当前位置: 文江博客话题详情

管理运行权限测试申请

发布于 2024-11-09 08:53:35 字数 257 浏览 0 评论 0原文

我想要一个可靠的方法来测试应用程序是否通过 UAC 框运行并具有完整的管理权限。之前我想过在C:\Windows\下建立一个文件夹来测试,但在其他电脑上运行证明失败!

UAC 框为计算机提供执行任何操作的所有管理权限(包括在需要这些权限的位置创建文件夹和创建文件),并且还确保任何所谓或创建的子程序也具有与父程序相同的权限。

是否有一种可靠的方法来测试我的应用程序是否已获得用户在运行应用程序时可以最大程度地获得的所有管理权限?如果是的话,我很乐意参与一段代码工作!

原文

I want a sure-shot method to test if the application was run via the UAC box and has full administrative rights. Earlier, I thought of making a folder in C:\Windows\ for testing but running it on other computers proved to be a failure!

The UAC box provides all administrative rights to the computer to do anything(including making folders and creating files in places which needs there rights) and also makes sure that any child program so called or created also does have the same rights as the parent.

Is there a sure-shot way to test if my application has been provided all the administrative rights that I can maximum get by the user while running the application or not? If yes, I would be glad to have to piece of code-work!

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

带刺的爱情 2024-11-16 08:53:35

C#:

using System.Security.Principal;

...

var identity = WindowsIdentity.GetCurrent();
var principal = new WindowsPrincipal(identity);
bool isElevated = principal.IsInRole(WindowsBuiltInRole.Administrator);

VB.Net:

Imports System.Security.Principal

...

Dim identity = WindowsIdentity.GetCurrent()
Dim principal = new WindowsPrincipal(identity)
Dim isElevated as Boolean = principal.IsInRole(WindowsBuiltInRole.Administrator)

C#:

using System.Security.Principal;

...

var identity = WindowsIdentity.GetCurrent();
var principal = new WindowsPrincipal(identity);
bool isElevated = principal.IsInRole(WindowsBuiltInRole.Administrator);

VB.Net:

Imports System.Security.Principal

...

Dim identity = WindowsIdentity.GetCurrent()
Dim principal = new WindowsPrincipal(identity)
Dim isElevated as Boolean = principal.IsInRole(WindowsBuiltInRole.Administrator)
回复 原文
猛虎独行 2024-11-16 08:53:35

经过一番研究后,我发现,如果用户的 UAC 设置为“关闭”以外的任何值,则该问题的最常见解决方案都会返回漏报。

我现在的解决方案是这样做:

Imports System.Security.Principal
Imports System.DirectoryServices.AccountManagement
Imports System.DirectoryServices.ActiveDirectory
Imports Microsoft.VisualBasic.ApplicationServices

''' <summary>Checks whether the current user is belongs to any Administrators groups.</summary>
''' <param name="AuthGroups">Optional. A flag indicating whether to use GetAuthorizationGroups instead of the - faster - GetGroups. Default=true.</param>
''' <returns>True if the user belongs to an Administrators group, false otherwise.</returns>
Public Function IsAdministrator(
    Optional ByVal AuthGroups As Boolean = True) As Boolean

    Static bResult As Boolean? = Nothing
    Try
        If bResult Is Nothing Then
            bResult = New WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator)
            If Not bResult Then
                Dim oContext As PrincipalContext = Nothing
                Try 'Domain check first
                    Domain.GetComputerDomain()
                    oContext = New PrincipalContext(ContextType.Domain)
                Catch
                    'Fall through to machine check
                End Try
                If oContext Is Nothing Then oContext = New PrincipalContext(ContextType.Machine)
                'Dim oPrincipal As UserPrincipal = UserPrincipal.FindByIdentity(oContext, WindowsIdentity.GetCurrent().Name) ' Don't use - slow
                Using oSearchUser As Principal = New UserPrincipal(oContext)
                    oSearchUser.SamAccountName = WindowsIdentity.GetCurrent().Name
                    Using oSearcher As PrincipalSearcher = New PrincipalSearcher(oSearchUser)
                        Using oUser As Principal = oSearcher.FindOne()
                            If oUser IsNot Nothing Then
                                If AuthGroups Then
                                    bResult = CType(oUser, UserPrincipal).GetAuthorizationGroups().Any(Function(p) _
                                        p.Sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountDomainAdminsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountEnterpriseAdminsSid))
                                Else
                                    bResult = oUser.GetGroups().Any(Function(p) _
                                        p.Sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountDomainAdminsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountEnterpriseAdminsSid))
                                End If
                            End If
                        End Using
                    End Using
                End Using
            End If
        End If
    Catch
        bResult = False
    End Try
    Return bResult.GetValueOrDefault(False)
End Function

