Board index » delphi » A function to check if the current user is an administrator

A function to check if the current user is an administrator

Does anyone know how to write a function that checks if the current
user is a member of the Administrators group in Windows NT / 2000.

I believe you need to get the current user SID [which I can do] but how
do I check that it is a member of Administrators? Or is there an easier
way to do it that doesnt involve SID's?

Thanks,

Charlie

Sent via Deja.com http://www.deja.com/
Before you buy.

 

Re:A function to check if the current user is an administrator


<cant...@my-deja.com> skrev i en meddelelse
news:8pfolc$2ok$1@nnrp1.deja.com...

Quote
> Does anyone know how to write a function that checks if the current
> user is a member of the Administrators group in Windows NT / 2000.

I have seen this posted a while ago, but I haven't tried it myself.

const
  SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority =
    (Value: (0, 0, 0, 0, 0, 5));
  SECURITY_BUILTIN_DOMAIN_RID = $00000020;
  DOMAIN_ALIAS_RID_ADMINS     = $00000220;

function IsAdmin: Boolean;
var
  hAccessToken: THandle;
  ptgGroups: PTokenGroups;
  dwInfoBufferSize: DWORD;
  psidAdministrators: PSID;
  x: Integer;
  bSuccess: BOOL;
begin
  Result := False;
  bSuccess := OpenThreadToken(GetCurrentThread, TOKEN_QUERY, True,
    hAccessToken);
  if not bSuccess then
  begin
    if GetLastError = ERROR_NO_TOKEN then
    bSuccess := OpenProcessToken(GetCurrentProcess, TOKEN_QUERY,
      hAccessToken);
  end;
  if bSuccess then
  begin
    GetMem(ptgGroups, 1024);
    bSuccess := GetTokenInformation(hAccessToken, TokenGroups,
      ptgGroups, 1024, dwInfoBufferSize);
    CloseHandle(hAccessToken);
    if bSuccess then
    begin
      AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2,
        SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,
        0, 0, 0, 0, 0, 0, psidAdministrators);
      for x := 0 to ptgGroups.GroupCount - 1 do
        if EqualSid(psidAdministrators, ptgGroups.Groups[x].Sid) then
        begin
          Result := True;
          Break;
        end;
      FreeSid(psidAdministrators);
    end;
    FreeMem(ptgGroups);
  end;
end;

Finn Tolderlund

Re:A function to check if the current user is an administrator


Works great!

Thanks very much
Charlie

In article <OoOu5.498$T%1.5...@news0.mobilixnet.dk>,
  "Finn Tolderlund" <XnospamYfinn.tolderlu...@Ymobilixnet.dkXnospamY>
wrote:

Quote

> <cant...@my-deja.com> skrev i en meddelelse
> news:8pfolc$2ok$1@nnrp1.deja.com...
> > Does anyone know how to write a function that checks if the current
> > user is a member of the Administrators group in Windows NT / 2000.

> I have seen this posted a while ago, but I haven't tried it myself.

> const
>   SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority =
>     (Value: (0, 0, 0, 0, 0, 5));
>   SECURITY_BUILTIN_DOMAIN_RID = $00000020;
>   DOMAIN_ALIAS_RID_ADMINS     = $00000220;

> function IsAdmin: Boolean;
> var
>   hAccessToken: THandle;
>   ptgGroups: PTokenGroups;
>   dwInfoBufferSize: DWORD;
>   psidAdministrators: PSID;
>   x: Integer;
>   bSuccess: BOOL;
> begin
>   Result := False;
>   bSuccess := OpenThreadToken(GetCurrentThread, TOKEN_QUERY, True,
>     hAccessToken);
>   if not bSuccess then
>   begin
>     if GetLastError = ERROR_NO_TOKEN then
>     bSuccess := OpenProcessToken(GetCurrentProcess, TOKEN_QUERY,
>       hAccessToken);
>   end;
>   if bSuccess then
>   begin
>     GetMem(ptgGroups, 1024);
>     bSuccess := GetTokenInformation(hAccessToken, TokenGroups,
>       ptgGroups, 1024, dwInfoBufferSize);
>     CloseHandle(hAccessToken);
>     if bSuccess then
>     begin
>       AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2,
>         SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,
>         0, 0, 0, 0, 0, 0, psidAdministrators);
>       for x := 0 to ptgGroups.GroupCount - 1 do
>         if EqualSid(psidAdministrators, ptgGroups.Groups[x].Sid) then
>         begin
>           Result := True;
>           Break;
>         end;
>       FreeSid(psidAdministrators);
>     end;
>     FreeMem(ptgGroups);
>   end;
> end;

> Finn Tolderlund

Sent via Deja.com http://www.deja.com/
Before you buy.

Other Threads