![](/img/trans.png)
[英]How to check if admin privileges are needed to access a folder even if already has admin?
[英]How to check if an account from username and password has admin rights/privileges?
我想知道是否可以在python中,给定字符串username
和password
,找出该帐户是否具有管理员权限?
例如,如果我有两个input
s:
u = input("Username: ")
p = input("Password: ")
# hasAdminRights is a placeholder to checking if the account first of all exists, and then if it has admin.
if hasAdminRights(u,p):
print "This account has admin privileges!"
else:
print """This account either
1) does not have admin
2) is not a real account
3) entered the wrong password"""
即使登录的用户不是管理员,我也必须能够检查此内容。
我在检查当前用户是否具有admin时看到了许多stackoverflow问题,但是我想检查PC上的其他用户是否具有admin。
提前致谢,
大卫·卡兰南
要获取用户的访问令牌,请调用LogonUser
,从Windows XP / 2003开始,该用户不再需要SeTcbPrivilege
。 接下来调用GetTokenInformation
以获取海拔类型,链接的令牌以及令牌中的组列表。 例如:
from win32security import (
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, SE_GROUP_ENABLED,
TokenElevationType, TokenLinkedToken, TokenGroups,
TokenElevationTypeLimited, WinBuiltinAdministratorsSid,
LogonUser, GetTokenInformation, CreateWellKnownSid)
def is_user_an_admin(username, password, allow_elevation=True):
token = LogonUser(username, None, password,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT)
elevation_type = GetTokenInformation(token, TokenElevationType)
admin_group = CreateWellKnownSid(WinBuiltinAdministratorsSid)
if elevation_type == TokenElevationTypeLimited and allow_elevation:
linked_token = GetTokenInformation(token, TokenLinkedToken)
token_list = [token, linked_token]
else:
token_list = [token]
for token in token_list:
for group, attrs in GetTokenInformation(token, TokenGroups):
enabled = attrs & SE_GROUP_ENABLED
if enabled and group == admin_group:
return True
return False
此示例不会掩盖异常,例如密码错误。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.