13

I am trying to work out how to detect whether a user is running with admin rights under Windows XP. This is fairly easy to do in Vista/Win7 thanks to the whoami command. Here's a snippet in Ruby for how to do it under Vista:

Note, the following link now incorporates the solution suggested by muteW

http://gist.github.com/65931

The trouble is, whoami doesn't come with Windows XP and so the above linked method will always return false on WinXP, even if we're running as an administrator.

So, does anyone know of a way to detect whether we're running as an admin under Windows XP using Ruby, command-line tools, batch-files, or even third-party (needs to be open source, really) tools?

Charles Roper
  • 20,125
  • 20
  • 71
  • 101

6 Answers6

32

This will detect if the user is running in elevated mode (eg a command prompt that was "Run As" Administrator). It relies on the fact that you require admin privileges to read the LOCAL SERVICE account reg key:

reg query "HKU\S-1-5-19"

this will return a non-zero error code if it cannot be read, and zero if it can.
Works from XP up...

Charles Roper
  • 20,125
  • 20
  • 71
  • 101
Peter McEvoy
  • 2,816
  • 19
  • 24
  • And to anyone who uses C++, system() returns 1 if the command above fails and 0 if it succeeds; meaning it returns 0 if the user has admin rights. Very good answer, Peter. Thanks! – Griffin Nov 03 '11 at 01:23
  • 4
    Or, in C/C++: call RegOpenKey(HKEY_USERS, "S-1-5-19", &key) and check for success. – theller Apr 05 '12 at 13:59
11

If you run 

>net localgroup administrators

in a command shell you should get the list of administrator accounts in Windows XP. Simply parse and scan the output to check for the particular user account you want. For e.g. to check if the current user is an administrator you could do -

>net localgroup administrators | find "%USERNAME%"
aks
  • 24,359
  • 3
  • 32
  • 35
  • 2
    This only validates that the username is in the Admin group - it does not detect if the current session has admin rights. For example on Win 7 with UAC, a command prompt runs by default as non-admin and the above command will incorrectly report the session as Admin. See my solution for something a little more reliable – Peter McEvoy Jul 14 '11 at 10:25
7

Piskvor option its fine, or check this url http://weseetips.com/2008/04/16/how-to-check-whether-current-user-have-administrator-privilege/

this is the code in that page

SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
// Initialize SID.
if( !AllocateAndInitializeSid( &NtAuthority,
                               2,
                               SECURITY_BUILTIN_DOMAIN_RID,
                               DOMAIN_ALIAS_RID_ADMINS,
                               0, 0, 0, 0, 0, 0,
                               &AdministratorsGroup))
{
    // Initializing SID Failed.
    return false;
}
// Check whether the token is present in admin group.
BOOL IsInAdminGroup = FALSE;
if( !CheckTokenMembership( NULL,
                           AdministratorsGroup,
                           &IsInAdminGroup ))
{
    // Error occurred.
    IsInAdminGroup = FALSE;
}
// Free SID and return.
FreeSid(AdministratorsGroup);
return IsInAdminGroup;
acromm
  • 880
  • 13
  • 24
  • its made in C using the WINDOWS API, so you dont need anything else to running this, just compile it – acromm Feb 18 '09 at 13:20
  • Note that this will return FALSE if called from a Vista program running in an administrator account if the process was not launched with 'run as administrator'. – Jim In Texas Mar 30 '09 at 17:02
  • thats a Vista issue. maybe you could add a differente check in the same program for Vista OS... – acromm Apr 07 '09 at 15:07
  • 1
    For future reference, the above code is taken from: http://msdn.microsoft.com/en-us/library/aa376389%28VS.85%29.aspx – Mark Ingram Jun 21 '10 at 10:35
2

This will find out without shelling out:

require 'win32/registry'

is_admin = false
begin
  Win32::Registry::HKEY_USERS.open('S-1-5-19') {|reg| }
  is_admin = true
rescue
end

The strategy is similar to Peter's, but with less overhead.

mikeslattery
  • 4,039
  • 1
  • 19
  • 14
2

Check out the CheckTokenMembership method. There is a sample there of IsUserAdmin() implementation plus some other useful community feedback on when that function does not return what is expected and what to do to improve it.

Community
  • 1
  • 1
Anonymous
  • 18,162
  • 2
  • 41
  • 64
1

Here is the better (PowerShell) way of doing it: https://stackoverflow.com/a/16617861/863980

In one line, you can say (copy/paste in posh and it will work):

(@(([ADSI]"WinNT://./Administrators,group").psbase.Invoke("Members")) | `
foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}) -contains "Administrator"

=> returns True when user belongs to Administrators group (as opposed to checking user IS Administrator)

(Note: backtick or grave accent ` escapes the carriage return in PowerShell, in Ruby it executes the shell commands, like C++'s system('command')..)

So in Ruby, you can say (copy/paste in irb):

def is_current_user_local_admin?
  return `powershell "(@(([ADSI]'WinNT://./Administrators,group').psbase.Invoke('Members')) | foreach {$_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null)}) -contains 'Administrator'"`.include? "True"
end

Don't know the (even better) WMI way of doing it though. With that, you could have done something like (in Ruby again):

require 'win32ole'
wmi = WIN32OLE.connect('WinNT://./Administrators,group')
# don't know what should come here...
Community
  • 1
  • 1
vulcan raven
  • 32,612
  • 11
  • 57
  • 93