x0tester0x Posted June 17, 2017 Share Posted June 17, 2017 Sorry for my English... I want to check if the current User(SID) is in the Administratorgroup(SID), like in the C++ example: https://msdn.microsoft.com/en-us/library/aa376389.aspx. How can I get the SID and how to use the DllCall function correctly? Thank you in advance Link to comment Share on other sites More sharing options...
Subz Posted June 17, 2017 Share Posted June 17, 2017 You could just use WMI for example: Link to comment Share on other sites More sharing options...
x0tester0x Posted June 18, 2017 Author Share Posted June 18, 2017 Yes, but this doesn't work for me, because the Administratorgroup has a different name in another language. Link to comment Share on other sites More sharing options...
Nikolas92 Posted June 18, 2017 Share Posted June 18, 2017 maybe this? Func _GetUserGroup($User, $host = @ComputerName) Dim $filter[1] = ["group"] $colGroups = ObjGet("WinNT://" & $host & "") If Not IsObj($colGroups) Then Return SetError(1, '', '') $colGroups.Filter = $filter For $objGroup In $colGroups For $objUser In $objGroup.Members If $objUser.name = $User Then Return $objGroup.name Next Next Return SetError(2, '', '') EndFunc Link to comment Share on other sites More sharing options...
x0tester0x Posted June 18, 2017 Author Share Posted June 18, 2017 Yes this works fine Can this also checked with the SID of the User and the SID of the Administratorgroup? Link to comment Share on other sites More sharing options...
x0tester0x Posted June 18, 2017 Author Share Posted June 18, 2017 57 minutes ago, x0tester0x said: Yes this works fine Can this also checked with the SID of the User and the SID of the Administratorgroup? But the function returns only the group in which the user is... How can I return true if the user is in the Administratorgroup? Link to comment Share on other sites More sharing options...
anthonyjr2 Posted June 19, 2017 Share Posted June 19, 2017 Func _IsUserAdmin($User, $host = @ComputerName) Dim $filter[1] = ["group"] $colGroups = ObjGet("WinNT://" & $host & "") If Not IsObj($colGroups) Then Return SetError(1, '', '') $colGroups.Filter = $filter For $objGroup In $colGroups For $objUser In $objGroup.Members If $objUser.name = $User Then If $objGroup.name = "Administrators" Then Return True Else Return False EndIf EndIf Next Next Return SetError(2, '', '') EndFunc I modified the above posted script a bit, see if this works. UHJvZmVzc2lvbmFsIENvbXB1dGVyZXI= Link to comment Share on other sites More sharing options...
x0tester0x Posted June 21, 2017 Author Share Posted June 21, 2017 Nope doesn't work, because of the language Problem: On 18.6.2017 at 1:35 PM, x0tester0x said: Yes, but this doesn't work for me, because the Administratorgroup has a different name in another language. Link to comment Share on other sites More sharing options...
anthonyjr2 Posted June 21, 2017 Share Posted June 21, 2017 I mean, then couldn't you just change whatever is in the if statement to the word "Administrator" in that language? UHJvZmVzc2lvbmFsIENvbXB1dGVyZXI= Link to comment Share on other sites More sharing options...
x0tester0x Posted June 21, 2017 Author Share Posted June 21, 2017 (edited) Yes, but I need it in many languages not only one... Because of that I wanted to do it with the SID... On 17.6.2017 at 10:30 PM, x0tester0x said: Sorry for my English... I want to check if the current User(SID) is in the Administratorgroup(SID), like in the C++ example: https://msdn.microsoft.com/en-us/library/aa376389.aspx. How can I get the SID and how to use the DllCall function correctly? Thank you in advance Edited June 21, 2017 by x0tester0x Link to comment Share on other sites More sharing options...
anthonyjr2 Posted June 21, 2017 Share Posted June 21, 2017 Oh alright, give me a few minutes and I will see if I can come up with something. UHJvZmVzc2lvbmFsIENvbXB1dGVyZXI= Link to comment Share on other sites More sharing options...
