Guest Bowman, John C. Posted July 22, 2008 Posted July 22, 2008 Hi All, I'm not certain if this is the best place to post this, so please educate me if it's not. Bascially, I need to know the "correct"(?) method for how to detect if a the current user has administrative privileges via c or c++ code for some installation routines. I've been striking out so far finding this in MSDN or anywhere. Any help would be appreciated. TIA, John Bowman Thermo Fisher Scientific Quote
Guest Alun Jones Posted July 23, 2008 Posted July 23, 2008 "Bowman, John C." <john.bowman@thermofisher.com> wrote in message news:#jvmcnC7IHA.4204@TK2MSFTNGP03.phx.gbl...<span style="color:blue"> > I'm not certain if this is the best place to post this, so please educate > me if it's not. Bascially, I need to know the "correct"(?) method for how > to detect if a the current user has administrative privileges via c or c++ > code for some installation routines. I've been striking out so far finding > this in MSDN or anywhere. Any help would be appreciated.</span> Meta-question: What can a "user with administrative privileges" do that you need to do? Meta-answer: Then you should test to see if the user can do that. In general, you should not ask "have I got permission to do X" when asked to do X, you should try to do X, and then display an error if you are told you do not have permissions. The reason is that frequently the task you are looking at is one that can be delegated to non-administrators. As an example, in Windows 2000, you had to have SE_TCB_NAME privilege in order to call LogonUser. I didn't bother checking in my code to see if I had SE_TCB_NAME privilege, I just called LogonUser. As a result, when Windows 2003 came out, and didn't have that restriction, my code just plain worked exactly the same. Code that says "does the user have SE_TCB_NAME privilege" would carry on refusing to call LogonUser. Alun. ~~~~ -- Texas Imperial Software | Web: http://www.wftpd.com/ 23921 57th Ave SE | Blog: http://msmvps.com/alunj/ Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers. Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer. Quote
Guest Anteaus Posted July 23, 2008 Posted July 23, 2008 This certainly works, so it is possible: http://www.autoitscript.com/autoit3/docs/f...ons/IsAdmin.htm Might be worth asking on the Autoit forum how it was coded. Jon (chief coder) is usually obliging. Quote
Guest Bowman, John C. Posted July 24, 2008 Posted July 24, 2008 Alun, Thanks for the response. The answer is I must require administrative privileges because it's a tool that runs numerous installers and it should not allow the user to proceed w/o admin rights. This includes of course writing to HKLM/ C:\Program Files, etc. since it's part of an installation process. John "Alun Jones" <alun@texis.invalid> wrote in message news:E57B06C5-94F7-4CA5-BC40-D8EEC66E3CA0@microsoft.com...<span style="color:blue"> > "Bowman, John C." <john.bowman@thermofisher.com> wrote in message > news:#jvmcnC7IHA.4204@TK2MSFTNGP03.phx.gbl...<span style="color:green"> >> I'm not certain if this is the best place to post this, so please educate >> me if it's not. Bascially, I need to know the "correct"(?) method for how >> to detect if a the current user has administrative privileges via c or >> c++ code for some installation routines. I've been striking out so far >> finding this in MSDN or anywhere. Any help would be appreciated.</span> > > Meta-question: > What can a "user with administrative privileges" do that you need to do? > > Meta-answer: > Then you should test to see if the user can do that. > > In general, you should not ask "have I got permission to do X" when asked > to do X, you should try to do X, and then display an error if you are told > you do not have permissions. > > The reason is that frequently the task you are looking at is one that can > be delegated to non-administrators. > > As an example, in Windows 2000, you had to have SE_TCB_NAME privilege in > order to call LogonUser. I didn't bother checking in my code to see if I > had SE_TCB_NAME privilege, I just called LogonUser. As a result, when > Windows 2003 came out, and didn't have that restriction, my code just > plain worked exactly the same. Code that says "does the user have > SE_TCB_NAME privilege" would carry on refusing to call LogonUser. > > Alun. > ~~~~ > -- > Texas Imperial Software | Web: http://www.wftpd.com/ > 23921 57th Ave SE | Blog: http://msmvps.com/alunj/ > Woodinville WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers. > Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer. > > > </span> Quote
Guest Alun Jones Posted August 3, 2008 Posted August 3, 2008 "Bowman, John C." <john.bowman@thermofisher.com> wrote in message news:u8rWMEb7IHA.1196@TK2MSFTNGP05.phx.gbl...<span style="color:blue"> > Thanks for the response. The answer is I must require administrative > privileges because it's a tool that runs numerous installers and it should > not allow the user to proceed w/o admin rights. This includes of course > writing to HKLM/ C:Program Files, etc. since it's part of an installation > process.</span> Why shouldn't it be allowed to proceed as a user who is _not_ an administrator, but which has the privilege to write to HKLM, Program Files, etc? Alun. ~~~~ Quote
Guest Dan Posted August 3, 2008 Posted August 3, 2008 Sorry, to intrude but was this posted from another newsgroup. The first person I have just says unknown with nothing inside from the poster and then I see Alun Jones response clearly. Can someone elaborate because I have not plonked anyone and just post via my Windows Live aka old-school hotmail account. "Alun Jones" wrote: <span style="color:blue"> > "Bowman, John C." <john.bowman@thermofisher.com> wrote in message > news:u8rWMEb7IHA.1196@TK2MSFTNGP05.phx.gbl...<span style="color:green"> > > Thanks for the response. The answer is I must require administrative > > privileges because it's a tool that runs numerous installers and it should > > not allow the user to proceed w/o admin rights. This includes of course > > writing to HKLM/ C:Program Files, etc. since it's part of an installation > > process.</span> > > Why shouldn't it be allowed to proceed as a user who is _not_ an > administrator, but which has the privilege to write to HKLM, Program Files, > etc? > > Alun. > ~~~~ > > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.