////////////////////////////////////////////////////////////////////////////////
// Procedure : HasAdminPrivileges
// Author : NBe
// Comment :
function HasAdminPrivileges: LongBool;
const
// bekannte SIDs ... (WinNT.h)
SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 5));
// bekannte RIDs ... (WinNT.h)
SECURITY_BUILTIN_DOMAIN_RID: DWORD = $00000020;
DOMAIN_ALIAS_RID_ADMINS: DWORD = $00000220;
SE_GROUP_ENABLED: DWORD = $00000004;
var
TokenHandle : THandle;
ReturnLength : DWORD;
TokenInformation : PTokenGroups;
AdminSid : PSID;
Loop : Integer;
begin
Result := False;
TokenHandle := 0;
TokenInformation :=
nil;
AdminSid :=
nil;
if OpenProcessToken(GetCurrentProcess, TOKEN_QUERY, TokenHandle)
then
try
ReturnLength := 0;
GetTokenInformation(TokenHandle, TokenGroups,
nil, 0, ReturnLength);
TokenInformation := GetMemory(ReturnLength);
if Assigned(TokenInformation)
and GetTokenInformation(TokenHandle,
TokenGroups, TokenInformation, ReturnLength, ReturnLength)
then
begin
AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2,
SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0, AdminSid);
for Loop := 0
to TokenInformation^.GroupCount - 1
do
begin
if (SE_GROUP_ENABLED = (TokenInformation^.Groups[Loop].Attributes
and SE_GROUP_ENABLED))
and EqualSid(TokenInformation^.Groups[Loop].Sid, AdminSid)
then
begin
Result := True;
Break;
end;
end;
FreeSid(AdminSid);
AdminSid :=
nil;
end;
finally
FreeSid(AdminSid);
FreeMemory(TokenInformation);
CloseHandle(TokenHandle);
end;
end;