I'm trying to build a script that checks to see whether or not the password on the currently logged in user's local account has a password that isn't blank in Windows. I need this to run as part of a background check for security compliance; it's going to report to a Nagios server. I need this done in Python, but I'm open to PowerShell if Python won't do it.
So, the script will need to detect:
- The username of the currently logged in user.
- Whether or not the aforementioned user has a blank password.
- Return error code 0 if the password is NOT blank, error code 2 if it is.
I'm stuck on just whichever bit of code will allow me to check if the password of the current user is "". I have a layout which, without too many embellishments, looks something like this:
import os
import Tkinter
import tkMessageBox
from Tkinter import Tk, Toplevel
MyGui.update_idletasks()
MyGui.attributes('-topmost', True)
MyGui.geometry('{}x{}'.format(300, 150))
MyGui.resizable(width=False, height=False)
MyGui.withdraw()
ThisUser = os.getlogin()
ThisPassword = ... # line of code necessary to test for blank password; this is the part where I'm stuck
if ThisPassword = "":
tkMessageBox.showerror("Error For User Here", parent=MyGui)
print "No password set!"
sys.exit(2)
else:
print "Password exists."
sys.exit(0)
I spotted this article, where a WinAPI commend LogonUser is used, but I'm not savvy with C#. Python is more within my comfort zone, I just can't figure out how to check whether or not a password set is blank. I don't want to collect the password, itself.
