Solved

Check for Admin rights?

Posted on 2000-03-28
6
964 Views
Last Modified: 2010-04-04
I have used www.Youseful.com to create a custom setup program that was built using Delphi 3.02.

This setup program install a Win32 application that supports both Win9x and WinNT/2000.

I have had several ppl send me e-mail complaining that they can't install the program on WinNT/2000... I always ask the question:

"Do you have administrator rights on the computer your trying to install my program on?"

To which I always get a response simular to "No."

So, this brings me to my question:
Does anyone know how to programicly check NT to determine if the current user has administrator rights necessary to install software?

:::crossing fingers:::
John
0
Comment
Question by:zitt
  • 3
  • 2
6 Comments
 
LVL 20

Expert Comment

by:Madshi
ID: 2666341
Call GetUserName to get the name of the current user, then NetUserGetInfo with level 1. In the level 1 structure you find a field "usri1_priv", which can be one of the following values:

Value      Meaning
USER_PRIV_GUEST      Guest
USER_PRIV_USER      User
USER_PRIV_ADMIN      Administrator

Regards, Madshi.
0
 
LVL 17

Accepted Solution

by:
inthe earned 100 total points
ID: 2666839
hi,
This function  checks if the currently logged user has Admin rights:
Regards Barry


const
  SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority =
    (Value: (0, 0, 0, 0, 0, 5));
  SECURITY_BUILTIN_DOMAIN_RID = $00000020;
  DOMAIN_ALIAS_RID_ADMINS     = $00000220;
                     
function IsAdmin: Boolean;
var
  hAccessToken: THandle;
  ptgGroups: PTokenGroups;
  dwInfoBufferSize: DWORD;
  psidAdministrators: PSID;
  x: Integer;
  bSuccess: BOOL;
begin
  Result := False;
  bSuccess := OpenThreadToken(GetCurrentThread, TOKEN_QUERY, True,
    hAccessToken);
  if not bSuccess then
  begin
    if GetLastError = ERROR_NO_TOKEN then
    bSuccess := OpenProcessToken(GetCurrentProcess, TOKEN_QUERY,
      hAccessToken);
  end;
  if bSuccess then
  begin
    GetMem(ptgGroups, 1024);
    bSuccess := GetTokenInformation(hAccessToken, TokenGroups,
      ptgGroups, 1024, dwInfoBufferSize);
    CloseHandle(hAccessToken);
    if bSuccess then
    begin
      AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2,
        SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,
        0, 0, 0, 0, 0, 0, psidAdministrators);
      {$R-}
      for x := 0 to ptgGroups.GroupCount - 1 do
        if EqualSid(psidAdministrators, ptgGroups.Groups[x].Sid) then
        begin
          Result := True;
          Break;
        end;
      {$R+}
      FreeSid(psidAdministrators);
    end;
    FreeMem(ptgGroups);
  end;
end;
0
 

Author Comment

by:zitt
ID: 2667741
inthe (Barry),

Thanks... works like a charm. (at least on Win2000)

Mash,
I appreciate you answer; it's just inthe's was "plug-n-play".

John
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 20

Expert Comment

by:Madshi
ID: 2668017
Hmmm... Do you have to belong to the administrator group to have administrator rights? Can't you have administrator rights without belonging to the administrator group? In such a case (if it is possible) Barry's code wouldn't work.

Regards, Madshi.
0
 

Author Comment

by:zitt
ID: 2668065
Sounds logical... I tested his code on my Win2k machine... for which I have administrator rights. It correctly reported that I had rights; however, I haven't yet tested it against a usr without rights.

How would you change the code?
0
 
LVL 20

Expert Comment

by:Madshi
ID: 2668091
I would use NetUserGetInfo, see my first comment...   :-)
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now