C# 检测是否以管理员身份运行,是否具有提升的权限?
我有一个应用程序需要检测它是否以提升的权限运行。我目前的代码设置如下:C# 检测是否以管理员身份运行,是否具有提升的权限?,c#,.net,windows-vista,uac,user-accounts,C#,.net,Windows Vista,Uac,User Accounts,我有一个应用程序需要检测它是否以提升的权限运行。我目前的代码设置如下: static bool IsAdministrator() { WindowsIdentity identity = WindowsIdentity.GetCurrent(); WindowsPrincipal principal = new WindowsPrincipal(identity); return principal.IsInRole (WindowsBuiltInRole.Admini
static bool IsAdministrator()
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
return principal.IsInRole (WindowsBuiltInRole.Administrator);
}
private bool IsAdmin
{
get
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
if (identity != null)
{
WindowsPrincipal principal = new WindowsPrincipal(identity);
List<Claim> list = new List<Claim>(principal.UserClaims);
Claim c = list.Find(p => p.Value.Contains("S-1-5-32-544"));
if (c != null)
return true;
}
return false;
}
}
这可以检测用户是否为管理员,但如果以管理员身份运行而没有提升,则不起作用。(例如在vshost.exe中)
如何确定提升是否[已生效或]可能?在UserAccountControl.cppUserAccountControl::IsUserAdmin中有检查提升的代码,该代码检查UAC是否已启用,然后检查流程是否提升
bool UserAccountControl::IsCurrentProcessElevated::get()
{
return GetProcessTokenElevationType() == TokenElevationTypeFull; //elevated
}
从函数:
int UserAccountControl::GetProcessTokenElevationType()
{
HANDLE hToken;
try
{
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken))
throw gcnew Win32Exception(GetLastError());
TOKEN_ELEVATION_TYPE elevationType;
DWORD dwSize;
if (!GetTokenInformation(hToken, TokenElevationType, &elevationType, sizeof(elevationType), &dwSize))
throw gcnew Win32Exception(GetLastError());
return elevationType;
}
finally
{
CloseHandle(hToken);
}
}
使用TokenElevationType
可以工作,但是如果您针对管理组SID PInvokeCheckTokenMembership()
,您的代码在UAC关闭和2000/XP/2003时也可以工作,并且还可以处理拒绝SID
还有一个IsUserAnAdmin()
函数可以为您执行CheckTokenMembership
检查,但MSDN表示它可能不会永远存在请尝试以下方法:
using Microsoft.Win32;
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
using System.Security.Principal;
public static class UacHelper
{
private const string uacRegistryKey = "Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System";
private const string uacRegistryValue = "EnableLUA";
private static uint STANDARD_RIGHTS_READ = 0x00020000;
private static uint TOKEN_QUERY = 0x0008;
private static uint TOKEN_READ = (STANDARD_RIGHTS_READ | TOKEN_QUERY);
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool GetTokenInformation(IntPtr TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, IntPtr TokenInformation, uint TokenInformationLength, out uint ReturnLength);
public enum TOKEN_INFORMATION_CLASS
{
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
}
public enum TOKEN_ELEVATION_TYPE
{
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited
}
public static bool IsUacEnabled
{
get
{
RegistryKey uacKey = Registry.LocalMachine.OpenSubKey(uacRegistryKey, false);
bool result = uacKey.GetValue(uacRegistryValue).Equals(1);
return result;
}
}
public static bool IsProcessElevated
{
get
{
if (IsUacEnabled)
{
IntPtr tokenHandle;
if (!OpenProcessToken(Process.GetCurrentProcess().Handle, TOKEN_READ, out tokenHandle))
{
throw new ApplicationException("Could not get process token. Win32 Error Code: " + Marshal.GetLastWin32Error());
}
TOKEN_ELEVATION_TYPE elevationResult = TOKEN_ELEVATION_TYPE.TokenElevationTypeDefault;
