How to determine in batch-file, if user is administrator

H

Heiko Pliefke

Hi NG!

Is there any possibility to determine in a batch-file, if the logged-on
user is member of Administrators-Group?
This should even work, if the user is member of a domain...

Of course I can try, to create a file unter %SYSTEMROOT% or something
else, and then check, if it was created...

but perhaps there is a better practice?

Any suggestion is greatly appreciated,

Best regard,
/Heiko Pliefke
 
J

Jerold Schulman

Hi NG!

Is there any possibility to determine in a batch-file, if the logged-on
user is member of Administrators-Group?
This should even work, if the user is member of a domain...

Of course I can try, to create a file unter %SYSTEMROOT% or something
else, and then check, if it was created...

but perhaps there is a better practice?

Any suggestion is greatly appreciated,

Best regard,
/Heiko Pliefke
Click to expand...

in the batch, add the following lines to determine if the logged on user is a local administrator:

set admin=N
set domain=%USERDOMAIN%\
If /i "%domain%" EQU "%computername%\" set domain=
set user=%domain%%username%
for /f "Tokens=*" %%a in ('net localgroup administrators^|find /i "%user%"') do set admin=Y


Then just test the value of %admin%

If "%admin% EQU "Y" goto isAdmin
 
B

Bill Stewart

Jerold said:
in the batch, add the following lines to determine if the logged on
user is a local administrator:

set admin=N
set domain=%USERDOMAIN%\
If /i "%domain%" EQU "%computername%\" set domain=
set user=%domain%%username%
for /f "Tokens=*" %%a in ('net localgroup administrators^|find /i "%user%"') do set admin=Y

Then just test the value of %admin%

If "%admin% EQU "Y" goto isAdmin
Click to expand...

It would seem that this method would fail if the user is a member of a
group that's a member of Administrators.

Ifmember.exe doesn't have this problem, but it's not language-independent.

To address these issues, I wrote isadmin.exe:

http://www.cybermesa.com/~bstewart/wast.html

Internally, isadmin.exe enumerates the SIDs for the current user and
returns an exit code of 1 if the current user is a member of
Administrators (e.g., SID S-1-5-32-544).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

wierd batch file behavior 3
local administrator account 3
How you you figure out what goup a user account belongs to within a batch file? 17
Keypath on folders in userprofile / folders depending on user 1
Problem with locked log file produced by batch file 9
administrative rights in Batch file 5
Running a batch file 4
batch file calling an .hta file 2

Top