Geek asks and answers

Best way to find out if a user has administrative privileges from VBScript

I need to check if the user executing the script has administrative privileges on the machine.

I pointed out the user executing the script because the script could be executed with a user other than logging in using something similar to "Runas".

@Javier: Both solutions work on a PC with the English version of Windows installed, but not if it is installed in another language. This is due to the fact that the Administrators group does not exist, another name, for example, in Spanish. I need a solution to work in all configurations.

+3
source share
10 answers

script, ,

Set objNetwork = CreateObject("Wscript.Network")
strComputer = objNetwork.ComputerName
strUser = objNetwork.UserName

isAdministrator = false

Set objGroup = GetObject("WinNT://" & strComputer & "/Administrators")
For Each objUser in objGroup.Members
    If objUser.Name = strUser Then
        isAdministrator = true        
    End If
Next

If isAdministrator Then
    Wscript.Echo strUser & " is a local administrator."
Else
    Wscript.Echo strUser & " is not a local administrator."
End If

, , script "Runas", .

+1

, , script, . .

+4

"\\ _\Admin $\ system32"?

function IsLoggedInAsAdmin()
    isAdmin = false
    set shell = CreateObject("WScript.Shell")
    computername = WshShell.ExpandEnvironmentStrings("%computername%")
    strAdmin = "\\" & computername & "\Admin$\System32"

    isAdmin = false

    set fso = CreateObject("Scripting.FileSystemObject")

    if fso.FolderExists(strAdmin) then
        isAdmin = true
    end if

    IsLoggedInAsAdmin = isAdmin
end function
+3

Ive Tim C Windows 7 , . , .

, "defrag" cmd . , , XP 7 (, , Windows) . , , .

Function isAdmin
    Dim shell
    set shell = CreateObject("WScript.Shell")
    isAdmin = false
    errlvl = shell.Run("%comspec% /c defrag /?>nul 2>nul", 0, True)
    if errlvl = 0 OR errlvl = 2 Then '0 on Win 7, 2 on XP
        isAdmin = true
    End If
End Function
+2

, , , .

, , , , , Runas True.

Option Explicit 

msgbox isAdmin(), vbOkonly, "Am I an admin?"

Private Function IsAdmin()
    On Error Resume Next
    CreateObject("WScript.Shell").RegRead("HKEY_USERS\S-1-5-19\Environment\TEMP")
    if Err.number = 0 Then 
        IsAdmin = True
    else
        IsAdmin = False
    end if
    Err.Clear
    On Error goto 0
End Function
+2

, ( , ):

Function RetrieveUsers(domainName,grpName)

dim GrpObj
dim mbrlist
dim mbr

'-------------------------------------------------------------------------------
' *** Enumerate Group Members ***
'-------------------------------------------------------------------------------

' Build the ADSI query and retrieve the group object
Set GrpObj = GetObject("WinNT://" & domainName & "/" & grpName & ",group")

' Loop through the group membership and build a string containing the names
for each mbr in GrpObj.Members
   mbrlist = mbrlist & vbTab & mbr.name & vbCrLf
Next

RetrieveUsers=mbrlist

End Function

, , ...

Function IsAdmin(user)
    IsAdmin = InStr(RetrieveUsers("MachineName", "Administrators"), user) > 0
End Function

... :

If IsAdmin("LocalAccount") Then
    Wscript.Echo "LocalAccount is an admin"
Else
    Wscript.Echo "LocalAccount is not an admin"
End If
+1

n . < > 0 IsNotAdmin

Function IsNotAdmin()
    With CreateObject("Wscript.Shell")
        IsNotAdmin = .Run("%comspec% /c OPENFILES > nul", 0, True)
    End With
End Function
+1
Function isAdmin
    Dim shell
    Set shell = CreateObject("WScript.Shell")
    isAdmin = false
    errorLevel = shell.Run("%comspec% /c net session >nul 2>&1", 0, True)
    if errorLevel = 0
        isAdmin = true
    End If
End Function
0

"localhost" script 10x!
:

' get_admin_status.vbs
Option Explicit

Dim oGroup:   Set oGroup   = GetObject("WinNT://localhost/Administrators,group")
Dim oNetwork: Set oNetwork = CreateObject("Wscript.Network")

Dim sSearchPattern: sSearchPattern = "WinNT://" & oNetwork.UserDomain & "/" & oNetwork.UserName

Dim sMember
For Each sMember In oGroup.Members
  If sMember.adsPath = sSearchPattern Then
    ' Found...
    Call WScript.Quit(0)
  End If
Next

' Not found...
Call WScript.Quit(1)

This script returns exit code 0 if the current user is a local administrator.
Usage: cscript.exe get_admin_status.vbs

0
source

The user cannot be in the local administrators group. For example, domain administrators. UAC usually blocks administrator access to the registry, shares, etc. Even for administrators (manual control "run as admin" becomes correct) ...

Here is my crazy way:

Set Shell = CreateObject("WScript.Shell")
set fso = CreateObject("Scripting.FileSystemObject")
strCheckFolder = Shell.ExpandEnvironmentStrings("%USERPROFILE%") 
strCheckFolder = strCheckFolder+"\TempFolder"

if fso.FolderExists(strCheckFolder) then
        fso.DeleteFolder(strCheckFolder)
end if

fso.CreateFolder(strCheckFolder)
tempstr = "cmd.exe /u /c chcp 65001 | whoami /all >" & strCheckFolder & "\rights.txt"
Shell.run tempstr

tempstr = strCheckFolder & "\rights.txt"
WScript.Sleep 200
Set txtFile = FSO.OpenTextFile(tempstr,1)

IsAdmin = False

Do While Not txtFile.AtEndOfStream
  x=txtFile.Readline
  If InStr(x, "S-1-5-32-544") Then
      IsAdmin = True
  End If
Loop

txtFile.Close
0
source

More articles:


All Articles