| 12
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178
 179
 180
 181
 182
 183
 184
 185
 186
 187
 188
 189
 190
 191
 192
 193
 194
 195
 196
 197
 198
 199
 200
 201
 202
 203
 
 | #!/usr/bin/python
# -*- coding: utf-8 -*-
# Copyright: (c) 2017, Ansible Project
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
# this is a windows documentation stub.  actual code lives in the .ps1
# file of the same name
ANSIBLE_METADATA = {'metadata_version': '1.1',
                    'status': ['preview'],
                    'supported_by': 'community'}
DOCUMENTATION = r"""
---
module: win_whoami
version_added: "2.5"
short_description: Get information about the current user and process
description:
- Designed to return the same information as the C(whoami /all) command.
- Also includes information missing from C(whoami) such as logon metadata like
  logon rights, id, type.
notes:
- If running this module with a non admin user, the logon rights will be an
  empty list as Administrator rights are required to query LSA for the
  information.
seealso:
- module: win_credential
- module: win_group_membership
- module: win_user_right
author:
- Jordan Borean (@jborean93)
"""
EXAMPLES = r"""
- name: Get whoami information
  win_whoami:
"""
RETURN = r"""
authentication_package:
  description: The name of the authentication package used to authenticate the
    user in the session.
  returned: success
  type: str
  sample: Negotiate
user_flags:
  description: The user flags for the logon session, see UserFlags in
    U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa380128).
  returned: success
  type: str
  sample: Winlogon
upn:
  description: The user principal name of the current user.
  returned: success
  type: str
  sample: Administrator@DOMAIN.COM
logon_type:
  description: The logon type that identifies the logon method, see
    U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa380129.aspx).
  returned: success
  type: str
  sample: Network
privileges:
  description: A dictionary of privileges and their state on the logon token.
  returned: success
  type: dict
  sample: {
      "SeChangeNotifyPrivileges": "enabled-by-default",
      "SeRemoteShutdownPrivilege": "disabled",
      "SeDebugPrivilege": "enabled"
  }
label:
  description: The mandatory label set to the logon session.
  returned: success
  type: complex
  contains:
    domain_name:
      description: The domain name of the label SID.
      returned: success
      type: str
      sample: Mandatory Label
    sid:
      description: The SID in string form.
      returned: success
      type: str
      sample: S-1-16-12288
    account_name:
      description: The account name of the label SID.
      returned: success
      type: str
      sample: High Mandatory Level
    type:
      description: The type of SID.
      returned: success
      type: str
      sample: Label
impersonation_level:
  description: The impersonation level of the token, only valid if
    C(token_type) is C(TokenImpersonation), see
    U(https://msdn.microsoft.com/en-us/library/windows/desktop/aa379572.aspx).
  returned: success
  type: str
  sample: SecurityAnonymous
login_time:
  description: The logon time in ISO 8601 format
  returned: success
  type: str
  sample: '2017-11-27T06:24:14.3321665+10:00'
groups:
  description: A list of groups and attributes that the user is a member of.
  returned: success
  type: list
  sample: [
      {
          "account_name": "Domain Users",
          "domain_name": "DOMAIN",
          "attributes": [
              "Mandatory",
              "Enabled by default",
              "Enabled"
          ],
          "sid": "S-1-5-21-1654078763-769949647-2968445802-513",
          "type": "Group"
      },
      {
          "account_name": "Administrators",
          "domain_name": "BUILTIN",
          "attributes": [
              "Mandatory",
              "Enabled by default",
              "Enabled",
              "Owner"
          ],
          "sid": "S-1-5-32-544",
          "type": "Alias"
      }
  ]
account:
  description: The running account SID details.
  returned: success
  type: complex
  contains:
    domain_name:
      description: The domain name of the account SID.
      returned: success
      type: str
      sample: DOMAIN
    sid:
      description: The SID in string form.
      returned: success
      type: str
      sample: S-1-5-21-1654078763-769949647-2968445802-500
    account_name:
      description: The account name of the account SID.
      returned: success
      type: str
      sample: Administrator
    type:
      description: The type of SID.
      returned: success
      type: str
      sample: User
login_domain:
  description: The name of the domain used to authenticate the owner of the
    session.
  returned: success
  type: str
  sample: DOMAIN
rights:
  description: A list of logon rights assigned to the logon.
  returned: success and running user is a member of the local Administrators group
  type: list
  sample: [
      "SeNetworkLogonRight",
      "SeInteractiveLogonRight",
      "SeBatchLogonRight",
      "SeRemoteInteractiveLogonRight"
  ]
logon_server:
  description: The name of the server used to authenticate the owner of the
    logon session.
  returned: success
  type: str
  sample: DC01
logon_id:
  description: The unique identifier of the logon session.
  returned: success
  type: int
  sample: 20470143
dns_domain_name:
  description: The DNS name of the logon session, this is an empty string if
    this is not set.
  returned: success
  type: str
  sample: DOMAIN.COM
token_type:
  description: The token type to indicate whether it is a primary or
    impersonation token.
  returned: success
  type: str
  sample: TokenPrimary
"""
 |