jpadams · August 29, 2015 13:56
diff --git a/nonpriv_setup.pp b/nonpriv_setup.pp
 class nonpriv_setup {

  define nonpriv_pe_user (
    $password,
    $nonpriv_user=$name,
    $ensure='present', # 'present' or 'absent'
    $certname=$nonpriv_user,
    $server='puppet', # puppet master
    $enable_sched_task=true, # true or false
    $run_interval_mins='30', # in minutes, one of 5, 10, 15, 30, 60
    ) {

    validate_re($ensure, ['present', 'absent'], '$ensure must be \'absent\' or \'present\'')
    validate_re($enable_sched_task, [true, false], '$enable_sched_task must be \'true\' or \'false\'')
    validate_re($run_interval_mins, ['5', '10', '15', '30', '60'], '$run_interval_mins must be one of 5, 10, 15, 30, 60')

    $run_interval_xml = undef
    if $run_interval_mins == '60' {
      $run_interval_xml = 'PT1H' # 1 Hour
    } else {
      $run_interval_xml = "PT${$run_interval_mins}M" # Minutes
    }

    $nonpriv_groups = undef
    if $enable_sched_task {
      $nonpriv_groups = ['Users', 'Remote Desktop Users', 'Performance Log Users']
    } else {
      $nonpriv_groups = ['Users', 'Remote Desktop Users']
    }

    user { $nonpriv_user:
      ensure     => $ensure,
      managehome => true,
      password   => $password,
      groups     => ['Users', 'Remote Desktop Users', 'Performance Log Users'],
    }

    file { "C:/Users/${nonpriv_user}/Desktop/${nonpriv_pe_agent_run_${run_interval_mins}m.xml":
      ensure  => $ensure,
      owner   => $nonpriv_user,
      content => template('nonpriv_setup/nonpriv_pe_agent_run.xml.erb'),
      require => User[ $nonpriv_user ],
    }

    exec { 'Setup scheduled task for puppet run for nonprivileged user':
      command => 'C:\Windows\System32\schtasks.exe /Create /XML C:\Users\nonrootuser\Desktop\nonroot_Puppet_Agent_run_30m.xml /RU WINDOWS\nonrootuser /RP Pupp3t! /tn nonroot_puppet_agent_run',
      unless  => 'C:\Windows\System32\schtasks.exe /Query /TN nonroot_puppet_agent_run',

      require => File[ "C:/Users/${nonpriv_user}/Desktop/nonroot_Puppet_Agent_run_${run_interval_mins}m.xml" ],
    }

  }
 }
	class nonpriv_setup {

	define nonpriv_pe_user (
	$password,
	$nonpriv_user=$name,
	$ensure='present', # 'present' or 'absent'
	$certname=$nonpriv_user,
	$server='puppet', # puppet master
	$enable_sched_task=true, # true or false
	$run_interval_mins='30', # in minutes, one of 5, 10, 15, 30, 60
	) {

	validate_re($ensure, ['present', 'absent'], '$ensure must be \'absent\' or \'present\'')
	validate_re($enable_sched_task, [true, false], '$enable_sched_task must be \'true\' or \'false\'')
	validate_re($run_interval_mins, ['5', '10', '15', '30', '60'], '$run_interval_mins must be one of 5, 10, 15, 30, 60')

	$run_interval_xml = undef
	if $run_interval_mins == '60' {
	$run_interval_xml = 'PT1H' # 1 Hour
	} else {
	$run_interval_xml = "PT${$run_interval_mins}M" # Minutes
	}

	$nonpriv_groups = undef
	if $enable_sched_task {
	$nonpriv_groups = ['Users', 'Remote Desktop Users', 'Performance Log Users']
	} else {
	$nonpriv_groups = ['Users', 'Remote Desktop Users']
	}

	user { $nonpriv_user:
	ensure => $ensure,
	managehome => true,
	password => $password,
	groups => ['Users', 'Remote Desktop Users', 'Performance Log Users'],
	}

	file { "C:/Users/${nonpriv_user}/Desktop/${nonpriv_pe_agent_run_${run_interval_mins}m.xml":
	ensure => $ensure,
	owner => $nonpriv_user,
	content => template('nonpriv_setup/nonpriv_pe_agent_run.xml.erb'),
	require => User[ $nonpriv_user ],
	}

	exec { 'Setup scheduled task for puppet run for nonprivileged user':
	command => 'C:\Windows\System32\schtasks.exe /Create /XML C:\Users\nonrootuser\Desktop\nonroot_Puppet_Agent_run_30m.xml /RU WINDOWS\nonrootuser /RP Pupp3t! /tn nonroot_puppet_agent_run',
	unless => 'C:\Windows\System32\schtasks.exe /Query /TN nonroot_puppet_agent_run',

	require => File[ "C:/Users/${nonpriv_user}/Desktop/nonroot_Puppet_Agent_run_${run_interval_mins}m.xml" ],
	}

	}
	}