Parsers/SCM/UserRightsAssignment.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
Function Write-SCMPrivilegeXMLData
{
    [CmdletBinding()]
    [OutputType([hashtable])]
    param
    (
        [Parameter(Mandatory=$true)]   
        [System.Xml.XmlElement]$DiscoveryData,
        
        [Parameter(Mandatory=$true)]   
        [System.Xml.XmlElement]$ValueData
    )
    
    # Grab the ExistensialRule and Validation Rule.
    $ValidationRules = $valueData.SelectNodes("..").ValidationRules
       
    $Comments = Get-NodeComments -Node $DiscoveryData
    $Name = $DiscoveryData.SelectNodes("../..").Name
    $Name = "$((Get-NodeDataFromComments -Comments $Comments).'CCEID-50'): $Name"
         
    # Grab the Value and Operator
    $TempValue = $ValidationRules.SettingRule.Value.ValueA

    $retHash = @{}
    
    $retHash.Identity = @()
    $retHash.Policy = ""
    $retHash.Force = $true

    if ($DiscoveryData.WmiDiscoveryInfo.Where -match "UserRight='(?<Policy>.*)'.*")
    {
        if ($UserRightsHash.ContainsKey($Matches.Policy))
        {
            $retHash.Policy = $UserRightsHash[$Matches.Policy]
            $retHash.Identity = $TempValue -split ","
        }
        else
        {
            Write-Error "Cannot find matching User Right for Privilege ($($Matches.Privilege))"
            return ""
        }
    }
    else
    {
        Write-Error "Privilege String is not formatted correctly ($($DiscoveryData.WMIDiscoveryInfo.Where))"
        return ""
    }

    Write-DSCString -Resource -Name $Name -Type UserRightsAssignment -Parameters $retHash -Comment $Comments
}
#endregion