sys-admin 1.4.3-x86-mswin32-60

data/doc/sys-admin-windows.txt

@@ -0,0 +1,330 @@
+= Description
+A unified, cross-platform replacement for the Etc module that allows you to
+get information about users and groups.
+
+= Synopsis
+   require 'sys/admin'
+   include Sys
+
+   Admin.get_login           # -> 'djberge'
+   Admin.get_user('djberge') # -> Admin::User object
+   Admin.get_group(501)      # -> Admin::Group object
+
+   # Iterate over all users
+   Admin.users do |usr|
+      p usr
+   end
+
+   # Iterate over all groups
+   Admin.groups do |grp|
+      p grp
+   end
+
+= Constants
+== Sys::Admin
+VERSION
+   The version of this package, returned as a String.
+
+== Sys::Admin::User
+TEMP_DUPLICATE
+   An account for users whose primary account is in another domain.
+
+NORMAL
+   Default account type that represents a typical user.
+
+INTERDOMAIN_TRUST
+   A permit to trust account for a domain that trusts other domains.
+      
+WORKSTATION_TRUST
+   An account for a Windows NT/2000 workstation or server that is a member
+   member of this domain.
+      
+SERVER_TRUST
+   A computer account for a backup domain controller that is a member of this
+   domain.
+
+= Class Methods
+== Sys::Admin
+Admin.add_global_group(group, domain)
+   Adds the global +group+ on +domain+.
+
+Admin.add_global_user(user, domain)
+   Adds the global +user+ on +domain+.
+
+Admin.add_local_group(group, host=localhost)
+   Adds the local +group+ on +host+, or the localhost if no host is specified.
+
+Admin.add_local_user(user, host=localhost)
+   Adds the local +user+ on +host+, or the localhost if no host is specified.
+
+Admin.config_global_group(user, option, domain)
+   Configures +group+ on +domain+ using +options+. There are too many options
+   to list here.
+
+   See http://tinyurl.com/cjkzl for a list of valid options.
+
+Admin.config_local_group(user, option, host=localhost)
+   Configures +group+ on +host+ using +options+. There are too many options
+   to list here.
+
+   See http://tinyurl.com/cjkzl for a list of valid options.
+
+Admin.config_global_user(user, option, domain)
+   Configures +user+ on +domain+ using +options+. There are too many options
+   to list here.
+
+   See http://tinyurl.com/3hjv9 for a list of valid options.
+
+Admin.config_local_user(user, options, host=localhost)
+   Configures the local +user+ on +host+ using +options+. If no host is
+   specified, the default is localhost.
+
+   See http://tinyurl.com/3hjv9 for a list of valid options.
+
+Admin.delete_global_group(group, domain)
+   Deletes the global +group+ from +domain+.
+
+Admin.delete_global_user(user, domain)
+   Deletes the global +user+ from +domain+.
+
+Admin.delete_local_group(group, host=localhost)
+   Deletes the local +group+ from +host+, or localhost if no host is specified.
+
+Admin.delete_local_user(user, host=localhost)
+   Deletes the local +user+ from +host+, or localhost if no host is specified.
+
+Admin.get_group(name, host=localhost, local=true)
+Admin.get_group(gid, host=localhost, local=true)
+   Returns a Group object for the given name or gid. Raises an Admin::Error
+   if a group cannot be found for that name or GID.
+
+   You may specify a host from which information is retrieved.
+   The default is the local machine. You can retrieve either a global or
+   local group, depending on the value of the +local+ argument.
+
+Admin.get_login
+   Returns the user name of the current login.
+
+Admin.get_user(name, host=localhost, local=true)
+Admin.get_user(uid, host=localhost, local=true)
+   Returns a User object for the given name or uid. Raises an Admin::Error if
+   a user cannot be found for that name or user ID.
+
+   You may specify a +host+ from which information is retrieved.  The
+   default is the local machine.  You may also specify whether to
+   retrieve a local or global account. The default is local.
+
+Admin.groups(host=localhost, local=true)
+Admin.groups(host=localhost, local=true){ |grp| ... }
+   In block form, yields a Group object for each group on the system. In
+   non-block form, returns an Array of Group objects.
