5

Possible Duplicate:
How can I tell if my process is running As Administrator?

How can I check using C# if my process is running as the local Administrator?

I know how to find out if the current user is a member of the builtin Administrators group. But this is not what I want to know. I want to know if the current user is the (one-and-only) special local Administrator account.

I do also know how to retrieve the name of the current user, but I do not want to compare that to the hardcoded name "Administrator" because this will not work with localized versions of Windows (e. g. "Administrador" in Spanish, "Administrateur" in French etc.).

Community
  • 1
  • 1
candritzky
  • 351
  • 4
  • 11
  • 1
    The local Administrator account is not "special" or protected, it's just a default user that exists in the Local Administrators group. You can delete and rename it like you can any other user (fun times to be had when you delete all the Local Administrator users, btw). – Dai Sep 07 '12 at 12:58
  • If this doesnt work, try both codes in the answers of this questions: http://stackoverflow.com/questions/1220213/c-detect-if-running-with-elevated-privileges – Tearsdontfalls Sep 07 '12 at 12:59
  • @David, I seem to recall that the POSIX subsystem treats the Administrator account specially in a manner similar to root on a UNIX system. Probably an irrelevant edge case, but I've had many Interix installation instructions tell me to be sure that I was the "real" Administrator, not just in the group. – dsolimano Sep 07 '12 at 13:00
  • Thanks for pointing me to the duplicate. Alread tried something linke this var securityIdentifier = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null); var ntAccount = securityIdentifier.Translate(typeof(NTAccount)); var name = ntAccount.Value; But this returns "Administrators" (plural) instead of "Administrator" (singular). What SID does WellKnownSidType.BuiltinAdministratorsSid return exactly? The one of the Administrators group, or the one of the local Administrator? – candritzky Sep 07 '12 at 13:02
  • @dsolimano Your perfectly right if you mention an irrelevant edge case. I'm trying to solve a very stupid problem interfacing with some 3rd party software where they have somehow hardcoded a check for the Administrator account name. I think, what they really wanted is just to be sure to be a member of the Administrators group, but this is not the way they implemented it. – candritzky Sep 07 '12 at 13:09
  • @user1273698 according to the docs, `WellKnownSidType.BuildInAdministratorsSid` matches the native `WinBuiltinAdministratorsSid` which is described in Win32's documentation as "Indicates a SID that matches the administrator group.". So as you see, it isn't a reference to the user, just the group. – Dai Sep 07 '12 at 14:10
  • @David But the docs for WellKnownSidType.BuiltinAdministratorsSid say "Indicates a SID that matches the administrator account." IMHO this is wrong. For this reason I don't think that this solution from the duplicate issue works: var sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, null); bool isBuiltInAdmin = (WindowsIdentity.GetCurrent().User == sid); They are comparing the user's SID to the Administrators group SID. Can't believe this works. – candritzky Sep 07 '12 at 14:57

1 Answers1

1

this is the way i use

    WindowsIdentity user = WindowsIdentity.GetCurrent();
    WindowsPrincipal principal = new WindowsPrincipal(user);
    bool isAdmin = principal.IsInRole(WindowsBuiltInRole.Administrator);
Eric Brown - Cal
  • 14,135
  • 12
  • 58
  • 97
Subhash Lama
  • 433
  • 2
  • 12