int elevationResultSize = Marshal.SizeOf((int)elevationResult);
uint returnedSize = 0;
IntPtr elevationTypePtr = Marshal.AllocHGlobal(elevationResultSize);
bool success = GetTokenInformation(tokenHandle, TOKEN_INFORMATION_CLASS.TokenElevationType, elevationTypePtr, (uint)elevationResultSize, out returnedSize);
if (success)
{
elevationResult = (TOKEN_ELEVATION_TYPE)Marshal.ReadInt32(elevationTypePtr);
bool isProcessAdmin = elevationResult == TOKEN_ELEVATION_TYPE.TokenElevationTypeFull;
return isProcessAdmin;
}
else
{
throw new ApplicationException("Unable to determine the current elevation.");
}
}
else
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
bool result = principal.IsInRole(WindowsBuiltInRole.Administrator);
return result;
}
}
}
}
下面是的一个修改版本,其中包括正确处置资源和处理域管理员等内容
public static class UacHelper
{
private const string uacRegistryKey = "Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System";
private const string uacRegistryValue = "EnableLUA";
private static uint STANDARD_RIGHTS_READ = 0x00020000;
private static uint TOKEN_QUERY = 0x0008;
private static uint TOKEN_READ = (STANDARD_RIGHTS_READ | TOKEN_QUERY);
[DllImport("advapi32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);
[DllImport("kernel32.dll", SetLastError = true)]
[return: MarshalAs(UnmanagedType.Bool)]
static extern bool CloseHandle(IntPtr hObject);
[DllImport("advapi32.dll", SetLastError = true)]
public static extern bool GetTokenInformation(IntPtr TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, IntPtr TokenInformation, uint TokenInformationLength, out uint ReturnLength);
public enum TOKEN_INFORMATION_CLASS
{
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
}
public enum TOKEN_ELEVATION_TYPE
{
TokenElevationTypeDefault = 1,
TokenElevationTypeFull,
TokenElevationTypeLimited
}
public static bool IsUacEnabled
{
get
{
using (RegistryKey uacKey = Registry.LocalMachine.OpenSubKey(uacRegistryKey, false))
{
bool result = uacKey.GetValue(uacRegistryValue).Equals(1);
return result;
}
}
}
public static bool IsProcessElevated
{
get
{
if (IsUacEnabled)
{
IntPtr tokenHandle = IntPtr.Zero;
if (!OpenProcessToken(Process.GetCurrentProcess().Handle, TOKEN_READ, out tokenHandle))
{
throw new ApplicationException("Could not get process token. Win32 Error Code: " +
Marshal.GetLastWin32Error());
}
try
{
TOKEN_ELEVATION_TYPE elevationResult = TOKEN_ELEVATION_TYPE.TokenElevationTypeDefault;
int elevationResultSize = Marshal.SizeOf(typeof(TOKEN_ELEVATION_TYPE));
uint returnedSize = 0;
IntPtr elevationTypePtr = Marshal.AllocHGlobal(elevationResultSize);
try
{
bool success = GetTokenInformation(tokenHandle, TOKEN_INFORMATION_CLASS.TokenElevationType,
elevationTypePtr, (uint) elevationResultSize,
out returnedSize);
if (success)
{
elevationResult = (TOKEN_ELEVATION_TYPE) Marshal.ReadInt32(elevationTypePtr);
bool isProcessAdmin = elevationResult == TOKEN_ELEVATION_TYPE.TokenElevationTypeFull;
return isProcessAdmin;
}
else
{
throw new ApplicationException("Unable to determine the current elevation.");
}
}
finally
{
if (elevationTypePtr != IntPtr.Zero)
Marshal.FreeHGlobal(elevationTypePtr);
}
}
finally
{
if (tokenHandle != IntPtr.Zero)
CloseHandle(tokenHandle);
}
}
else
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
bool result = principal.IsInRole(WindowsBuiltInRole.Administrator)