+
+   You may specify a +host+ from which information is retrieved. The default
+   is the local machine. You can retrieve either a global or local groups,
+   depending on the value of the +local+ argument. The default is local.
+
+Admin.users(host=localhost, local=true)
+Admin.users(host=localhost, local=true){ |grp| ... }
+   In block form, yields a User object for each group on the system. In
+   non-block form, returns an Array of User objects.
+
+   You may specify a +host+ from which information is retrieved. The default
+   is the local machine. You can retrieve either a global or local users,
+   depending on the value of the +local+ argument. The default is local.
+
+== Sys::Admin::Group
+Group.new
+Group.new{ |grp| ... }
+   Creates and returns a Group object, which encapsulates the information
+   typically found within an /etc/group entry, i.e. a struct group. If a
+   block is provided, yields the object back to the block.
+
+== Sys::Admin::User
+User.new
+User.new{ |usr| ... }
+   Creates and returns a User object, which encapsulates the information
+   typically found within an /etc/passwd entry, i.e. a struct passwd. If a
+   block is provided, yields the object back to the block.
+
+= Instance Methods
+== Sys::Admin::Group
+Group#caption
+   Short description of the group.
+
+Group#caption=
+   Sets the caption for the group. Use only when creating a new group.
+
+Group#description
+   Description of the group.
+
+Group#description=
+   Sets the description of the group. Use only when creating a new group.
+
+Group#domain
+   The name of the Windows domain to which the group account belongs.
+
+Group#domain=
+   Sets the name of the Windows domain to which the group account belongs.
+   Use only when creating a new group.
+
+Group#install_date
+   The date the group was added.
+
+Group#gid
+   The group id.
+
+Group#local?
+   Returns whether or not the group is local (vs global).
+
+Group#local=
+   Sets whether or not the group is local (vs global).
+
+Group#name
+   The name of the Windows group account on the given domain.
+
+Group#name=
+   Sets the name of the Windows group account on the given domain.
+   Use only when creating a new group.
+
+Group#sid
+   The security identifer for the group.
+
+Group#sid=
+   Sets the security identifer for the group.
+
+Group#sid_type
+   The type of security identifier as a stringified value.
+
+Group#sid_type=
+   Sets the type of security identifier as a stringified value. Use only when
+   creating a new group.
+
+   See the +constants+ section for a list of valid sid types.
+
+Group#status
+   Current status for the group, such as "ok", "error", etc.
+
+Group#status=
+   Sets the status for the group.
+
+== Sys::Admin::User
+User#account_type
+   Returns the account type as a human readable string.
+
+User#account_type=
+   Sets the account type. See the +constants+ section for a list of valid
+   values you can set this to.
+
+User#caption
+   Domain and username of the account.
+
+User#caption=
+   Sets the domain and username of the account.
+      
+User#description
+   Description of the account.
+
+User#description=
+   Sets the description of the account.
+
+User#disabled?
+   Returns whether or not the account is disabled.
+
+User#disabled=
+   Sets whether or not the account is disabled.
+      
+User#domain
+   Name of the Windows domain to which a user account belongs.
+
+User#domain=
+   Sets the name of the Windows domain to which a user account belongs.
+
+User#full_name
+   Full name of a local user.
+
+User#full_name=
+   Sets the full name of a local user.
+      
+User#install_date
+   Date the user account was created.
+
+User#local?
+   Returns whether or not the account is defined on the local computer.
+
+User#local=
+   Sets whether or not the account is defined on the local computer.
+
+User#lockout?
+   Returns whether or not the account is locked out of the OS.
+
+User#lockout=
+   Sets whether or not the account is locked out of the OS.
+      
+User#name
+   Name of the Windows user account on the domain that the User#domain
+   property specifies.
+
+User#name=
+   Sets the name of the Windows user account on the domain that the User#domain
+   property specifies.
+
+User#password
+   The user's password.
+
+User#password=
+   Sets the user's password.
+      
+User#password_changeable?
+   Returns whether or not the password for the account can be changed.