此方法是其他几个答案的组合,因此我只将其打包成一个仅运行一次的函数,因此如果由于以下原因而出现一点延迟失败,您可以将其隐藏在启动中。

AuthGroups 参数让您可以选择更彻底的递归 AuthorizationGroups 检查(默认)或更快的 Groups 检查。

After a fair bit of poking around, I found that the most common solutions to this question return false negatives if the user's UAC is set to anything but Off.

My solution these days is to do this:

Imports System.Security.Principal
Imports System.DirectoryServices.AccountManagement
Imports System.DirectoryServices.ActiveDirectory
Imports Microsoft.VisualBasic.ApplicationServices

''' <summary>Checks whether the current user is belongs to any Administrators groups.</summary>
''' <param name="AuthGroups">Optional. A flag indicating whether to use GetAuthorizationGroups instead of the - faster - GetGroups. Default=true.</param>
''' <returns>True if the user belongs to an Administrators group, false otherwise.</returns>
Public Function IsAdministrator(
    Optional ByVal AuthGroups As Boolean = True) As Boolean

    Static bResult As Boolean? = Nothing
    Try
        If bResult Is Nothing Then
            bResult = New WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator)
            If Not bResult Then
                Dim oContext As PrincipalContext = Nothing
                Try 'Domain check first
                    Domain.GetComputerDomain()
                    oContext = New PrincipalContext(ContextType.Domain)
                Catch
                    'Fall through to machine check
                End Try
                If oContext Is Nothing Then oContext = New PrincipalContext(ContextType.Machine)
                'Dim oPrincipal As UserPrincipal = UserPrincipal.FindByIdentity(oContext, WindowsIdentity.GetCurrent().Name) ' Don't use - slow
                Using oSearchUser As Principal = New UserPrincipal(oContext)
                    oSearchUser.SamAccountName = WindowsIdentity.GetCurrent().Name
                    Using oSearcher As PrincipalSearcher = New PrincipalSearcher(oSearchUser)
                        Using oUser As Principal = oSearcher.FindOne()
                            If oUser IsNot Nothing Then
                                If AuthGroups Then
                                    bResult = CType(oUser, UserPrincipal).GetAuthorizationGroups().Any(Function(p) _
                                        p.Sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountDomainAdminsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountEnterpriseAdminsSid))
                                Else
                                    bResult = oUser.GetGroups().Any(Function(p) _
                                        p.Sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountDomainAdminsSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid) OrElse
                                        p.Sid.IsWellKnown(WellKnownSidType.AccountEnterpriseAdminsSid))
                                End If
                            End If
                        End Using
                    End Using
                End Using
            End If
        End If
    Catch
        bResult = False
    End Try
    Return bResult.GetValueOrDefault(False)
End Function

This method is a composite of a few other answers, so I only take credit for packaging it up into a function that will only ever run once and therefore if there is a bit of a delay due to the fall-through, you can probably hide it in start-up.

The AuthGroups argument gives you a choice of the more thorough, recursive AuthorizationGroups check (default) or the faster Groups check.

回复 原文
~没有更多了~

关于作者

泛滥成性

暂无简介

0 文章
0 评论
1006 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lorenzathorton8

文章 0 评论 0

Zero

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

mylayout

文章 0 评论 0

tkewei

文章 0 评论 0

17818769742

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文