How can I tell if my process is running as Administrator?
Technically, if you want to see if the member is the local administrator account, then you can get the security identifier (SID) of the current user through the User
property on the WindowsIdentity
class, like so (the static GetCurrent
method gets the current Windows user):
WindowsIdentity windowsIdentity = WindowsIdentity.GetCurrent();
string sid = windowsIdentity.User.ToString();
The User
property returns the SID of the user which has a number of predefined values for various groups and users.
Then you would check to see if the SID has the following pattern, indicating it is the local administrator account (which is a well-known SID):
S-1-5-{other SID parts}-500
Or, if you don't want to parse strings, you can use the SecurityIdentifier
class:
// Get the built-in administrator account.
var sid = new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid,
null);
// Compare to the current user.
bool isBuiltInAdmin = (windowsIdentity.User == sid);
However, I suspect that what you really want to know is if the current user is a member of the administrators group for the local machine. You can get this SID using the WellKnownSidType
of BuiltinAdministratorsSid
:
// Get the SID of the admin group on the local machine.
var localAdminGroupSid = new SecurityIdentifier(
WellKnownSidType.BuiltinAdministratorsSid, null);
Then you can check the Groups
property on the WindowsIdentity
of the user to see if that user is a member of the local admin group, like so:
bool isLocalAdmin = windowsIdentity.Groups.
Select(g => (SecurityIdentifier) g.Translate(typeof(SecurityIdentifier))).
Any(s => s == localAdminGroupSid);
How to detect if CMD is running as Administrator/has elevated privileges?
ADDENDUM: For Windows 8 this will not work; see this excellent answer instead.
Found this solution here: http://www.robvanderwoude.com/clevertricks.php
AT > NUL
IF %ERRORLEVEL% EQU 0 (
ECHO you are Administrator
) ELSE (
ECHO you are NOT Administrator. Exiting...
PING 127.0.0.1 > NUL 2>&1
EXIT /B 1
)
Assuming that doesn't work and since we're talking Win7 you could use the following in Powershell if that's suitable:
$principal = new-object System.Security.Principal.WindowsPrincipal([System.Security.Principal.WindowsIdentity]::GetCurrent())
$principal.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)
If not (and probably not, since you explicitly proposed batch files) then you could write the above in .NET and return an exit code from an exe based on the result for your batch file to use.
How can I detect if my process is running UAC-elevated or not?
The following C++ function can do that:
HRESULT GetElevationType( __out TOKEN_ELEVATION_TYPE * ptet );
/*
Parameters:
ptet
[out] Pointer to a variable that receives the elevation type of the current process.
The possible values are:
TokenElevationTypeDefault - This value indicates that either UAC is disabled,
or the process is started by a standard user (not a member of the Administrators group).
The following two values can be returned only if both the UAC is enabled
and the user is a member of the Administrator's group:
TokenElevationTypeFull - the process is running elevated.
TokenElevationTypeLimited - the process is not running elevated.
Return Values:
If the function succeeds, the return value is S_OK.
If the function fails, the return value is E_FAIL. To get extended error information, call GetLastError().
Implementation:
*/
HRESULT GetElevationType( __out TOKEN_ELEVATION_TYPE * ptet )
{
if ( !IsVista() )
return E_FAIL;
HRESULT hResult = E_FAIL; // assume an error occurred
HANDLE hToken = NULL;
if ( !::OpenProcessToken(
::GetCurrentProcess(),
TOKEN_QUERY,
&hToken ) )
{
return hResult;
}
DWORD dwReturnLength = 0;
if ( ::GetTokenInformation(
hToken,
TokenElevationType,
ptet,
sizeof( *ptet ),
&dwReturnLength ) )
{
ASSERT( dwReturnLength == sizeof( *ptet ) );
hResult = S_OK;
}
::CloseHandle( hToken );
return hResult;
}
Related Topics
Performance of Nested Yield in a Tree
Project Builds But Can't Publish
A Pattern to Pause/Resume an Async Task
Using Webclient or Webrequest to Login to a Website and Access Data
How to Add the Same Column to All Entities in Ef Core
Avoiding Null Reference Exceptions
Gracefully Handling Corrupted State Exceptions
Setting Dropdownlist Selecteditem Programmatically
Why Does Guid.Tobytearray() Order the Bytes the Way It Does
Why Is List When Passed Without Ref to a Function Acting Like Passed with Ref
How to Convert an Array of Floats to a Byte[] and Back
How to Programmatically List All Projects in a Solution
How to Detect the Original MAC Address After It Has Been Spoofed