+
+User#password_changeable=
+   Sets whether or not the password for the account can be changed.
+
+User#password_expires?
+   Returns whether or not the password for the account expires.
+
+User#password_expires=
+   Sets whether or not the password for the account expires.
+
+User#password_required?
+   Returns whether or not a password is required for the account.
+
+User#password_required=
+   Sets whether or not a password is required for the account.
+
+User#sid
+   The user's security identifier.
+
+User#sid=
+   Sets the user's security identifier.
+      
+User#status
+   Current status for the user, such as "ok", "error", etc.
+
+== Notes
+   Not all platforms support all of the User members. The only ones that are
+   supported on all platforms are name, uid, gid, dir and shell. The rest
+   will simply return nil if they aren't supported.
+   
+== Known Bugs
+   None that I am aware of. Please log any bugs you find on the project
+   website at http://www.rubyforge.org/projects/sysutils.
+
+== License
+   Ruby's
+
+== Copyright
+   Copyright 2002-2007, Daniel J. Berger
+
+   All Rights Reserved. This module is free software. It may be used,
+   redistributed and/or modified under the same terms as Ruby itself.
+
+== Warranty
+   This package is provided "as is" and without any express or
+   implied warranties, including, without limitation, the implied
+   warranties of merchantability and fitness for a particular purpose.
+
+== Author
+   Daniel J. Berger
+   djberg96 at nospam at gmail dot com
+   imperator on IRC (Freenode)

data/examples/groups.rb

@@ -0,0 +1,39 @@
+###########################################################################
+# groups.rb
+#
+# Sample script to demonstrate some of the various group methods.  Alter
+# as you see fit.
+###########################################################################
+base = File.basename(Dir.pwd)
+
+if base == "examples" || base =~ /sys-admin.*/
+   require "ftools"
+   Dir.chdir("..") if base == "examples"
+   Dir.mkdir("sys") unless File.exists?("sys")
+   if RUBY_PLATFORM.match("mswin")
+      File.copy("lib/sys/admin.rb", "sys/admin.rb")
+   else
+      File.copy("admin.so","sys") if File.exists?("admin.so")
+   end
+   $LOAD_PATH.unshift(Dir.pwd)
+end
+
+require "pp"
+require "sys/admin"
+include Sys
+
+if PLATFORM.match("mswin")
+   pp Admin.get_group("guests")
+   pp Admin.get_group(513)
+else
+   pp Admin.get_group("adm")
+   pp Admin.get_group(7)
+end
+
+Admin.groups{ |g|
+   pp g
+   puts
+}
+
+# This should raise an error
+Admin.get_group("fofofofof")

data/examples/users.rb

@@ -0,0 +1,53 @@
+###########################################################################
+# users.rb
+#
+# Sample script to demonstrate some of the various user methods.  Alter
+# as you see fit.
+###########################################################################
+base = File.basename(Dir.pwd)
+
+if base == "examples" || base =~ /sys-admin.*/
+   require "ftools"
+   Dir.chdir("..") if base == "examples"
+   Dir.mkdir("sys") unless File.exists?("sys")
+   if RUBY_PLATFORM.match("mswin")
+      File.copy("lib/sys/admin.rb", "sys/admin.rb")
+   else
+      File.copy("admin.so","sys") if File.exists?("admin.so")
+   end
+   $LOAD_PATH.unshift(Dir.pwd)
+end
+
+require "pp"
+require "sys/admin"
+include Sys
+
+user = User.new do |u|
+   u.name              = "Foo"
+   u.description       = "Test account"
+   u.password          = "changeme"
+   #u.lockout           = false
+   u.disabled          = true
+   #u.password_required = true
+end
+
+Admin.delete_user(u.name) rescue nil
+Admin.add_user(user)
+
+#pp Admin.get_user("Foo")
+
+#Admin.delete_user("Foo")
+
+=begin
+user = Admin.get_login
+
+puts "User: #{user}"
+
+Admin.users{ |u|
+   pp u
+   puts
+}
+
+pp Admin.get_user(user)
+pp Admin.get_user(501)
+=end

data/lib/sys/admin.rb

@@ -0,0 +1,713 @@
+require "win32ole"
+require "Win32API"
+require "socket"
+
+module Sys
+   class Group
+      # Short description of the object.
