Detect if running with administrator privileges under Windows XP

Question

I am trying to work out how to detect whether a user is running with admin rights under Windows XP. This is fairly easy to do in Vista/Win7 thanks to the whoami command. Here's a snippet in Ruby for how to do it under Vista:

Note, the following link now incorporates the solution suggested by muteW

http://gist.github.com/65931

The trouble is, whoami doesn't come with Windows XP and so the above linked method will always return false on WinXP, even if we're running as an administrator.

So, does anyone know of a way to detect whether we're running as an admin under Windows XP using Ruby, command-line tools, batch-files, or even third-party (needs to be open source, really) tools?

Answer 1

Check out the CheckTokenMembership method. Don't know how to invoke it from Ruby though, there should be some kind of API to access Windows API...

Answer 2

Check out http://win32assembly.online.fr/source2.html - there's a program named IsAdmin. The source uses assembly to invoke Windows API that returns this information.

Answer 3

If you run

>net localgroup administrators

in a command shell you should get the list of administrator accounts in Windows XP. Simply parse and scan the output to check for the particular user account you want. For e.g. to check if the current user is an administrator you could do -

>net localgroup administrators | find "%USERNAME%"

Answer 4

Piskvor option its fine, or check this url http://weseetips.com/2008/04/16/how-to-check-whether-current-user-have-administrator-privilege/

this is the code in that page

SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
// Initialize SID.
if( !AllocateAndInitializeSid( &NtAuthority,
                               2,
                               SECURITY_BUILTIN_DOMAIN_RID,
                               DOMAIN_ALIAS_RID_ADMINS,
                               0, 0, 0, 0, 0, 0,
                               &AdministratorsGroup))
{
    // Initializing SID Failed.
    return false;
}
// Check whether the token is present in admin group.
BOOL IsInAdminGroup = FALSE;
if( !CheckTokenMembership( NULL,
                           AdministratorsGroup,
                           &IsInAdminGroup ))
{
    // Error occurred.
    IsInAdminGroup = FALSE;
}
// Free SID and return.
FreeSid(AdministratorsGroup);
return IsInAdminGroup;