dobbelina Posted April 26, 2010 Posted April 26, 2010 (edited) Hi ! I have created a new administrator account in Win7, but the code below doesn't recognize me as admin? If IsAdmin() Then ConsoleWrite ("is an admin") Else ConsoleWrite ("is NOT an admin") EndIf I only get "is NOT an admin". Only under the main account "Administrator" does it work. Workaround, solution to identify if in admin group...? Edited April 26, 2010 by dobbelina
trancexx Posted April 26, 2010 Posted April 26, 2010 How could it?Did you read Remarks for IsAdmin()? ♡♡♡ . eMyvnE
dobbelina Posted April 26, 2010 Author Posted April 26, 2010 Ahh,sorry I assumed IsAdmin literally.It returns 1 under Windows Vista only if running with a full administrator token (i.e. #RequireAdmin has been used, or has already been elevated by UAC).Any tips on identifying if @UserName is member of admin group ?
dobbelina Posted April 26, 2010 Author Posted April 26, 2010 Came up with this, and it works. But is there an easier way ? expandcollapse popup#NoTrayIcon #include <Security.au3> #include <Array.au3> Global $GroupSID = "S-1-5-32-544", $Delay=100 Global $aLocalAdminGroupName = _Security__LookupAccountSid($GroupSID) Local $IsAdmin = _IsAdmin(@UserName) If $IsAdmin == True Then MsgBox(0, "Done","is a admin!") Else MsgBox(0, "Done","is NOT a admin!") EndIf Func _NetUserGetLocalGroups($sUsername, $sServer = "") ; array[0] contains number of elements Local CONST $LG_INCLUDE_INDIRECT = 0x1 Local $tBufPtr = DllStructCreate("ptr") Local $ptBufPtr = DllStructGetPtr($tBufPtr) Local $tEntriesRead = DllStructCreate("dword") Local $ptEntriesRead = DllStructGetPtr($tEntriesRead) Local $tTotalEntries = DllStructCreate("dword") Local $ptTotalEntries = DllStructGetPtr($tTotalEntries) Local $aRet = DllCall("Netapi32.dll", "int", "NetUserGetLocalGroups", "wstr", $sServer, "wstr", $sUsername, "dword", 0, "dword", $LG_INCLUDE_INDIRECT, "ptr", $ptBufPtr, "dword", -1, "ptr", $ptEntriesRead, "ptr", $ptTotalEntries) If $aRet[0] Then Return SetError(1, $aRet[0], False) Local $iEntriesRead = DllStructGetData($tEntriesRead, 1) Local $pBuf = DllStructGetData($tBufPtr, 1) Local $sLocalGroupUsersInfo0 = "ptr" Local $tLocalGroupUsersInfo0 = DllStructCreate($sLocalGroupUsersInfo0) Local $zLocalGroupUsersInfo0 = DllStructGetSize($tLocalGroupUsersInfo0) Local $tLocalGroupName Local $aLocalGroupNames[1] = [0] For $i = 1 To $iEntriesRead $tLocalGroupUsersInfo0 = DllStructCreate($sLocalGroupUsersInfo0, $pBuf + ($i - 1) * $zLocalGroupUsersInfo0) $tLocalGroupName = DllStructCreate("wchar[256]", DllStructGetData($tLocalGroupUsersInfo0, 1)) $aLocalGroupNames[0] += 1 ReDim $aLocalGroupNames[$aLocalGroupNames[0]+1] $aLocalGroupNames[$aLocalGroupNames[0]] = DllStructGetData($tLocalGroupName,1) Next DllCall("Netapi32.dll", "int", "NetApiBufferFree", "ptr", $pBuf) Return $aLocalGroupNames EndFunc ;_NetUserGetLocalGroups Func _IsAdmin($UserName) Local $aLocalGroupNames = _NetUserGetLocalGroups($UserName) Local $ArraySearch = _ArraySearch($aLocalGroupNames, $aLocalAdminGroupName[0], 1) If $ArraySearch == -1 Then Return False Else Return True EndIf EndFunc ;_IsAdmin
trancexx Posted April 26, 2010 Posted April 26, 2010 Sure:; Call $aCall = DllCall("netapi32.dll", "long", "NetUserGetInfo", _ "wstr", @ComputerName, _ "wstr", @UserName, _ "dword", 1, _ ; Return detailed information about the user account "ptr*", 0) ; ...error checking here... ; Collect $pPointer = $aCall[4] ; Format $tUSER_INFO_1 = DllStructCreate("ptr Name;" & _ "ptr Password;" & _ "dword PasswordAge;" & _ "dword Priv;" & _ "ptr HomeDir;" & _ "ptr Comment;" & _ "dword Flags;" & _ "ptr ScriptPath;", _ $pPointer) ; You want this: $fPrivAdmin = DllStructGetData($tUSER_INFO_1, "Priv") = 2 ; Free DllCall("netapi32.dll", "int", "NetApiBufferFree", "ptr", $pPointer) MsgBox(64, "Result", "Administrator = " & $fPrivAdmin) ♡♡♡ . eMyvnE
zorphnog Posted April 27, 2010 Posted April 27, 2010 Or even easier: Func _IsAdmin($sUser, $sComputer = ".") Local $aGroup, $aMember, $bAdmin = False $aGroup = ObjGet("WinNT://" & $sComputer & "/Administrators") If @error Then Return SetError(1, 0, -1) For $aMember In $aGroup.Members If $aMember.Name = $sUser Then $bAdmin = True ExitLoop EndIf Next $aGroup = 0 Return $bAdmin EndFunc