+      attr_accessor :caption
+
+      # Description of the group.
+      attr_accessor :description
+      
+      # Name of the Windows domain to which the group account belongs.
+      attr_accessor :domain
+      
+      # Date the group was added.
+      attr_accessor :install_date
+
+      # Name of the Windows group account on the Group#domain specified.
+      attr_accessor :name
+
+      # Security identifier for this group.
+      attr_accessor :sid
+
+      # Current status for the group, such as "ok", "error", etc.
+      attr_accessor :status
+
+      # The group ID.
+      attr_accessor :gid
+
+      # Sets whether or not the group is local (as opposed to global).
+      attr_writer :local
+
+      # Creates and returns a new Group object.  This class encapsulates
+      # the information for a group account, whether it be global or local.
+      #
+      # Yields +self+ if a block is given.
+      #
+      def initialize
+         yield self if block_given?
+      end
+      
+      # Returns whether or not the group is a local group.
+      #
+      def local?
+         @local
+      end
+      
+      # Returns the type of SID (Security Identifier) as a stringified value.
+      #
+      def sid_type
+         @sid_type
+      end
+      
+      # Sets the SID (Security Identifier) type to +stype+, which can be
+      # one of the following constant values:
+      #
+      # * Admin::SidTypeUser
+      # * Admin::SidTypeGroup
+      # * Admin::SidTypeDomain
+      # * Admin::SidTypeAlias
+      # * Admin::SidTypeWellKnownGroup
+      # * Admin::SidTypeDeletedAccount
+      # * Admin::SidTypeInvalid
+      # * Admin::SidTypeUnknown
+      # * Admin::SidTypeComputer
+      #
+      def sid_type=(stype)
+         if stype.kind_of?(String)
+            @sid_type = stype.downcase
+         else
+            case stype
+               when Admin::SidTypeUser
+                  @sid_type = "user"
+               when Admin::SidTypeGroup
+                  @sid_type = "group"
+               when Admin::SidTypeDomain
+                  @sid_type = "domain"
+               when Admin::SidTypeAlias
+                  @sid_type = "alias"
+               when Admin::SidTypeWellKnownGroup
+                  @sid_type = "well_known_group"
+               when Admin::SidTypeDeletedAccount
+                  @sid_type = "deleted_account"
+               when Admin::SidTypeInvalid
+                  @sid_type = "invalid"
+               when Admin::SidTypeUnknown
+                  @sid_type = "unknown"
+               when Admin::SidTypeComputer
+                  @sid_type = "computer"
+               else
+                  @sid_type = "unknown"
+            end
+         end
+         @sid_type
+      end
+   end
+   
+   class User
+      # An account for users whose primary account is in another domain.
+      TEMP_DUPLICATE = 0x0100
+      
+      # Default account type that represents a typical user.
+      NORMAL = 0x0200
+      
+      # A permit to trust account for a domain that trusts other domains.
+      INTERDOMAIN_TRUST = 0x0800
+      
+      # An account for a Windows NT/2000 workstation or server that is a
+      # member of this domain.
+      WORKSTATION_TRUST = 0x1000
+      
+      # A computer account for a backup domain controller that is a member
+      # of this domain.
+      SERVER_TRUST = 0x2000
+      
+      # Domain and username of the account.
+      attr_accessor :caption
+      
+      # Description of the account.
+      attr_accessor :description
+      
+      # Name of the Windows domain to which a user account belongs.
+      attr_accessor :domain
+      
+      # The user's password.
+      attr_accessor :password
+
+      # Full name of a local user.
+      attr_accessor :full_name
+      
+      # Date the user account was created.
+      attr_accessor :install_date
+      
+      # Name of the Windows user account on the domain that the User#domain
+      # property specifies.
+      attr_accessor :name
+      
+      # The user's security identifier.
+      attr_accessor :sid
+      
+      # Current status for the user, such as "ok", "error", etc.
+      attr_accessor :status
+
+      # Used to set whether or not the account is disabled.
