views:

623

answers:

3

I would like to display some extra UI elements when the process is being run as Administrator as opposed to when it isn't, similar to how Visual Studio 2008 displays 'Administrator' in its title bar when running as admin. How can I tell?

+4  A: 

Technically, if you want to see if the member is the local administrator, then you could check the SID of the current windows user. You can get the SID of the current user like so:

string sid = WindowsIdentity.GetBoolean().User.ToString();

Then you would check to see if the left part of the SID was "S-1-5-" and the right part was "-500", as outlined in this KB article:

http://support.microsoft.com/kb/243330

Or, if you don't want to parse strings, you can use the SecurityIdentifier class:

// Get the built-in administrator account.
SecurityIdentifier sid = 
  new SecurityIdentifier(WellKnownSidType.BuiltinAdministratorsSid, 
    null);

// Compare to the current user.
bool isBuiltInAdmin = (WindowsIdentity.GetBoolean().User == sid);

However, I suspect that what you really want to know is if the current user is a member of the administrators group for the local machine. In this case, you want to get the SID for the administrators group and then check the Groups property to see if your user is a member of it, which is outlined here:

http://blogs.msdn.com/jaredpar/archive/2007/08/01/detecting-if-you-are-an-admin.aspx

casperOne
A: 

Thanks for the reply. But It is not working. The scenario is given below

Assume that two user as user1 (Standard user) and user2(Administrator).User1 logs Vista/win7 machine and run the application without run as administrator. In our application, there is one functionality that, for doing some tasks need to check admin privilege. So we progarmatically show OS Logon window by using CredUIPromptForCredentials(ref credUI, applicationName, IntPtr.Zero, 0, userID, 100, userPassword, 100, ref save, flags);

So we can give user2(Admin user) user credentials and impersonate the application.

After that I need to check whether user2 has admin privilege in the machine. I have used below code. But it is not working. It is returning false. Is it possible to eleveate the application without closing it or to get whether the user has admin privilege after impersonation.

private bool IsCheckAdmin() { bool result = false;

        WindowsIdentity cur = WindowsIdentity.GetCurrent();
        foreach (IdentityReference role in cur.Groups)
        { 
            if(role.IsValidTargetType(typeof(SecurityIdentifier)))
            {

                    if (sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid)
                        || sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid))
                    {
                        result = true;
                        break;
                    }
            }
        }
        return result;
    }
Prasad Soman
This would be better posted as a new question, rather than an answer to my question. =)
Erik Forbes