"
- fail_remove_multiple_actual.stat.exists
- name: remove multiple profiles
win_user_profile:
name: '{{ test_username }}'
state: absent
remove_multiple: True
register: remove_multiple
- name: get result of remove multiple profiles
win_stat:
path: C:\Users\{{ test_username }}
register: remove_multiple_actual
- name: check that orphan user 1 reg profile has been removed
win_reg_stat:
path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\{{ test_orphan_user1.sid }}
register: remove_orphan1_actual
- name: check that orphan user 2 reg profile has been removed
win_reg_stat:
path: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\{{ test_orphan_user2.sid }}
register: remove_orphan2_actual
- name: assert remove multiple profiles
assert:
that:
- remove_multiple is changed
- remove_multiple.path|lower == "c:\\users\\" + test_username
- not remove_multiple_actual.stat.exists
- not remove_orphan1_actual.exists
- not remove_orphan2_actual.exists
|