+      attr_writer :disabled
+      
+      # Sets whether or not the account is defined on the local computer.
+      attr_writer :local
+      
+      # Sets whether or not the account is locked out of the OS.
+      attr_writer :lockout
+
+      # Sets whether or not the password for the account can be changed.
+      attr_writer :password_changeable
+
+      # Sets whether or not the password for the account expires.
+      attr_writer :password_expires
+
+      # Sets whether or not a password is required for the account.
+      attr_writer :password_required
+
+      # Returns the account type as a human readable string.
+      attr_reader :account_type
+      
+      # Creates an returns a new User object.  A User object encapsulates a
+      # user account on the operating system.
+      #
+      # Yields +self+ if a block is provided.
+      #
+      def initialize
+         yield self if block_given?
+      end
+      
+      # Sets the account type for the account.  Possible values are:
+      # 
+      # * User::TEMP_DUPLICATE
+      # * User::NORMAL
+      # * User::INTERDOMAIN_TRUST
+      # * User::WORKSTATION_TRUST
+      # * User::SERVER_TRUST
+      # 
+      def account_type=(type)
+         case type
+            when TEMP_DUPLICATE
+               @account_type = "duplicate"
+            when NORMAL
+               @account_type = "normal"
+            when INTERDOMAIN_TRUST
+               @account_type = "interdomain_trust"
+            when WORKSTATION_TRUST
+               @account_type = "workstation_trust"
+            when SERVER_TRUST
+               @account_type = "server_trust"
+            else
+               @account_type = "unknown"
+         end
+      end
+     
+      # Returns the SID type as a human readable string.
+      # 
+      def sid_type
+         @sid_type
+      end
+     
+      # Sets the SID (Security Identifier) type to +stype+, which can be
+      # one of the following constant values:
+      #
+      # * Admin::SidTypeUser
+      # * Admin::SidTypeGroup
+      # * Admin::SidTypeDomain
+      # * Admin::SidTypeAlias
+      # * Admin::SidTypeWellKnownGroup
+      # * Admin::SidTypeDeletedAccount
+      # * Admin::SidTypeInvalid
+      # * Admin::SidTypeUnknown
+      # * Admin::SidTypeComputer
+      # 
+      def sid_type=(stype)
+         case stype
+            when Admin::SidTypeUser
+               @sid_type = "user"
+            when Admin::SidTypeGroup
+               @sid_type = "group"
+            when Admin::SidTypeDomain
+               @sid_type = "domain"
+            when Admin::SidTypeAlias
+               @sid_type = "alias"
+            when Admin::SidTypeWellKnownGroup
+               @sid_type = "well_known_group"
+            when Admin::SidTypeDeletedAccount
+               @sid_type = "deleted_account"
+            when Admin::SidTypeInvalid
+               @sid_type = "invalid"
+            when Admin::SidTypeUnknown
+               @sid_type = "unknown"
+            when Admin::SidTypeComputer
+               @sid_type = "computer"
+            else
+               @sid_type = "unknown"
+         end
+      end
+      
+      # Returns whether or not the account is disabled.
+      #
+      def disabled?
+         @disabled
+      end
+      
+      # Returns whether or not the account is local.
+      #
+      def local?
+         @local
+      end
+      
+      # Returns whether or not the account is locked out.
+      #
+      def lockout?
+         @lockout
+      end
+      
+      # Returns whether or not the password for the account is changeable.
+      #
+      def password_changeable?
+         @password_changeable
+      end
+      
+      # Returns whether or not the password for the account is changeable.
+      #
+      def password_expires?
+         @password_expires
+      end
+      
+      # Returns whether or not the a password is required for the account.
+      #
+      def password_required?
+         @password_required
+      end
+   end
+   
+   class Admin
+      VERSION = '1.4.3'
+
+      # This is the error raised in the majority of cases if anything goes wrong
+      # with any of the Sys::Admin methods.
