Announcement

Collapse
No announcement yet.

Is User Administrator...

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Mark Hunter
    replied
    So far it doesn’t work. On my machine the loop
    ... For i = 0 To @pTokenGroups.GroupCount - 1 ...... (To 12 - 1)
    is exited when i = 3 regardless of program status. Here is the code with the necessary Win32API information and a demonstration PBMain:
    Code:
    Type SID_AND_ATTRIBUTES
  pSid As Dword
  Attributes As Dword
End Type

Type TOKEN_GROUPS
  GroupCount As Dword
  Groups(0 To 0) As SID_AND_ATTRIBUTES   'array size varies
End Type

Type SID_IDENTIFIER_AUTHORITY
  Value(0 To 5) As Byte
End Type
'--------------------------------------------------------------------

%TOKEN_QUERY = 8
%TokenGroups = 2
%SECURITY_BUILTIN_DOMAIN_RID  = &H00000020&
%DOMAIN_ALIAS_RID_ADMINS      = &H00000220&
'--------------------------------------------------------------------

Declare Function OpenProcessToken Lib "ADVAPI32.DLL" Alias "OpenProcessToken" (ByVal ProcessHandle As Dword, ByVal DesiredAccess As Dword, TokenHandle As Dword) As Long
Declare Function GetCurrentProcess Lib "KERNEL32.DLL" Alias "GetCurrentProcess" () As Long
Declare Function GetTokenInformation Lib "ADVAPI32.DLL" Alias "GetTokenInformation" (ByVal TokenHandle As Dword, ByVal TokenInformationClass As Long, TokenInformation As Any, ByVal TokenInformationLength As Dword, ReturnLength As Dword) As Long
Declare Function CloseHandle Lib "KERNEL32.DLL" Alias "CloseHandle" (ByVal hObject As Dword) As Long
Declare Sub FreeSid Lib "ADVAPI32.DLL" Alias "FreeSid" (pSid As Any)
Declare Function AllocateAndInitializeSid Lib "ADVAPI32.DLL" Alias "AllocateAndInitializeSid" (pIdentifierAuthority As SID_IDENTIFIER_AUTHORITY, ByVal nSubAuthorityCount As Byte, ByVal nSubAuthority0 As Long, ByVal nSubAuthority1 As Long, _
                 ByVal nSubAuthority2 As Long, ByVal nSubAuthority3 As Long, ByVal nSubAuthority4 As Long, ByVal nSubAuthority5 As Long, ByVal nSubAuthority6 As Long, ByVal nSubAuthority7 As Long, lpPSid As Any) As Long
Declare Function EqualSid Lib "ADVAPI32.DLL" Alias "EqualSid" (pSid1 As Any, pSid2 As Any) As Long
'--------------------------------------------------------------------

' Returns -1 on failure
'          1 if running as administrator
'          0 if not running as administrator
' Assumes the operating system is Windows 2000 or later (XP, 7, etc.)

Function IsAdmin As Long
      Local hAccessToken As Long, i As Long
      Local Info As String
      Local szInfo As Dword
      Local pTokenGroups As TOKEN_GROUPS Ptr
      Local siaNtAuthority As SID_IDENTIFIER_AUTHORITY
      Local psidAdministrators As Long      'SID Ptr

      If IsFalse(OpenProcessToken(GetCurrentProcess, %TOKEN_QUERY, hAccessToken)) Then
         Function = -1
         Exit Function
      End If
      
      GetTokenInformation hAccessToken, %TOKENGROUPS, ByVal 0&, 0&, szInfo
      Info = Space$(szInfo)
      i = GetTokenInformation(hAccessToken, %TOKENGROUPS, ByVal StrPtr(Info), Len(Info), szInfo)
      CloseHandle hAccessToken

      If IsFalse(i) Then
       Function = -1
       Exit Function
      End If

      siaNtAuthority.Value(5) = 5     ' = SECURITY_NT_AUTHORITY
      If IsFalse(AllocateAndInitializeSid(siaNtAuthority, 2, %SECURITY_BUILTIN_DOMAIN_RID, %DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, psidAdministrators)) Then
        Function = -1
        Exit Function
      End If

      pTokenGroups = StrPtr(Info)
      For i = 0 To @pTokenGroups.GroupCount - 1         'To 13
         If EqualSid (ByVal psidAdministrators, ByVal @pTokenGroups.Groups(i).pSid) Then
           Function = 1                  'get here when i = 3 regardless
           Exit For
         End If
      Next
      
      FreeSid ByVal psidAdministrators
End Function
  
  
Function PBMain
 Select Case IsAdmin
 Case  1 : Print "Running as an administrtor.
 Case  0 : Print "Not running as an administrtor.
 Case -1 : Print "FAILURE"
 End Select
 WaitKey$
End Function

    Leave a comment:

  • Semen Matusovski
    replied
    Try this fragment from my alive app.
    But I use modified a little Win32Api.
    So, re-check declarations, if this fragment will not work for you

    Code:
       Function IsAdmin As Long
      Local os As OSVERSIONINFO

      os.dwOSVersionInfoSize = SizeOf(os)
      GetVersionEx ByVal VarPtr(os)
      If IsFalse(os.dwPlatformId = %VER_PLATFORM_WIN32_NT) Then Function = 2: Exit Function

