function IsAdmin: Boolean; const SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 5)); SECURITY_BUILTIN_DOMAIN_RID = $00000020; DOMAIN_ALIAS_RID_ADMINS = $00000220; var hAccessToken: THandle; ptgGroups: PTokenGroups; dwInfoBufferSize: DWORD; psidAdministrators: PSID; x: Integer; bSuccess: BOOL; begin Result := False; bSuccess := OpenThreadToken(GetCurrentThread, TOKEN_QUERY, True, hAccessToken); if not bSuccess then begin if GetLastError = ERROR_NO_TOKEN then bSuccess := OpenProcessToken(GetCurrentProcess, TOKEN_QUERY, hAccessToken); end;
if bSuccess then begin GetMem(ptgGroups, 1024); bSuccess := GetTokenInformation(hAccessToken, TokenGroups, ptgGroups, 1024, dwInfoBufferSize); CloseHandle(hAccessToken);
if bSuccess then begin AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, psidAdministrators); {$R-} for x := 0 to ptgGroups.GroupCount - 1 do if EqualSid(psidAdministrators, ptgGroups.Groups[x].Sid) then begin Result := True; Break; end; {$R+} FreeSid(psidAdministrators); end; FreeMem(ptgGroups); end; end;
type TForm1 = class(TForm) Memo1: TMemo; procedure FormShow(Sender: TObject); private { Private declarations } public { Public declarations }
end;
var Form1: TForm1;
function IsAdmin: Boolean; implementation
{$R *.dfm}
procedure TForm1.FormShow(Sender: TObject); begin if not IsAdmin then Memo1.Lines.Add('没有管理员权限') end;
function IsAdmin: Boolean; const SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority = (Value: (0, 0, 0, 0, 0, 5)); SECURITY_BUILTIN_DOMAIN_RID = $00000020; DOMAIN_ALIAS_RID_ADMINS = $00000220; var hAccessToken: THandle; ptgGroups: PTokenGroups; dwInfoBufferSize: DWORD; psidAdministrators: PSID; x: Integer; bSuccess: BOOL; begin Result := False; bSuccess := OpenThreadToken(GetCurrentThread, TOKEN_QUERY, True, hAccessToken); if bSuccess then Form1.Memo1.Lines.Add('测试1 成功') else Form1.Memo1.Lines.Add('测试1 失败');
if not bSuccess then begin Form1.Memo1.Lines.Add('GetLastError ' + IntToStr(GetLastError)); if GetLastError = ERROR_NO_TOKEN then bSuccess := OpenProcessToken(GetCurrentProcess, TOKEN_QUERY, hAccessToken); end; if bSuccess then Form1.Memo1.Lines.Add('测试2 成功') else Form1.Memo1.Lines.Add('测试2 失败'); if bSuccess then begin GetMem(ptgGroups, 1024); bSuccess := GetTokenInformation(hAccessToken, TokenGroups, ptgGroups, 1024, dwInfoBufferSize); CloseHandle(hAccessToken); if bSuccess then Form1.Memo1.Lines.Add('测试3 成功') else Form1.Memo1.Lines.Add('测试3 失败'); if bSuccess then begin AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, psidAdministrators); {$R-} for x := 0 to ptgGroups.GroupCount - 1 do if EqualSid(psidAdministrators, ptgGroups.Groups[x].Sid) then begin Result := True; Form1.Memo1.Lines.Add('成功Sid ' + IntToStr(Integer(ptgGroups.Groups[x].Sid))) ; Break; end else Form1.Memo1.Lines.Add(IntToStr(Integer(ptgGroups.Groups[x].Sid))) ; {$R+} FreeSid(psidAdministrators); end; FreeMem(ptgGroups); end; end;
下面代码通过: var Form1: TForm1; function CheckTokenMembership(TokenHandle: THANDLE; SidToCheck: Pointer; var IsMember: BOOL): BOOL; stdcall; external advapi32 name 'CheckTokenMembership'; implementation
procedure TForm1.FormShow(Sender: TObject); begin if not IsAdmin then Memo1.Lines.Add('没有管理员权限'); end;
----------------------------------------------
你梦我圆