|| principal.IsInRole(0x200); //Domain Administrator
return result;
}
}
}
}
在.NETFramWork4.5中,我找到了另一种适合我的方法。
关于以下脚本,可在此处找到(德语)
在C#中,它看起来是这样的:
static bool IsAdministrator()
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
return principal.IsInRole (WindowsBuiltInRole.Administrator);
}
private bool IsAdmin
{
get
{
WindowsIdentity identity = WindowsIdentity.GetCurrent();
if (identity != null)
{
WindowsPrincipal principal = new WindowsPrincipal(identity);
List<Claim> list = new List<Claim>(principal.UserClaims);
Claim c = list.Find(p => p.Value.Contains("S-1-5-32-544"));
if (c != null)
return true;
}
return false;
}
}
private bool IsAdmin
{
得到
{
WindowsIdentity=WindowsIdentity.GetCurrent();
如果(标识!=null)
{
WindowsPrincipal=新的WindowsPrincipal(标识);
列表=新列表(principal.UserClaims);
索赔c=list.Find(p=>p.Value.Contains(“S-1-5-32-544”);
如果(c!=null)
返回true;
}
返回false;
}
}
但是在.net<4.5中,WindowsPrincipal
类不包含UserClaims
属性
我没有办法得到这些信息。我想还有一个问题。我检查了您提供的解决方案,不得不说,在安装Windows 7并以管理员身份登录时,检查不起作用。Windows从不返回进程在提升模式下运行的信息。因此,顺序如下:
if (IsUacEnabled)
return IsProcessInElevatedMode();
return IsUserAdmin();
以管理员身份登录时不返回true,但进程具有执行系统操作的所有权限(例如停止系统服务)。
工作顺序为:
if (IsUserAdmin())
return true;
if (IsUacEnabled)
return IsProcessInElevatedMode();
return false;
您应该首先检查该进程是否在管理员上下文中运行。
其他信息:
IsUacEnabled() - checks if the UAC has been enabled in the system (Windows)
IsProcessInElevatedMode() - checks if the process is run in an elevated mode
IsUserAdmin() - checks if the current user has an Administrtor role
所有这些方法在以前的帖子中都有描述。(问题提出六年后的新答案)
免责声明:这只是在我的特定操作系统上使用我的特定设置和我的特定用户时发生的事情:
using System.Security.Principal;
// ...
static bool IsElevated
{
get
{
return WindowsIdentity.GetCurrent().Owner
.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid);
}
}
因此,当我运行这个“以管理员身份运行”时,属性get
accessor返回true
。正常运行时(即使我的用户“是”管理员,但不是以“管理员”身份运行此特定应用程序),它返回false
这似乎比许多其他答案简单得多
我不知道是否有这样失败的案例
PS!这似乎也不错:
static bool IsElevated
{
get
{
var id = WindowsIdentity.GetCurrent();
return id.Owner != id.User;
}
}
使用nuget软件包:
还有许多其他属性可用于检测用户是否实际上是管理员,或者流程是否在UAC虚拟化下运行,或者桌面所有者是否是流程所有者。(从有限帐户运行)
查看“阅读我”以了解更多信息。有一些问题。首先,它不获取任何以管理员身份运行的系统进程(例如在NT Authority/System下)。
下面的代码示例修复了所有问题(Detect、LocalAdmins、DomainAdmins和LocalSystemAdmins)
如果只需要当前进程,请将pHandle
替换为Process.GetCurrentProcess().Handle
注:
您必须具有一定的权限才能运行它。(每个进程都有它们,但是
需要先激活它们,默认情况下服务会激活它们)
我正在使用此代码,它运行良好:
bool runningAsAdmin = WindowsIdentity.GetCurrent().Owner.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid);
*Admin是内置Administrators组的一部分
“系统管理员的用户帐户。此帐户是操作系统安装期间创建的第一个帐户。无法删除或锁定此帐户。它是管理员组的成员,无法从该组中删除。”--如果要以本地管理员身份运行的帐户有效,但如果使用域管理员,变量isProcessAdmin返回false。但UAC在提升权限(在windows中创建文件夹、以管理员身份运行等)时接受域管理员为有效权限我如何修改你的函数,所以它也考虑到了这个情况?你可能还想考虑,如果帐户是内置的管理员,那么UAC在默认情况下会被提升,所以在这个情况下,IsPosialPro会返回false(因为ISUACKEndot是TRUE,Apple结果是TokEngEngalType Type默认值)。即使进程在提升模式下运行,而没有提示用户。或者换句话说,帐户被提升,进程以默认提升类型运行;使用System.Runtime.InteropServices;使用System.Security.Principal;它似乎也被镜像了,这让我在Windows8出现了一个异常,在Marshal.SizeOf((int)elevationResult)
我还不知道为什么。异常消息为:找不到方法。位于:Int32 System.Runtime.InteropServices.Marshal.SizeOf(!!0)。
TokenElevationTypeLimited呢?是否应该考虑将isProcessAdmin设置为true?这完全取决于您运行服务的用户。您是否正在尝试检测该服务是以本地系统、本地服务、网络服务还是windows用户的身份运行?探测”
bool runningAsAdmin = WindowsIdentity.GetCurrent().Owner.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid);