PSDscResources icon indicating copy to clipboard operation
PSDscResources copied to clipboard

Published 20 hours ago verified publisher icon PowerShell

Fix to issue 116: Test-TargetResource throws System.InvalidOperationException when defined user lacks permissions

Open djwork opened this issue 6 years ago • 4 comments

Fix to issue 116: Test-TargetResource throws System.InvalidOperationException when defined user lacks permissions

  • Observations
    • Used the User DSCR to create a local user 'NoGroupTest' on the target node, when the example configuration is initially applied there are no errors in the console or Microsoft-Windows-DSC/Operational.
    • However once the LCM auto applies the current config (or a user runs: Start-DscConfiguration -UseExisting -Force -Wait) the LCM will report exceptions thrown by User: Test-TargetResource
    • Traced the exception down to the helper function MSFT_UserResource\Test-UserPasswordOnFullSku specifically the call to ValidateCredentials method of the class System.DirectoryServices.AccountManagement.PrincipalContext
    • Tried work arounds like adding the test user to the local admin group but that made no difference
    • Did some research and found the above method has some known issues and the recommedation is call the WIN32 function LogonUser in advapi32.dll
    • This pull request contains the modification to the helper function MSFT_UserResource\Test-UserPasswordOnFullSku to use LogonUser
    • The above change appears to work for users even if they are not a member of any local group

This change is Reviewable

djwork avatar Oct 05 '18 01:10 djwork

Codecov Report

Merging #117 into dev will decrease coverage by <1%. The diff coverage is 0%.

Impacted file tree graph

@@         Coverage Diff         @@
##            dev   #117   +/-   ##
===================================
- Coverage    83%    83%   -1%     
===================================
  Files        19     19           
  Lines      2760   2770   +10     
  Branches      4      4           
===================================
  Hits       2305   2305           
- Misses      451    461   +10     
  Partials      4      4

codecov-io avatar Oct 05 '18 02:10 codecov-io

Labeling this pull request (PR) as abandoned since it has gone 14 days or more since the last update. An abandoned PR can be continued by another contributor. The abandoned label will be removed if work on this PR is taken up again.

stale[bot] avatar Oct 24 '18 06:10 stale[bot]

Hi @djwork - thanks for getting this one in!

PlagueHO avatar Jan 19 '19 08:01 PlagueHO

Labeling this pull request (PR) as abandoned since it has gone 14 days or more since the last update. An abandoned PR can be continued by another contributor. The abandoned label will be removed if work on this PR is taken up again.

stale[bot] avatar Feb 07 '19 06:02 stale[bot]