54

I want to know if a program is running as administrator.

The user doesn't have to be administrator. I only want to know if my application has rights to edit some secured files that are editable when running as Administrator.

Wai Ha Lee
  • 8,598
  • 83
  • 57
  • 92
Hooch
  • 28,817
  • 29
  • 102
  • 161
  • 2
    possible duplicate of [How can I tell if my process is running As Administrator?](http://stackoverflow.com/questions/509292/how-can-i-tell-if-my-process-is-running-as-administrator) – Alex K. May 10 '11 at 16:32
  • 3
    I just Googled that question and it looks like I asked it 3 years ago. Good to know. Thanks Google. – Hooch Apr 22 '15 at 09:57

3 Answers3

122

This will return a bool valid

using System.Security.Principal;

bool isElevated;
using (WindowsIdentity identity = WindowsIdentity.GetCurrent())
{
    WindowsPrincipal principal = new WindowsPrincipal(identity);
    isElevated = principal.IsInRole(WindowsBuiltInRole.Administrator);
}
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219
atrljoe
  • 8,031
  • 11
  • 67
  • 110
  • 1
    +1 because that even works on Linux (Mono). Gives you true when ran as root/via sudo. Gives false as a default user. – Niklas S. Dec 20 '15 at 15:50
  • If you build for .NET 5.0, you get: error CA1416: This call site is reachable on all platforms. 'WindowsBuiltInRole.Administrator' is only supported on: 'windows'. – Jamie May 14 '21 at 18:47
11

Here's @atrljoe's answer turned into a one liner using the latest C#:

using System.Security.Principal;

static bool IsElevated => new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator);
Bryan Legend
  • 6,790
  • 1
  • 59
  • 60
  • 14
    This is ugly. I'm sorry. But really, you should shorten everythiing. It is bette to leave it as 4 lines and make function out of it. How to even debug your one liner? – Hooch Nov 13 '15 at 23:21
  • 1
    I believe that terseness is a vitue, as long as it's clear. – Bryan Legend Nov 15 '15 at 01:49
  • 3
    Interesting... I find this easier to read than the expanded version. This has a clear call hierarchy, whereas to understand code exploded into different variables, I need to mentally execute it. – bart Dec 06 '15 at 20:51
  • 12
    Another downside of this form is that [you never call `Dispose` as you are required by contract to do](https://blogs.msdn.microsoft.com/oldnewthing/20100809-00/?p=13203) – Ian Boyd May 01 '17 at 16:03
  • 4
    My downvote is because it isn't disposed of, as Ian said. – Derreck Dean May 30 '18 at 13:53
  • 1
    Not only is it ugly, it's not clear what it does. I'm in the "clear and concise even if it takes more lines of code" boat. – Mmm Jan 10 '21 at 19:52
  • This exact code would be ten times more readable if it were just made multi-line. Comments won't allow formatting, but if you insert a carriage return directly after the => operator, and after the Windows Principle constructor call, readability would be vastly better. Irrelevant, though, because you really do have to dispose that WindowsIdentity. – Jamie May 14 '21 at 19:14
1

To avoid SecurityException, and leaks, like not closing WindowsIdentity.GetCurrent(), since WindowsPrincipal does not explicitly close, but only creates a new connection and only then closes it.

private static bool IsAdministrationRules() {
   try {
       using (WindowsIdentity identity = WindowsIdentity.GetCurrent()) {
          return (new WindowsPrincipal(identity)).IsInRole(WindowsBuiltInRole.Administrator);
       }
   } catch {
       return false;
   }
}
Uncer
  • 41
  • 8