Announcement

Collapse
No announcement yet.

Is User Administrator...

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Is User Administrator...

    Hi all,
    I just converted the following from the MSDN to PB, it uses
    CheckTokenMembership instead of a bunch of other API calls
    so its nice and short but only works with win2k or later.
    My problem is that it doesn't tell you if the current user
    is an Admin (only tested under xp pro), it tells you if an
    Admin is logged on. Ie. log on as Admin then use Switch User
    to change to a Non Admin User, the Admin is still logged on so
    the function still returns true. If you log on as Admin then
    Log OFF and log on as another user (non admin) it works just fine.
    So how can I tell if the current Desktop belongs to an Admin ?

    Code:
    #COMPILE EXE
    
    %SECURITY_NT_AUTHORITY        = &H5           ' Not In WIN32API.INC
    
    %NULL                         = 0             ' All these Equates, Types
    %FALSE                        = 0             ' and Declares are in
    %SECURITY_BUILTIN_DOMAIN_RID  = &H00000020&   ' WIN32API.INC
    %DOMAIN_ALIAS_RID_ADMINS      = &H00000220&   '
    
    TYPE SID_IDENTIFIER_AUTHORITY
      Value(0 TO 5) AS BYTE
    END TYPE
    
    DECLARE FUNCTION AllocateAndInitializeSid LIB "ADVAPI32.DLL" ALIAS "AllocateAndInitializeSid"_
                     (pIdentifierAuthority AS SID_IDENTIFIER_AUTHORITY, BYVAL nSubAuthorityCount AS BYTE, _
                     BYVAL nSubAuthority0 AS LONG, BYVAL nSubAuthority1 AS LONG,_
                     BYVAL nSubAuthority2 AS LONG, BYVAL nSubAuthority3 AS LONG,_
                     BYVAL nSubAuthority4 AS LONG, BYVAL nSubAuthority5 AS LONG,_
                     BYVAL nSubAuthority6 AS LONG, BYVAL nSubAuthority7 AS LONG,_
                     lpPSid AS ANY) AS LONG
    DECLARE FUNCTION CheckTokenMembership LIB "ADVAPI32.DLL" ALIAS "CheckTokenMembership"_
                     (BYVAL hToken AS DWORD, SidToCheck AS ANY, IsMember AS LONG) AS LONG
    DECLARE SUB FreeSid LIB "ADVAPI32.DLL" ALIAS "FreeSid" (pSid AS ANY)
    
    ' IsAdmin - Returns 1 if an Admin is Logged on, 0 if not.
    '           Under XP Pro if you log on as an Admin and then use
    '           SWITCH USER to change to a Non Admin User it still returns
    '           TRUE because the admin hasn't logged off, the same might be
    '           true if an admin logs on remotely (havn't tested that)
    
    FUNCTION IsAdmin() AS LONG
    LOCAL Result              AS LONG
    LOCAL NtAuthority         AS SID_IDENTIFIER_AUTHORITY
    LOCAL AdministratorsGroup AS LONG
    
      NtAuthority.value(5) = %SECURITY_NT_AUTHORITY
    
      Result = AllocateAndInitializeSid(NtAuthority                 ,_
                                        2                           ,_
                                        %SECURITY_BUILTIN_DOMAIN_RID,_
                                        %DOMAIN_ALIAS_RID_ADMINS    ,_
                                        0, 0, 0, 0, 0, 0            ,_
                                        AdministratorsGroup)
    
      IF Result THEN
        IF CheckTokenMembership( %NULL, BYVAL AdministratorsGroup,Result) = 0 THEN
          Result = %FALSE
        END IF
      END IF
    
      FreeSid BYVAL AdministratorsGroup
    
      FUNCTION = Result
    END FUNCTION
    
    FUNCTION PBMAIN
      MSGBOX STR$(IsAdmin)
    END FUNCTION



    ------------------

  • #2
    Try this fragment from my alive app.
    But I use modified a little Win32Api.
    So, re-check declarations, if this fragment will not work for you

    Code:
       Function IsAdmin As Long
          Local os As OSVERSIONINFO
    
          os.dwOSVersionInfoSize = SizeOf(os)
          GetVersionEx ByVal VarPtr(os)
          If IsFalse(os.dwPlatformId = %VER_PLATFORM_WIN32_NT) Then Function = 2: Exit Function
    
          Local hAccessToken As Long, i As Long
          Local Info As String
          Local szInfo As Dword
          Local pTokenGroups As TOKEN_GROUPS Ptr
          Local siaNtAuthority As SID_IDENTIFIER_AUTHORITY
          Local psidAdministrators As Long ' SID Ptr
    
          %TOKEN_QUERY = 8
          If IsFalse(OpenProcessToken(GetCurrentProcess, %TOKEN_QUERY, hAccessToken)) Then _
             Function = -1: Exit Function
          GetTokenInformation hAccessToken, %TOKENGROUPS, ByVal 0&, 0&, szInfo
          Info = Space$(szInfo): i = GetTokenInformation(hAccessToken, %TOKENGROUPS, ByVal StrPtr(Info), Len(Info), szInfo)
          CloseHandle hAccessToken
    
          If IsFalse(i) Then Function = -1: Exit Function
    
          siaNtAuthority.Value(5) = 5 ' = SECURITY_NT_AUTHORITY
          If IsFalse(AllocateAndInitializeSid(siaNtAuthority, 2, %SECURITY_BUILTIN_DOMAIN_RID, _
             %DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, psidAdministrators)) Then Function = -1: Exit Function
    
          pTokenGroups = StrPtr(Info)
          For i = 0 To @pTokenGroups.GroupCount - 1
             If EqualSid (ByVal psidAdministrators, ByVal @pTokenGroups.Groups(i).pSid) Then Function = 1: Exit For
          Next
          FreeSid ByVal psidAdministrators
    
       End Function
    ------------------

    Comment

    Working...
    X