How to add users to any one of the policy in local security policy settings
chef client version 11.18.12
I am unsure if there is a chef resource for this, and as such, I am using the batch resource.
I would take a look at using the NTRights utility as per this page
You could do it like so:
batch 'seservicelogonright' do
code <<-EOH
ntrights -u "#{myusername}" +r SeServiceLogonRight
EOH
end
Here is some more information on the usage of the NTRights utility.
There are a couple chef libary functions that may help:
# Add 'SeAssignPrimaryTokenPrivilege' for the user
Chef::ReservedNames::Win32::Security.add_account_right('<user>', 'SeAssignPrimaryTokenPrivilege')
# Check if the user has 'SeAssignPrimaryTokenPrivilege' rights
Chef::ReservedNames::Win32::Security.get_account_right('<user>').include?('SeAssignPrimaryTokenPrivilege')
1 Like
@Matt_Wrock - Good info - Where would I also find this information for future reference?
Ideally we would expose a ueser rights assignment resource and that would be added to the docs. As it stands now this is just a utility function we use inside of chef. I wrote it and so I so happen to know about it. I realize thats a terrible answer, but the full resource has not been prioritized.
HAHA - As terrible as the answer may be - Thanks for the honesty.
I guess there is also the possibility of using a custom library within the cookbook? guessing this could be a pain when another also requires the same
function within a separate cookbook?