|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Visual Basic Network Services LookupAccountSid: Determine if the Current Process is Running Under Admin Account |
||
Posted: | Tuesday April 16, 2002 | |
Updated: | Monday December 26, 2011 | |
Applies to: | VB4-32, VB5, VB6 | |
Developed with: | VB6, Windows XP | |
OS restrictions: | Windows NT4 / Windows 2000, Windows XP | |
Author: | Leo Chen (MS), VBnet - Randy Birch | |
Related: |
InitializeSecurityContext: Authenticate User via the NT Challenge Process IsUserAnAdmin: Determine if the Current User is an Administrator LookupAccountName: Verify a User's Account OpenUserBrowser: Add Selection of Users and Groups |
|
Prerequisites |
This demo will work on the operating systems listed under OS Restrictions above. |
|
This
demo shows how to call GetCurrentProcess, LookupAccountSid,
AllocateAndInitializeSid, OpenProcessToken, and GetTokenInformation in
order to determine if the current process is executing under an
administrator account. This typically means the user is a member
of the admin group, but under certain circumstances (e.g. running as a
service, or possibly specifying a process different than that returned by GetCurrentProcess), the return value indicates
whether the process is being run under an account with admin rights.
(Note the illustration should say 'current process' rather than 'user'
to be most accurate.) This code was translated from C and prompted by a post by Leo Chen (MS) to the msnews microsoft.public.vb.winapi.networks newsgroup and the 'Searching for a SID in an Access Token' MSDN article. |
BAS Module Code |
None. |
|
Form Code |
To a form, add a single command button (Command1) with the following code. The result is shown in a message box. |
|
Option Explicit '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' Copyright ©1996-2011 VBnet/Randy Birch, All Rights Reserved. ' Some pages may also contain other copyrights by the author. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' Distribution: You can freely use this code in your own ' applications, but you may not reproduce ' or publish this code on any web site, ' online service, or distribute as source ' on any media without express permission. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' Private Const TOKEN_READ As Long = &H20008 Private Const SECURITY_BUILTIN_DOMAIN_RID As Long = &H20& Private Const DOMAIN_ALIAS_RID_ADMINS As Long = &H220& Private Const SECURITY_NULL_SID_AUTHORITY As Long = &H0 Private Const SECURITY_WORLD_SID_AUTHORITY As Long = &H1 Private Const SECURITY_LOCAL_SID_AUTHORITY As Long = &H2 Private Const SECURITY_CREATOR_SID_AUTHORITY As Long = &H3 Private Const SECURITY_NON_UNIQUE_AUTHORITY As Long = &H4 Private Const SECURITY_NT_AUTHORITY As Long = &H5 'TOKEN_INFORMATION_CLASS enums for TOKEN_GROUPS Private Const TokenUser As Long = 1 Private Const TokenGroups As Long = 2 Private Const TokenPrivileges As Long = 3 Private Const TokenOwner As Long = 4 Private Const TokenPrimaryGroup As Long = 5 Private Const TokenDefaultDacl As Long = 6 Private Const TokenSource As Long = 7 Private Const TokenType As Long = 8 Private Const TokenImpersonationLevel As Long = 9 Private Const TokenStatistics As Long = 10 Private Const TokenRestrictedSids As Long = 11 Private Const TokenSessionId As Long = 12 Private Const TokenGroupsAndPrivileges As Long = 13 Private Const TokenSessionReference As Long = 14 Private Const TokenSandBoxInert As Long = 15 Private Type SID_IDENTIFIER_AUTHORITY Value(6) As Byte End Type Private Type SID_AND_ATTRIBUTES Sid As Long Attributes As Long End Type Private Type TOKEN_GROUPS GroupCount As Long Groups(500) As SID_AND_ATTRIBUTES End Type Private Declare Function LookupAccountSid Lib "advapi32.dll" _ Alias "LookupAccountSidA" _ (ByVal lpSystemName As String, _ ByVal Sid As Long, _ ByVal name As String, _ cbName As Long, _ ByVal ReferencedDomainName As String, _ cbReferencedDomainName As Long, _ peUse As Long) As Long Private Declare Function AllocateAndInitializeSid Lib "advapi32.dll" _ (pIdentifierAuthority As SID_IDENTIFIER_AUTHORITY, _ ByVal nSubAuthorityCount As Byte, _ ByVal nSubAuthority0 As Long, _ ByVal nSubAuthority1 As Long, _ ByVal nSubAuthority2 As Long, _ ByVal nSubAuthority3 As Long, _ ByVal nSubAuthority4 As Long, _ ByVal nSubAuthority5 As Long, _ ByVal nSubAuthority6 As Long, _ ByVal nSubAuthority7 As Long, _ lpPSid As Long) As Long Private Declare Function OpenProcessToken Lib "advapi32.dll" _ (ByVal ProcessHandle As Long, _ ByVal DesiredAccess As Long, _ TokenHandle As Long) As Long Private Declare