tis-audit-local-admins

26
Audit local administrators
1187 downloads
Download

  Description 

  • package : tis-audit-local-admins
  • version : 26
  • architecture : all
  • categories :
  • maintainer : Simon Fonteneau
  • description : Audit local administrators
  • locale :
  • target_os :
  • min_os_version :
  • max_os_version :
  • min_wapt_version :
  • sources :
  • installed_size :
  • impacted_process :
  • description_fr : Audit les administateurs locaux
  • description_pl :
  • description_de :
  • description_es :
  • description_pt :
  • description_it :
  • description_nl :
  • description_ru :
  • editor :
  • licence :
  • signature_date : 2020-02-27T21:28:29.283448

  Setup.py 

# -*- coding: utf-8 -*-
from setuphelpers import *
import win32security
import win32net
import os

uninstallkey = []

#Give domain Name
domain_name = os.environ['USERDOMAIN']

#define allowed user in admin list
allow_admins_list = ['%s\\tisadmin' % get_computername(), r'%s\tis-adm' % domain_name]


def install():
    pass

def audit():

    #domain admins group name
    name_group_admin = get_name_with_sid('S-1-5-32-544')

    #local user administrator group name
    local_administrator = str(get_computername() + '\\' + get_name_with_sid(win32security.ConvertSidToStringSid(win32net.NetUserModalsGet(get_computername(), 2)['domain_id']) + '-500')).lower()

    #allowed for local administror user and domain name ...
    allow_admin = [local_administrator, domain_name.lower() + '\\' ]

    # Try add "domain admins" group in allow admin list
    try:
        allow_admin.append(str('%s\\%s'.lower() % (domain_name,get_name_with_sid('%s-512' % get_domain_sid()))).lower())
    except:
        print('Domain Controleur unavailed ?')
        pass

    #convert allow_admins_list in lower and add in allow_admin liste
    newlist = []
    for l in allow_admins_list:
        newlist.append(l.lower())
    allow_admin.extend(newlist)


    # print bad user in admin list
    listerror =  []
    admins_users  = local_group_members(name_group_admin)
    for user in admins_users:
        if not user.lower() in allow_admin:
            listerror.append(user)
    if listerror:
        print ('Bad user in admin list %s' %  ','.join(listerror) )
        return 'ERROR'
    print('List admins user : %s' % ' '.join(admins_users))
    return 'OK'


# Get Name With SID
def get_name_with_sid(sid):
    sid = win32security.GetBinarySid(sid)
    name, domain, typ = win32security.LookupAccountSid(wincomputername(), sid)
    return name


# Found Domain SID
def get_domain_sid():
    umi2 = win32net.NetUserModalsGet(win32net.NetGetDCName(), 2)
    domain_sid = umi2['domain_id']
    return win32security.ConvertSidToStringSid(domain_sid)



										

  Changelog 


No changelog
  manifest.sha256 
[["setup.py","937cd5b0ffc5270dd2f742ac83a221bb23e0b529eac544d0d47d784335bddd71"],["WAPT/certificate.crt","a5a97261381e1d0ad46ee15916abec9c2631d0201f5cc50ceb0197a165a0bbbf"],["WAPT/icon.png","4e424cf16b749d1dff5b232130000cd4b633399ee5dddce76f8d8a95117ae105"],["WAPT/control","b8bb2c212426d6b421ba3d33a4a14af044212115c69f08565326868c7efb4609"],["WAPT/wapt.psproj","510d3af6fcf8f2eae5db684bb830ea9845576e76872b9b10854efaea6e4a4cd8"]]