trancexx Posted April 27, 2010 Posted April 27, 2010 That's not easier, only different. If Winmgmt service is paused you'll get to unwanted troubles. Code from up was with purpose of education. Real function could be:MsgBox(64, @UserName, "Administrator = " & _IsAdministrator()) Func _IsAdministrator($sUser = @UserName, $sCompName = ".") Local $aCall = DllCall("netapi32.dll", "long", "NetUserGetInfo", "wstr", $sCompName, "wstr", $sUser, "dword", 1, "ptr*", 0) If @error Or $aCall[0] Then Return SetError(1, 0, False) Local $fPrivAdmin = DllStructGetData(DllStructCreate("ptr;ptr;dword;dword;ptr;ptr;dword;ptr", $aCall[4]), 4) = 2 DllCall("netapi32.dll", "long", "NetApiBufferFree", "ptr", $aCall[4]) Return $fPrivAdmin EndFunc ♡♡♡ . eMyvnE
dobbelina Posted April 28, 2010 Author Posted April 28, 2010 Thanks both of you for the excellent code!.trancexx , you don't happen to have a non-Winmgmtfunction that retrieves the name of the administrator group do you?I got this at the moment:$oWMIService = ObjGet("winmgmts:\\" & @ComputerName & "\root\cimv2") $colItems = $oWMIService.ExecQuery("Select * From Win32_Group Where LocalAccount = TRUE And SID = 'S-1-5-32-544'") For $oItem in $colItems Next consolewrite($oItem.Name)Feels like such a shame to use your code, when i use the abovein the same script.
PsaltyDS Posted April 28, 2010 Posted April 28, 2010 Using the "LookupAccountSid" function in AdvApi32.dll. Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
KaFu Posted April 28, 2010 Posted April 28, 2010 Same dll (NetUserGetInfo), look at level 23 (sounds more like a mmorpg ). http://msdn.microsoft.com/en-us/library/aa370654%28VS.85%29.aspx OS: Win10-22H2 - 64bit - German, AutoIt Version: 3.3.16.1, AutoIt Editor: SciTE, Website: https://funk.eu AMT - Auto-Movie-Thumbnailer (2024-Oct-13) BIC - Batch-Image-Cropper (2023-Apr-01) COP - Color Picker (2009-May-21) DCS - Dynamic Cursor Selector (2024-Oct-13) HMW - Hide my Windows (2024-Oct-19) HRC - HotKey Resolution Changer (2012-May-16) ICU - Icon Configuration Utility (2018-Sep-16) SMF - Search my Files (2024-Oct-20) - THE file info and duplicates search tool SSD - Set Sound Device (2017-Sep-16)
PsaltyDS Posted April 28, 2010 Posted April 28, 2010 Same dll (NetUserGetInfo), look at level 23 (sounds more like a mmorpg ).http://msdn.microsoft.com/en-us/library/aa370654%28VS.85%29.aspxI think that requires the name as an input, but the OP wants to get the unknown name from a known SID. Unless I misunderstood the question. Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
dobbelina Posted April 28, 2010 Author Posted April 28, 2010 (edited) I think that requires the name as an input, but the OP wants to get the unknown name from a known SID. Unless I misunderstood the question.Yes, you are right.Dll calls isn't my cup of coffe unfortunately Powerfull stuff this, but kinda steep learning curve,throwing myself at LookupAccountSidAs everything, it's easy when you know howto.. Edited April 28, 2010 by dobbelina
trancexx Posted April 28, 2010 Posted April 28, 2010 You already have it written inside Security.au3 #include <Security.au3> $aArray = _Security__LookupAccountSid("S-1-5-32-544") ;...error checking here ConsoleWrite($aArray[0] & @CRLF) ♡♡♡ . eMyvnE
PsaltyDS Posted April 28, 2010 Posted April 28, 2010 Yeah, that was the part I was too lazy to do. I usually include a demo, but was pretty sure it was going to be in one of the existing UDFs already anyway, and didn't remember where. Nice catch by trancexx. Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law
trancexx Posted April 29, 2010 Posted April 29, 2010 Yeah, that was the part I was too lazy to do. I usually include a demo, but was pretty sure it was going to be in one of the existing UDFs already anyway, and didn't remember where.Nice catch by trancexx. Yeah, yeah, yeah... Hallowed be Thy name ♡♡♡ . eMyvnE
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now