+      #  
+      class Error < StandardError; end
+   
+      
+      SidTypeUser           = 1
+      SidTypeGroup          = 2
+      SidTypeDomain         = 3
+      SidTypeAlias          = 4
+      SidTypeWellKnownGroup = 5
+      SidTypeDeletedAccount = 6
+      SidTypeInvalid        = 7
+      SidTypeUnknown        = 8
+      SidTypeComputer       = 9
+      
+      # Used by the get_login method
+      GetUserName = Win32API.new('advapi32', 'GetUserName', 'PP', 'L') # :nodoc:
+      
+      # Configures the global +user+ on +domain+ using options.
+      #
+      # See http://tinyurl.com/3hjv9 for a list of valid options.
+      #     
+      def self.config_global_user(user, options, domain)
+         begin     
+            adsi = WIN32OLE.connect("WinNT://#{domain}/#{user},user")
+            options.each{ |option, value|
+               adsi.put(option.to_s, value)
+            }
+            adsi.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+
+      # Configures the local +user+ on +host+ using +options+.  If no host
+      # is specified, the default is localhost.
+      #
+      # See http://tinyurl.com/3hjv9 for a list of valid options.
+      #  
+      def self.config_local_user(user, options, host=Socket.gethostname)      
+         begin     
+            adsi = WIN32OLE.connect("WinNT://#{host}/#{user},user")
+            options.each{ |option, value|
+               adsi.put(option.to_s, value)
+            }
+            adsi.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+     
+      # Adds the global +user+ on +domain+
+      #
+      def self.add_global_user(user, domain)
+         begin   
+            adsi = WIN32OLE.connect("WinNT://#{host},Computer")
+            user = adsi.create("user", user)  
+            user.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+      
+      # Adds the local +user+ on +host+, or the localhost if none is specified.
+      #
+      def self.add_local_user(user, host=Socket.gethostname)
+         begin
+            adsi = WIN32OLE.connect("WinNT://#{host},Computer")
+            user = adsi.create("user", user)
+            user.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+
+      # Deletes the local +user+ from +host+, or localhost if no host specified.
+      #
+      def self.delete_local_user(user, host=Socket.gethostname)       
+         begin
+            adsi = WIN32OLE.connect("WinNT://#{host},Computer")
+            adsi.delete("user", user)
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+      
+      # Deletes the global +user+ from +domain+.
+      #
+      def self.delete_global_user(user, domain)   
+         begin
+            adsi = WIN32OLE.connect("WinNT://#{domain}")
+            adsi.delete("user", user)
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end 
+      end
+      
+      # Configures the global +group+ on +domain+ using +options+.
+      #
+      # See http://tinyurl.com/cjkzl for a list of valid options.
+      #
+      def self.config_global_group(group, options, domain)
+         begin                
+            adsi = WIN32OLE.connect("WinNT://#{domain}/#{group},group")
+            options.each{ |option, value|
+               adsi.put(option.to_s, value)
+            }
+            adsi.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+
+      # Configures the local +group+ on +host+ using +options+.  If no host
+      # is specified, the default is localhost.
+      #
+      # See http://tinyurl.com/cjkzl for a list of valid options.
+      #
+      def self.config_local_group(group, options, host=Socket.gethostname)      
+         begin     
+            adsi = WIN32OLE.connect("WinNT://#{host}/#{group},group")
+            options.each{ |option, value|
+               adsi.put(option.to_s, value)
+            }
+            adsi.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+      
+      # Add global +group+ to +domain+.
+      #
+      def self.add_global_group(group, domain)
+         begin
+            adsi = WIN32OLE.connect("WinNT://#{domain},Computer")
+            obj = adsi.create("group", group)
+            obj.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+
+      # Add local +group+ to +host+, or the localhost if no host is specified.
+      #
+      def self.add_local_group(group, host=Socket.gethostname)
+         begin
+            adsi = WIN32OLE.connect("WinNT://#{host},Computer")
+            obj = adsi.create("group", group)
+            obj.setinfo
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+      
+      # Delete the global +group+ from +domain+.
+      #
+      def self.delete_global_group(groupid, domain)
+         begin
+            adsi = WIN32OLE.connect("WinNT://#{domain},Computer")
+            obj = adsi.delete("group", groupid)
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+      
+      # Delete the local +group+ from +host+, or localhost if no host specified.
