How to check if a process has the administrative rights

Question

How do I properly check if a process is running with administrative rights?

I checked the IsUserAnAdim function in MSDN, but it is not recommended as it might be altered or unavailable in subsequent versions of Windows. Instead, it is recommended to use the CheckTokenMembership function.

Then I looked at the alternate example in MSDN from a description of the CheckTokenMembership function. However, there is Stefan Ozminski's comment in MSDN that mentions that this example does not work properly in Windows Vista if UAC is disabled.

Finally I tried to use Stefan Ozminski's code from MSDN, but it determines that the process has administrative rights even if I launch it under an ordinary user without the administrative rights in Windows 7.

Answer 1

This will tell you if you are running with elevated privileges or not. You can set the manifest to run with most possible if you want it to prompt. There are also other ways to ask windows through code for alternate credentials.

 BOOL IsElevated( ) {     BOOL fRet = FALSE;     HANDLE hToken = NULL;     if( OpenProcessToken( GetCurrentProcess( ),TOKEN_QUERY,&hToken ) ) {         TOKEN_ELEVATION Elevation;         DWORD cbSize = sizeof( TOKEN_ELEVATION );         if( GetTokenInformation( hToken, TokenElevation, &Elevation, sizeof( Elevation ), &cbSize ) ) {             fRet = Elevation.TokenIsElevated;         }     }     if( hToken ) {         CloseHandle( hToken );     }     return fRet; } 

Answer 2

You can use LsaOpenPolicy() function. The LsaOpenPolicy function opens a handle to the Policy object on a local or remote system.

You must run the process "As Administrator" so that the call doesn't fail with ERROR_ACCESS_DENIED.

Source: MSDN