I'm trying to get ACLs and parse into the array reg_perms, the code works fine without the Where-Object{($_.IdentityReference -eq "BUILTIN\Users")
command ='powershell "(Get-Acl \'HKLM:\SOFTWARE\\Microsoft\Windows NT\CurrentVersion\Winlogon\').Access | Where-Object{($_.IdentityReference -eq "BUILTIN\Users")} | Format-List RegistryRights,AccessControlType,IdentityReference"'
data = ::Mixlib::ShellOut.new(command).run_command.stdout.strip.gsub(/\r\n?/, "\n")
reg_perms = data.split("\n\n").each_with_object([]) do |set, arr|
arr << set.split("\n").map do |f|
f.split(':').collect(&:strip)
end.to_h
end
You are using single quotes for your entire string: '. Then when your string is evaled with double quotes the double quotes around the BUILTIN\Users string are not escaped, this mean you need to escape the double quotes around the ""BUILTIN\Users"" the powershell way or use single quotes \'BUILTIN\Users\' and escape them the ruby way.
This should work:
command ='powershell "(Get-Acl \'HKLM:\SOFTWARE\\Microsoft\Windows NT\CurrentVersion\Winlogon\').Access | Where-Object{
($_.IdentityReference -eq \'BUILTIN\Users\')
} | Format-List RegistryRights,AccessControlType,IdentityReference"'