+      #
+      def self.delete_local_group(groupid, host=Socket.gethostname)
+         begin
+            adsi = WIN32OLE.connect("WinNT://#{host},Computer")
+            obj = adsi.delete("group", groupid)
+         rescue WIN32OLERuntimeError => err
+            raise Error, err
+         end
+      end
+     
+      # Returns the user name (only) of the current login.
+      #
+      def self.get_login
+         buffer = 0.chr * 256
+         nsize = [buffer.size].pack("L")
+
+         if GetUserName.call(buffer, nsize) == 0
+            raise Error, 'GetUserName() call failed in get_login'
+         end
+
+         length   = nsize.unpack("L")[0]
+         username = buffer[0 ... length].chop
+         username
+      end
+      
+      # Returns a User object based on either +name+ or +uid+.
+      #
+      # call-seq:
+      #    get_user(name, host=localhost)
+      #    get_user(uid, host=localhost, local=true)
+      #
+      # You may specify a +host+ from which information is retrieved.  The
+      # default is the local machine.  You may also specify whether to
+      # retrieve a local or global account.  The default is local.
+      #
+      def self.get_user(uid, host=Socket.gethostname, local=true)
+         host = Socket.gethostname if host.nil?
+         cs = "winmgmts:{impersonationLevel=impersonate}!"
+         cs << "//#{host}/root/cimv2"
+         
+         begin
+            wmi = WIN32OLE.connect(cs)
+         rescue WIN32OLERuntimeError => e
+            raise Error, e
+         end
+         
+         query = "select * from win32_useraccount"
+         query << " where localaccount = true" if local
+         
+         if uid.kind_of?(Fixnum)
+            if local
+               query << " and sid like '%-#{uid}'"
+            else
+               query << " where sid like '%-#{uid}'"
+            end
+         else
+            if local
+               query << " and name = '#{uid}'"
+            else
+               query << " where name = '#{uid}'"
+            end
+         end
+         
+         wmi.execquery(query).each{ |user|
+            # Because our 'like' query isn't fulproof, let's parse
+            # the SID again to make sure
+            if uid.kind_of?(Fixnum)
+               if user.sid.split("-").last.to_i != uid
+                  next
+               end
+            end
+            usr = User.new do |u|
+               u.account_type = user.accounttype
+               u.caption      = user.caption
+               u.description  = user.description
+               u.disabled     = user.disabled
+               u.domain       = user.domain
+               u.full_name    = user.fullname
+               u.install_date = user.installdate
+               u.local        = user.localaccount
+               u.lockout      = user.lockout
+               u.name         = user.name
+               u.password_changeable = user.passwordchangeable
+               u.password_expires    = user.passwordexpires
+               u.password_required   = user.passwordrequired
+               u.sid      = user.sid
+               u.sid_type = user.sidtype
+               u.status   = user.status
+            end
+            return usr
+         }
+      end
+      
+      # In block form, yields a User object for each user on the system.  In
+      # non-block form, returns an Array of User objects.
+      #
+      # call-seq:
+      #    users(host=localhost, local=true)
+      #    users(host=localhost, local=true){ |user| ... }
+      #
+      # You may specify a host from which information is retrieved.  The
+      # default is the local machine.  You can retrieve either a global or
+      # local group, depending on the value of the +local+ argument.
+      #
+      def self.users(host=Socket.gethostname, local=true)
+         host = Socket.gethostname if host.nil?
+         cs = "winmgmts:{impersonationLevel=impersonate}!"
+         cs << "//#{host}/root/cimv2"
+         
+         begin
+            wmi = WIN32OLE.connect(cs)
+         rescue WIN32OLERuntimeError => e
+            raise Error, e
+         end
+         
+         query = "select * from win32_useraccount"
+         query << " where localaccount = true" if local
+         array = []
+         
+         wmi.execquery(query).each{ |user|
+            usr = User.new do |u|
+               u.account_type = user.accounttype
+               u.caption      = user.caption
+               u.description  = user.description
+               u.disabled     = user.disabled
+               u.domain       = user.domain
+               u.full_name    = user.fullname
+               u.install_date = user.installdate
+               u.local        = user.localaccount
+               u.lockout      = user.lockout
+               u.name         = user.name
+               u.password_changeable = user.passwordchangeable
+               u.password_expires    = user.passwordexpires
+               u.password_required   = user.passwordrequired
+               u.sid      = user.sid
+               u.sid_type = user.sidtype
+               u.status   = user.status
+            end
+            
+            if block_given?