      Local hAccessToken As Long, i As Long
      Local Info As String
      Local szInfo As Dword
      Local pTokenGroups As TOKEN_GROUPS Ptr
      Local siaNtAuthority As SID_IDENTIFIER_AUTHORITY
      Local psidAdministrators As Long ' SID Ptr

      %TOKEN_QUERY = 8
      If IsFalse(OpenProcessToken(GetCurrentProcess, %TOKEN_QUERY, hAccessToken)) Then _
         Function = -1: Exit Function
      GetTokenInformation hAccessToken, %TOKENGROUPS, ByVal 0&, 0&, szInfo
      Info = Space$(szInfo): i = GetTokenInformation(hAccessToken, %TOKENGROUPS, ByVal StrPtr(Info), Len(Info), szInfo)
      CloseHandle hAccessToken

      If IsFalse(i) Then Function = -1: Exit Function

      siaNtAuthority.Value(5) = 5 ' = SECURITY_NT_AUTHORITY
      If IsFalse(AllocateAndInitializeSid(siaNtAuthority, 2, %SECURITY_BUILTIN_DOMAIN_RID, _
         %DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, psidAdministrators)) Then Function = -1: Exit Function

      pTokenGroups = StrPtr(Info)
      For i = 0 To @pTokenGroups.GroupCount - 1
         If EqualSid (ByVal psidAdministrators, ByVal @pTokenGroups.Groups(i).pSid) Then Function = 1: Exit For
      Next
      FreeSid ByVal psidAdministrators

   End Function
    ------------------

    Leave a comment:

  • Neil Hosgood
    started a topic Is User Administrator...

    Is User Administrator...

    Hi all,
    I just converted the following from the MSDN to PB, it uses
    CheckTokenMembership instead of a bunch of other API calls
    so its nice and short but only works with win2k or later.
    My problem is that it doesn't tell you if the current user
    is an Admin (only tested under xp pro), it tells you if an
    Admin is logged on. Ie. log on as Admin then use Switch User
    to change to a Non Admin User, the Admin is still logged on so
    the function still returns true. If you log on as Admin then
    Log OFF and log on as another user (non admin) it works just fine.
    So how can I tell if the current Desktop belongs to an Admin ?

    Code:
    #COMPILE EXE

%SECURITY_NT_AUTHORITY        = &H5           ' Not In WIN32API.INC

%NULL                         = 0             ' All these Equates, Types
%FALSE                        = 0             ' and Declares are in
%SECURITY_BUILTIN_DOMAIN_RID  = &H00000020&   ' WIN32API.INC
%DOMAIN_ALIAS_RID_ADMINS      = &H00000220&   '

TYPE SID_IDENTIFIER_AUTHORITY
  Value(0 TO 5) AS BYTE
END TYPE

DECLARE FUNCTION AllocateAndInitializeSid LIB "ADVAPI32.DLL" ALIAS "AllocateAndInitializeSid"_
                 (pIdentifierAuthority AS SID_IDENTIFIER_AUTHORITY, BYVAL nSubAuthorityCount AS BYTE, _
                 BYVAL nSubAuthority0 AS LONG, BYVAL nSubAuthority1 AS LONG,_
                 BYVAL nSubAuthority2 AS LONG, BYVAL nSubAuthority3 AS LONG,_
                 BYVAL nSubAuthority4 AS LONG, BYVAL nSubAuthority5 AS LONG,_
                 BYVAL nSubAuthority6 AS LONG, BYVAL nSubAuthority7 AS LONG,_
                 lpPSid AS ANY) AS LONG
DECLARE FUNCTION CheckTokenMembership LIB "ADVAPI32.DLL" ALIAS "CheckTokenMembership"_
                 (BYVAL hToken AS DWORD, SidToCheck AS ANY, IsMember AS LONG) AS LONG
DECLARE SUB FreeSid LIB "ADVAPI32.DLL" ALIAS "FreeSid" (pSid AS ANY)

' IsAdmin - Returns 1 if an Admin is Logged on, 0 if not.
'           Under XP Pro if you log on as an Admin and then use
'           SWITCH USER to change to a Non Admin User it still returns
'           TRUE because the admin hasn't logged off, the same might be
'           true if an admin logs on remotely (havn't tested that)

FUNCTION IsAdmin() AS LONG
LOCAL Result              AS LONG
LOCAL NtAuthority         AS SID_IDENTIFIER_AUTHORITY
LOCAL AdministratorsGroup AS LONG

  NtAuthority.value(5) = %SECURITY_NT_AUTHORITY

  Result = AllocateAndInitializeSid(NtAuthority                 ,_
                                    2                           ,_
                                    %SECURITY_BUILTIN_DOMAIN_RID,_
                                    %DOMAIN_ALIAS_RID_ADMINS    ,_
                                    0, 0, 0, 0, 0, 0            ,_
                                    AdministratorsGroup)

  IF Result THEN
    IF CheckTokenMembership( %NULL, BYVAL AdministratorsGroup,Result) = 0 THEN
      Result = %FALSE
    END IF
  END IF

  FreeSid BYVAL AdministratorsGroup

  FUNCTION = Result
END FUNCTION

FUNCTION PBMAIN
  MSGBOX STR$(IsAdmin)
END FUNCTION



    ------------------
    Tags: None
Previous template Next
Working...
X

We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, and to analyze site activity. For additional details, refer to our Privacy Policy.

By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

I Agree