在win2000,xp中,使用VC,怎样才能判断当前登陆的用户有没有Administrator权限?急!!!各位大侠帮忙!!!
在win2000,xp中,使用VC,怎样才能判断当前登陆陆的用户有没有Administrator权限? 问题点数:100、回复次数:9Top
1 楼masterz(www.fruitfruit.com)回复于 2003-09-02 13:00:54 得分 40
http://expert.csdn.net/Expert/topic/1930/1930776.xml?temp=.5400354Top
2 楼kingzai(stevenzhu)回复于 2003-09-02 14:14:07 得分 40
one method based upon checking a task only an administrator
should be able to do :
// -------------------------------------------------------------
BOOL AdminCheckOne ()
{
DWORD dwLastErr = ERROR_SUCCESS;
BOOL bIsAdmin = FALSE;
SC_HANDLE h = OpenSCManager (NULL, NULL, SC_MANAGER_LOCK);
if (h)
{
SC_LOCK lock = LockServiceDatabase (h) ;
if (lock)
{
UnlockServiceDatabase (lock) ;
bIsAdmin = TRUE ;
}
else
{
dwLastErr = GetLastError() ;
// Note somebody else may already have this locked, but
// the fact that it tried means we must have the privilege,
// i.e. we must be an administrator.
switch (dwLastErr)
{
case ERROR_SERVICE_DATABASE_LOCKED: //
bIsAdmin = TRUE ;
break ;
case ERROR_ACCESS_DENIED:
case ERROR_INVALID_HANDLE:
default: break ;
}
}
CloseServiceHandle (h) ;
}
return (bIsAdmin);
}
And here's another more venerable one based upon checking SIDs :
// -------------------------------------------------------------
DWORD AdminCheckSID (BOOL * pbResult)
{
HANDLE hAccessToken;
UCHAR InfoBuffer[1024];
DWORD dwInfoBufferSize;
PSID psidAdministrators;
UINT ux;
BOOL bSuccess;
PTOKEN_GROUPS ptgGroups = (PTOKEN_GROUPS)InfoBuffer;
SID_IDENTIFIER_AUTHORITY siaNtAuthority = SECURITY_NT_AUTHORITY;
*pbResult = FALSE ;
// Get a token for this process.
if (!OpenProcessToken
(GetCurrentProcess(),TOKEN_READ,&hAccessToken))
return GetLastError ();
// access the group info...
bSuccess = GetTokenInformation (hAccessToken,
TokenGroups,
InfoBuffer,
1024,
&dwInfoBufferSize);
CloseHandle(hAccessToken);
if (!bSuccess)
return GetLastError ();
// Get a SID for the built-in admin subauthorities...
if (!AllocateAndInitializeSid (&siaNtAuthority, 2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&psidAdministrators))
{
return GetLastError ();
}
// any match here?
for (ux=0; ux<ptgGroups->GroupCount; ux++)
{
if (EqualSid (psidAdministrators, ptgGroups->Groups[ux].Sid))
{
// Yo - our processes user is an administrator.
*pbResult = TRUE;
break;
}
}
if (psidAdministrators)
FreeSid (psidAdministrators);
return ERROR_SUCCESS;
}
Top
3 楼zgh266(寒风)回复于 2003-09-02 14:30:21 得分 0
hehe好帖学习一下!Top
4 楼Ziox(笑·沧海)回复于 2003-09-02 20:45:17 得分 0
收藏Top
5 楼LeeZi(临渊羡鱼,不如退而结网)回复于 2003-09-02 22:43:27 得分 0
收藏Top
6 楼luohualiushui(落花流水)回复于 2003-09-03 09:39:33 得分 0
MARKTop
7 楼baoch110(来自北方的包子)回复于 2003-09-03 09:41:55 得分 0
关注一下Top
8 楼grey_whp(我爱C++)回复于 2003-09-03 10:09:13 得分 15
帮贴
··················
GetUserName
NetUserGetGroups
NetUserGetLocalGroups
或者下面函数判断是否属于管理员组
#define ACCESS_READ 1
#define ACCESS_WRITE 2
BOOL CInstallClientApp::IsAdmin()
{
HANDLE hToken;
DWORD dwStatus;
DWORD dwAccessMask;
DWORD dwAccessDesired;
DWORD dwACLSize;
DWORD dwStructureSize = sizeof(PRIVILEGE_SET);
PACL pACL = NULL;
PSID psidAdmin = NULL;
BOOL bReturn = FALSE;
PRIVILEGE_SET ps;
GENERIC_MAPPING GenericMapping;
PSECURITY_DESCRIPTOR psdAdmin = NULL;
SID_IDENTIFIER_AUTHORITY SystemSidAuthority = SECURITY_NT_AUTHORITY;
__try {
// AccessCheck() requires an impersonation token.