+               yield usr
+            else
+               array.push(usr)
+            end
+         }
+         return array unless block_given?
+      end
+      
+      # Returns a Group object based on either +name+ or +uid+.
+      #
+      # call-seq:
+      #    get_group(name, host=localhost, local=true) 
+      #    get_group(gid, host=localhost, local=true)
+      #
+      # You may specify a host from which information is retrieved.
+      # The default is the local machine.  You can retrieve either a global or
+      # local group, depending on the value of the +local+ argument.
+      #
+      def self.get_group(grp, host=Socket.gethostname, local=true)
+         host = Socket.gethostname if host.nil?
+         cs = "winmgmts:{impersonationLevel=impersonate}!"
+         cs << "//#{host}/root/cimv2"
+         gid = nil
+         
+         begin
+            wmi = WIN32OLE.connect(cs)
+         rescue WIN32OLERuntimeError => e
+            raise Error, e
+         end
+                  
+         query = "select * from win32_group"
+         query << " where localaccount = true" if local
+         
+         if grp.kind_of?(Fixnum)
+            if local
+               query << " and sid like '%-#{grp}'"
+            else
+               query << " where sid like '%-#{grp}'"
+            end
+         else
+            if local
+               query << " and name = '#{grp}'"
+            else
+               query << " where name = '#{grp}'"
+            end
+         end
+         
+         wmi.execquery(query).each{ |group|
+            gid = group.sid.split("-").last.to_i
+            
+            # Because our 'like' query isn't fulproof, let's parse
+            # the SID again to make sure
+            if grp.kind_of?(Fixnum)              
+               next if grp != gid
+            end
+            
+            grp = Group.new do |g|
+               g.caption      = group.caption
+               g.description  = group.description              
+               g.domain       = group.domain
+               g.gid          = gid
+               g.install_date = group.installdate
+               g.local        = group.localaccount
+               g.name         = group.name   
+               g.sid          = group.sid                         
+               g.sid_type     = group.sidtype
+               g.status       = group.status
+            end
+            return grp
+         }
+         # If we're here, it means it wasn't found.
+         raise Error, "no group found for '#{grp}'"
+      end
+   
+      # In block form, yields a Group object for each user on the system.  In
+      # non-block form, returns an Array of Group objects.
+      #
+      # call-seq:
+      #    groups(host=localhost, local=true)
+      #    groups(host=localhost, local=true){ |group| ... }
+      #
+      # You may specify a host from which information is retrieved.
+      # The default is the local machine.  You can retrieve either a global or
+      # local group, depending on the value of the +local+ argument.
+      #
+      def self.groups(host=Socket.gethostname, local=true)
+         host = Socket.gethostname if host.nil?
+         cs = "winmgmts:{impersonationLevel=impersonate}!"
+         cs << "//#{host}/root/cimv2"
+         
+         begin
+            wmi = WIN32OLE.connect(cs)
+         rescue WIN32OLERuntimeError => e
+            raise Error, e
+         end
+         
+         query = "select * from win32_group"
+         query << " where localaccount = true" if local
+         
+         array = []
+         wmi.execquery(query).each{ |group|
+            grp = Group.new do |g|
+               g.caption      = group.caption
+               g.description  = group.description              
+               g.domain       = group.domain
+               g.gid          = group.sid.split("-").last.to_i
+               g.install_date = group.installdate
+               g.local        = group.localaccount
+               g.name         = group.name   
+               g.sid          = group.sid                         
+               g.sid_type     = group.sidtype
+               g.status       = group.status
+            end
+            if block_given?
+               yield grp
+            else
+               array.push(grp)
+            end
+         }
+         return array unless block_given?
+      end
+   end
+end