Function GetTokenInformation Lib "advapi32.dll" _ (ByVal TokenHandle As Long, _ ByVal TokenInformationClass As Long, _ TokenInformation As Any, _ ByVal TokenInformationLength As Long, _ ReturnLength As Long) As Long Private Declare Function GetCurrentProcess Lib "kernel32" () As Long Private Declare Sub FreeSid Lib "advapi32.dll" _ (pSid As Any) Private Declare Function CloseHandle Lib "kernel32" _ (ByVal hObject As Long) As Long Private Sub Command1_Click() If IsAdministrator() Then MsgBox "Current user is member of the Administrator's group", _ vbInformation, "IsAdministrator Demo" Else MsgBox "User is not a member of the Administrator's group", _ vbInformation, "IsAdministrator Demo" End If End Sub Private Function IsAdministrator() As Long Dim hProcessID As Long Dim hToken As Long Dim res As Long Dim cbBuff As Long Dim tiLen As Long Dim TG As TOKEN_GROUPS Dim SIA As SID_IDENTIFIER_AUTHORITY Dim lSid As Long Dim cnt As Long Dim sAcctName1 As String Dim sAcctName2 As String Dim cbAcctName As Long Dim sDomainName As String Dim cbDomainName As Long Dim peUse As Long tiLen = 0 'obtain handle to process. 0 indicates failure; 'may return -1 for current process (and is valid) hProcessID = GetCurrentProcess() If hProcessID <> 0 Then 'obtain a handle to the access 'token associated with the process If OpenProcessToken(hProcessID, TOKEN_READ, hToken) = 1 Then 'retrieve specified information 'about an access token. The first 'call to GetTokenInformation fails 'since the buffer size is unspecified. 'On failure the correct buffer size 'is returned (cbBuff), and a subsequent call 'is made to return the data. res = GetTokenInformation(hToken, _ TokenGroups, _ TG, _ tiLen, _ cbBuff) If res = 0 And cbBuff > 0 Then tiLen = cbBuff res = GetTokenInformation(hToken, _ TokenGroups, _ TG, _ tiLen, _ cbBuff) If res = 1 And tiLen > 0 Then 'The SID_IDENTIFIER_AUTHORITY (SIA) structure 'represents the top-level authority of a 'security identifier (SID). By specifying 'we want admins (by setting the value of 'the fifth item to SECURITY_NT_AUTHORITY), 'and passing the relative identifiers (RID) 'DOMAIN_ALIAS_RID_ADMINS and 'SECURITY_BUILTIN_DOMAIN_RID, we obtain 'the SID for the administrators account 'in lSid SIA.Value(5) = SECURITY_NT_AUTHORITY res = AllocateAndInitializeSid(SIA, 2, _ SECURITY_BUILTIN_DOMAIN_RID, _ DOMAIN_ALIAS_RID_ADMINS, _ 0, 0, 0, 0, 0, 0, _ lSid) If res = 1 Then 'Now obtain the name of the account 'pointed to by lSid above (ie '"Administrators"). Note vbNullString 'is passed as lpSystemName indicating 'the SID is looked up on the local computer. ' 'Re sDomainName: On Win NT+ systems, the 'domain name returned for most accounts in 'the local computer's security database is 'the computer's name as of the last start 'of the system (backslashes excluded). If 'the computer's name changes, the old name 'continues to be returned as the domain 'name until the system is restarted. ' 'On Win NT+ Server systems, the domain name 'returned for most accounts in the local 'computer's security database is the 'name of the domain for which the server is 'a domain controller. ' 'Some accounts are predefined by the system. 'The domain name returned for these accounts 'is 'BUILTIN'. ' 'sAcctName is the value of interest in this 'exercise. sAcctName1 = Space$(255) sDomainName = Space$(255) cbAcctName = 255 cbDomainName = 255 res = LookupAccountSid(vbNullString, _ lSid, _ sAcctName1, _ cbAcctName, _ sDomainName, _ cbDomainName, _ peUse) If res = 1 Then 'In the call to GetTokenInformation above, 'the TOKEN_GROUP member was filled with 'the SIDs of the defined groups. ' 'Here we take each SID from the token 'group and retrieve the name of the account 'corresponding to the SID. If a SID returns 'the same name retrieved above, the user under 'which the process is run is a member of the 'admin group. For cnt = 0 To TG.GroupCount - 1 sAcctName2 = Space$(255) sDomainName = Space$(255) cbAcctName = 255 cbDomainName = 255 res = LookupAccountSid(vbNullString, _ TG.Groups(cnt).Sid, _ sAcctName2, _ cbAcctName, _ sDomainName, _ cbDomainName, _ peUse) If sAcctName1 = sAcctName2 Then IsAdministrator = True Exit For End If 'if sAcctName1 = sAcctName2 Next End If 'if res = 1 (LookupAccountSid) FreeSid ByVal lSid End If 'if res = 1 (AllocateAndInitializeSid) CloseHandle hToken End If 'if res = 1 End If 'if res = 0 (GetTokenInformation) End If 'if OpenProcessToken CloseHandle hProcessID End If 'if hProcessID (GetCurrentProcess) End Function |
Comments |
|
|
|
|||||
|
|||||
|
|||||
Copyright ©1996-2011 VBnet and Randy Birch. All Rights Reserved. |