x0tester0x Posted June 21, 2017 Author Share Posted June 21, 2017 OK thx Link to comment Share on other sites More sharing options...
anthonyjr2 Posted June 21, 2017 Share Posted June 21, 2017 (edited) As I am not very experienced with Active Directory, I also encourage other people to try to offer a solution since I don't exactly know if mine will work. EDIT: Wait, are you trying to do this over a domain? Or just checking for local administrator? Edited June 21, 2017 by anthonyjr2 UHJvZmVzc2lvbmFsIENvbXB1dGVyZXI= Link to comment Share on other sites More sharing options...
x0tester0x Posted June 21, 2017 Author Share Posted June 21, 2017 Primary for Local Administrator, but also over a domain. Link to comment Share on other sites More sharing options...
x0tester0x Posted June 25, 2017 Author Share Posted June 25, 2017 Has someone a solution? Link to comment Share on other sites More sharing options...
Developers Jos Posted June 25, 2017 Developers Share Posted June 25, 2017 This little script will loop through the Local Administrators group of the computer: $objWmi = ObjGet("winmgmts:\\" & @ComputerName & "\root\cimv2") $colGroups = $objWmi.ExecQuery ("Select * From Win32_Group Where Domain = '" & @ComputerName & "' AND SID = 'S-1-5-32-544'") For $objGroup in $colGroups ConsoleWrite($objGroup.Name & @CRLF) Next Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
x0tester0x Posted June 26, 2017 Author Share Posted June 26, 2017 Yes, but I need something like this: whoami /groups /fo csv | convertfrom-csv | where-object { $_.SID -eq "S-1-5-32-544" } You can also use isadmin.exe (http://www.westmesatech.com/wast.html) and check for an exit code of 2 (member of administrators, but not enabled, hence not elevated) Source: https://stackoverflow.com/questions/29129787/powershell-check-if-logged-on-user-is-an-administrator-when-non-elevated Link to comment Share on other sites More sharing options...
jguinch Posted June 26, 2017 Share Posted June 26, 2017 (edited) can you try this one ? #include <WinAPI.au3> If _IsLocalAdmin() Then MsgBox(0, "", "User """ & @Username & """ is a local administrator") Else MsgBox(48, "", "User " & @Username & " is not a local administrator") EndIf Func _IsLocalAdmin() Local $hToken = _Security__OpenProcessToken(_WinAPI_GetCurrentProcess(), $TOKEN_READ) If @error Then Return SetError(1, 0, 0) Local $tInfo = _Security__GetTokenInformation ( $hToken, $TOKENELEVATIONTYPE ) If @error Then Return SetError(2, 0, 0) Local $iTokenType = DllStructGetData(DllStructCreate("int", DllStructGetPtr($tInfo)), 1) Return $iTokenType = 1 ? IsAdmin() : 1 EndFunc This function returns 1 when the user is a local administrator edit : CheckTokenMembership will do the same than IsAdmin. You should use CheckTokenMembershipEx instead, but it's not supported on Windows 7 : #include <Security.au3> ; ... Func _isAdmin() Local $pSID = _Security__StringSidToSid($SID_ADMINISTRATORS) If @error Then Return SetError(1, 0, 0) Local $aRet = DllCall("Advapi32.dll", "bool", "CheckTokenMembership", "handle", "", "struct*", $pSID, "bool*", "") If @error Then Return SetError(2, 0, 0) Return $aRet[3] EndFunc Edited June 26, 2017 by jguinch Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
x0tester0x Posted June 26, 2017 Author Share Posted June 26, 2017 Yes the first Example works in Win7 an Win10, but the second doesn't work in both(always returns 0). Thanks Link to comment Share on other sites More sharing options...
jguinch Posted June 26, 2017 Share Posted June 26, 2017 Yes, the 2nd example returns 1 only when the user has elevated admin rights. It's the same result than the IsAdmin native function. Spoiler Network configuration UDF, _DirGetSizeByExtension, _UninstallList Firefox ConfigurationArray multi-dimensions, Printer Management UDF Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now