win_whoami - Get information about the current user and process
New in version 2.5.
Synopsis
- Designed to return the same information as the
whoami /allcommand. - Also includes information missing from
whoamisuch as logon metadata like logon rights, id, type.
Notes
Note
- If running this module with a non admin user, the logon rights will be an empty list as Administrator rights are required to query LSA for the information.
Examples
- name: get whoami information
win_whoami:
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| account
complex
|
success |
The running account SID details.
|
|
| domain_name
str
|
success |
The domain name of the account SID.
Sample:
DOMAIN
|
|
| sid
str
|
success |
The SID in string form.
Sample:
S-1-5-21-1654078763-769949647-2968445802-500
|
|
| account_name
str
|
success |
The account name of the account SID.
Sample:
Administrator
|
|
| type
str
|
success |
The type of SID.
Sample:
User
|
|
| authentication_package
str
|
success |
The name of the authentication package used to authenticate the user in the session.
Sample:
Negotiate
|
|
| dns_domain_name
str
|
success |
The DNS name of the logon session, this is an empty string if this is not set.
Sample:
DOMAIN.COM
|
|
| groups
list
|
success |
A list of groups and attributes that the user is a member of.
Sample:
[{'account_name': 'Domain Users', 'domain_name': 'DOMAIN', 'attributes': ['Mandatory', 'Enabled by default', 'Enabled'], 'sid': 'S-1-5-21-1654078763-769949647-2968445802-513', 'type': 'Group'}, {'account_name': 'Administrators', 'domain_name': 'BUILTIN', 'attributes': ['Mandatory', 'Enabled by default', 'Enabled', 'Owner'], 'sid': 'S-1-5-32-544', 'type': 'Alias'}]
|
|
| impersonation_level
str
|
success |
The impersonation level of the token, only valid if token_type is TokenImpersonation, see https://msdn.microsoft.com/en-us/library/windows/desktop/aa379572.aspx.
Sample:
SecurityAnonymous
|
|
| label
complex
|
success |
The mandatory label set to the logon session.
|
|
| domain_name
str
|
success |
The domain name of the label SID.
Sample:
Mandatory Label
|
|
| sid
str
|
success |
The SID in string form.
Sample:
S-1-16-12288
|
|
| account_name
str
|
success |
The account name of the label SID.
Sample:
High Mandatory Level
|
|
| type
str
|
success |
The type of SID.
Sample:
Label
|
|
| login_domain
str
|
success |
The name of the domain used to authenticate the owner of the session.
Sample:
DOMAIN
|
|
| login_time
str
|
success |
The logon time in ISO 8601 format
Sample:
2017-11-27T06:24:14.3321665+10:00
|
|
| logon_id
int
|
success |
The unique identifier of the logon session.
Sample:
20470143
|
|
| logon_server
str
|
success |
The name of the server used to authentcate the owner of the logon session.
Sample:
DC01
|
|
| logon_type
str
|
success |
The logon type that identifies the logon method, see https://msdn.microsoft.com/en-us/library/windows/desktop/aa380129.aspx.
Sample:
Network
|
|
| privileges
dict
|
success |
A dictionary of privileges and their state on the logon token.
Sample:
{'SeChangeNotifyPrivileges': 'enabled-by-default', 'SeRemoteShutdownPrivilege': 'disabled', 'SeDebugPrivilege': 'enabled'}
|
|
| rights
list
|
success and running user is a member of the local Administrators group |
A list of logon rights assigned to the logon.
Sample:
['SeNetworkLogonRight', 'SeInteractiveLogonRight', 'SeBatchLogonRight', 'SeRemoteInteractiveLogonRight']
|
|
| token_type
str
|
success |
The token type to indicate whether it is a primary or impersonation token.
Sample:
TokenPrimary
|
|
| upn
str
|
success |
The user principal name of the current user.
Sample:
Administrator@DOMAIN.COM
|
|
| user_flags
str
|
success |
The user flags for the logon session, see UserFlags in https://msdn.microsoft.com/en-us/library/windows/desktop/aa380128.
Sample:
Winlogon
|
|
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Maintenance
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Author
- Jordan Borean (@jborean93)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/win_whoami_module.html