CODEWITHSUNDEEP
cwindows
kampi
kampi

Reputation: 2484

How to check if a specified user is admin on a local computer or not?

I want to know, if a user is administrator on a PC or not? I found a code snippet, which does this, but i have a problem with it. The problem with this code is, that this function will return if the user, who started the process has admin rights or not. But i want to query if a specific user has administrator rights or not. Can i do this somehow? This is important because my application will run under SYSTEM account, so it will always return that the user is admin, but i want to know if the logged on user is admin or not?

Code snippet:

BOOL IsUserAdmin( VOID )
/*++ 
Routine Description: This routine returns TRUE if the caller's
process is a member of the Administrators local group. Caller is NOT
expected to be impersonating anyone and is expected to be able to
open its own process and process token. 
Arguments: None. 
Return Value: 
  TRUE - Caller has Administrators local group. 
  FALSE - Caller does not have Administrators local group. --
*/ 
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup; 

b = AllocateAndInitializeSid(
                                &NtAuthority,
                                2,
                                SECURITY_BUILTIN_DOMAIN_RID,
                                DOMAIN_ALIAS_RID_ADMINS,
                                0, 0, 0, 0, 0, 0,
                                &AdministratorsGroup
                            ); 
if ( b ) 
{
    if ( !CheckTokenMembership( NULL, AdministratorsGroup, &b ) ) 
    {
        b = FALSE;
    } 
    FreeSid( AdministratorsGroup ); 
}

return ( b );
}

Upvotes: 2

Views: 1008

Answers (3)

steve
steve

Reputation: 6020

Have a look at this blog article on MSDN:

How To Determine Whether a Thread Is Running in User Context of Local Administrator Account

Upvotes: 0

Ben Voigt
Ben Voigt

Reputation: 283684

  1. Run your user interface within the logged-on user account. This protects the privileged service against shatter attacks.

  2. Use DCOM to forward requests from the GUI to the privileged service. Use impersonation within the privileged service to discover the rights of the user.

Upvotes: 1

David Heffernan
David Heffernan

Reputation: 613013

You need to take the following steps.

  1. Decide which logged on user you want to pick on, there could be more than one. I would identify them using a process, e.g. the explorer process.
  2. Call OpenProcessToken() passing the process handle. Make sure you specify TOKEN_DUPLICATE.
  3. Call DuplicateToken() to get an impersonation token.
  4. Call CheckTokenMembership() as before but passing the token rather than NULL.
  5. Tidy up!

Upvotes: 2

Related Questions