IsAdminUser 返回不正确的值
[英]IsAdminUser returns incorrect value
问题描述
I'm using Win32::IsAdminUser() function (Can't paste code because to make it runnable I would have to paste whole code).
我正在使用Win32::IsAdminUser()函数(无法粘贴代码,因为要使其可运行,我必须粘贴整个代码)。 It returns 0, I was curious why because the user with which this is run is member of Administrators group, so I created a little test function (c++) and run it right before running IsAdminUser Here is the code:它返回 0,我很好奇为什么因为运行它的用户是管理员组的成员,所以我创建了一个小测试函数(c++)并在运行IsAdminUser之前运行IsAdminUser这里是代码:
int davai()
{
FILE * fp;
fp = fopen ("C:\\tmp\\davai.txt", "a");
fprintf(fp, "shevedi davai");
fflush(fp);
HANDLE token = NULL;
HANDLE dupToken = NULL;
if(!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_DUPLICATE, &token))
{
fprintf(fp, "davai: OpenProcessToken cheijva. %d\n", (int)GetLastError());
fflush(fp);
}
if (DuplicateTokenEx(token, MAXIMUM_ALLOWED, NULL, SecurityDelegation,
TokenPrimary, &dupToken) == 0)
{
fprintf(fp, "davai: OpenProcessToken DuplicateTokenEx. %d\n", (int)GetLastError());
fflush(fp);
}
PTOKEN_GROUPS pPrivilegesToken = NULL;
DWORD cbSize = 0;
GetTokenInformation(dupToken, TokenGroups, NULL, 0, &cbSize);
pPrivilegesToken = (PTOKEN_GROUPS) LocalAlloc(LPTR, cbSize);
if (GetTokenInformation(dupToken, TokenGroups,
pPrivilegesToken, cbSize, &cbSize) == FALSE)
{
fprintf(fp, "davai: GetTokenInformation cheijva. %d\n", (int)GetLastError());
fflush(fp);
}
char * gio;
for (ULONG i = 0; i < pPrivilegesToken->GroupCount; i++)
{
if (ConvertSidToStringSid(pPrivilegesToken->Groups[i].Sid, &gio) == 0)
{
fprintf(fp, "davai: ConvertSidToStringSid cheijva. %d\n", (int)GetLastError());
fflush(fp);
}
fprintf(fp, "Value: %s\n",gio);
fflush(fp);
}
LocalFree (gio);
return 1;
}
which just opens current processes token, and lists all the groups that user is involved in. Here is the ouput I get:它只是打开当前进程令牌,并列出用户参与的所有组。这是我得到的输出:
shevedi davaiValue: S-1-5-21-1018819917-2920201817-244685803-513
Value: S-1-1-0
Value: S-1-5-21-1018819917-2920201817-244685803-1000
Value: S-1-5-32-544
Value: S-1-5-32-545
Value: S-1-5-4
Value: S-1-2-1
Value: S-1-5-11
Value: S-1-5-15
Value: S-1-5-5-0-179095
Value: S-1-2-0
Value: S-1-5-64-10
Value: S-1-16-12288
which is strange because S-1-5-32-544 represent Administrators group.这很奇怪,因为S-1-5-32-544代表Administrators组。 I searched to find if someones has similar problem, but could not find anything (I'm running windows 7).我搜索了是否有人有类似的问题,但找不到任何东西(我正在运行 Windows 7)。 Maybe you can help me.也许你可以帮助我。 Any help would be appreciated.任何帮助,将不胜感激。
2 个解决方案
解决方案1
3 已采纳 2017-03-28 13:11:26
which is strange because S-1-5-32-544 represent Administrators group.
really Win32::IsAdminUser() internally call CheckTokenMembership function with SidToCheck == S-1-5-32-544 and return you IsMember as result.实际上Win32::IsAdminUser()内部使用SidToCheck == S-1-5-32-544调用CheckTokenMembership函数并返回IsMember作为结果。 but但
If the SID is present and has the SE_GROUP_ENABLED attribute, IsMember returns TRUE;
and和
Even if a SID is present in the token, the system may not use the SID in an access check.
really if you user is member of admin group ( S-1-5-32-544 ) but run without elevation (under UAC ) S-1-5-32-544 is present in token but with SE_GROUP_USE_FOR_DENY_ONLY attribute only实际上,如果您的用户是 admin 组 ( S-1-5-32-544 ) 的成员,但在没有提升的情况下运行(在UAC下),则S-1-5-32-544存在于令牌中,但仅具有SE_GROUP_USE_FOR_DENY_ONLY属性
in contrast elevated admins have this SID with SE_GROUP_ENABLED attribute相比之下,提升的管理员有这个SID和SE_GROUP_ENABLED属性
so i guess you run as not elevated admin.所以我猜你运行的不是提升的管理员。 Win32::IsAdminUser() and must return false in this case Win32::IsAdminUser()并且在这种情况下必须返回 false
解决方案2
2 2017-03-28 12:49:09
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.