ImpersonateSelf(SecurityImpersonation);
if (!OpenThreadToken(GetCurrentThread(), TOKEN_QUERY, FALSE,
&hToken)) {
if (::GetLastError() != ERROR_NO_TOKEN)
__leave;
// If the thread does not have an access token, we'll
// examine the access token associated with the process.
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY,
&hToken))
__leave;
}
if (!AllocateAndInitializeSid(&SystemSidAuthority, 2,
SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0, &psidAdmin))
__leave;
psdAdmin = LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH);
if (psdAdmin == NULL)
__leave;
if (!InitializeSecurityDescriptor(psdAdmin,
SECURITY_DESCRIPTOR_REVISION))
__leave;
// Compute size needed for the ACL.
dwACLSize = sizeof(ACL) + sizeof(ACCESS_ALLOWED_ACE) +
GetLengthSid(psidAdmin) - sizeof(DWORD);
// Allocate memory for ACL.
pACL = (PACL)LocalAlloc(LPTR, dwACLSize);
if (pACL == NULL)
__leave;
// Initialize the new ACL.
if (!InitializeAcl(pACL, dwACLSize, ACL_REVISION2))
__leave;
dwAccessMask= ACCESS_READ | ACCESS_WRITE;
// Add the access-allowed ACE to the DACL.
if (!AddAccessAllowedAce(pACL, ACL_REVISION2,
dwAccessMask, psidAdmin))
__leave;
// Set our DACL to the SD.
if (!SetSecurityDescriptorDacl(psdAdmin, TRUE, pACL, FALSE))
__leave;
// AccessCheck is sensitive about what is in the SD; set
// the group and owner.
SetSecurityDescriptorGroup(psdAdmin, psidAdmin, FALSE);
SetSecurityDescriptorOwner(psdAdmin, psidAdmin, FALSE);
if (!IsValidSecurityDescriptor(psdAdmin))
__leave;
dwAccessDesired = ACCESS_READ;
//
// Initialize GenericMapping structure even though we
// won't be using generic rights.
//
GenericMapping.GenericRead = ACCESS_READ;
GenericMapping.GenericWrite = ACCESS_WRITE;
GenericMapping.GenericExecute = 0;
GenericMapping.GenericAll = ACCESS_READ | ACCESS_WRITE;
if (!AccessCheck(psdAdmin, hToken, dwAccessDesired,
&GenericMapping, &ps, &dwStructureSize, &dwStatus,
&bReturn)) {
printf("AccessCheck() failed with error %lu\n", ::GetLastError());
__leave;
}
RevertToSelf();
} __finally {
// Cleanup
if (pACL) LocalFree(pACL);
if (psdAdmin) LocalFree(psdAdmin);
if (psidAdmin) FreeSid(psidAdmin);
}
return bReturn;
}
Top
9 楼野男孩()回复于 2003-09-03 18:47:38 得分 5
有必要这么复杂吗~,用CreateFile()去操作硬盘试试,看能不能成功就行了吧~
没有administrator权限,好像连读硬盘的权限都没有~
Handle hDisk=CreateFile("\\.\PhysicalDrive0",GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ | FILE_SHARE_WRITE, NULL,
OPEN_EXISTING, 0, NULL);
if(hDisk==0xFFFFFFFF){
//权限太低~
}Top
相关问题
关键词
得分解答快速导航
相关链接
广告也精彩
反馈
