user_in_local_group
Makes sure a user is in a local group. The user can be local user (refered by its name), a domain user (refered with Domain\Name or Domain\Name@account); you can also use Security ID (SID) for the user.
⚙️ Compatible targets: Windows
Parameters
| Name | Documentation |
|---|---|
| login | User name, domain account or SID of the user. This parameter is required. |
| localGroup | Local Group the user should belong to. This parameter is required. |
Outcome conditions
You need to replace ${login} with its actual canonified value.
- ✅ Ok:
user_in_local_group_${login}_ok- ☑️ Already compliant:
user_in_local_group_${login}_kept - 🟨 Repaired:
user_in_local_group_${login}_repaired
- ☑️ Already compliant:
- ❌ Error:
user_in_local_group_${login}_error
Example
method: user_in_local_group
params:
localGroup: VALUE
login: VALUE
Documentation
Audit or ensure a user belongs to a local group.
Examples:
Ensure the user Alice belongs to the local group "Security"
User_In_Local_Group("Alice", "Security")
Ensure the user Bob from Domain ACME belongs to the local group "Security"
User_In_Local_Group("ACME\Bob@acme.net", "Security")