Check if another process has admin privileges in .NET












4















I'm looking for a way to check that a remote process has administrator privileges from my (fully managed) code. It's safe to assume that my code will run be run with administrator privileges, so I don't care how invasive the technique to achieve my goal is, however I'm looking for a fully managed way which must be compatible with XP SP3 x86 all the way down to win7 x64.



Thanks in advance!



Edit: in order to clarify, I'm talking about a process running on the same machine, regardless of the user who started it. I want to make sure that either the identity associated with the process belongs to the Administrators group or that the main thread has full privileges, with special regards to inheriting handles opened by elevated processes and writing to the storage without any restriction but those applied to processes spawned with the "Run as administrator" option.






c# .net windows winapi uac







share|improve this question

























  • Remote process... Like, running on a different machine? Under another user account? Or just... a separate process from the one executing the check routine?

    – Shog9
    Jan 14 '11 at 18:52











  • Just a separate process on the same machine, regardless of the user account it's running from. Anything that can be opened with an OpenProcess call from the running process.

    – em70
    Jan 14 '11 at 18:55











  • How do you quality a process as having administrator privileges? Does it mean the account that started the process is in the admin group? Or that some privilege has been granted? Do all threads have to have to this privilege or identity associated with them?

    – Robert Horvick
    Jan 14 '11 at 18:57











  • Please read the edit

    – em70
    Jan 14 '11 at 19:05











  • duplicate? stackoverflow.com/questions/4196552/… it's c++, but you could make the same winapi call from c#

    – hometoast
    Jan 14 '11 at 19:08
















4















I'm looking for a way to check that a remote process has administrator privileges from my (fully managed) code. It's safe to assume that my code will run be run with administrator privileges, so I don't care how invasive the technique to achieve my goal is, however I'm looking for a fully managed way which must be compatible with XP SP3 x86 all the way down to win7 x64.



Thanks in advance!



Edit: in order to clarify, I'm talking about a process running on the same machine, regardless of the user who started it. I want to make sure that either the identity associated with the process belongs to the Administrators group or that the main thread has full privileges, with special regards to inheriting handles opened by elevated processes and writing to the storage without any restriction but those applied to processes spawned with the "Run as administrator" option.






c# .net windows winapi uac







share|improve this question

























  • Remote process... Like, running on a different machine? Under another user account? Or just... a separate process from the one executing the check routine?

    – Shog9
    Jan 14 '11 at 18:52











  • Just a separate process on the same machine, regardless of the user account it's running from. Anything that can be opened with an OpenProcess call from the running process.

    – em70
    Jan 14 '11 at 18:55











  • How do you quality a process as having administrator privileges? Does it mean the account that started the process is in the admin group? Or that some privilege has been granted? Do all threads have to have to this privilege or identity associated with them?

    – Robert Horvick
    Jan 14 '11 at 18:57











  • Please read the edit

    – em70
    Jan 14 '11 at 19:05











  • duplicate? stackoverflow.com/questions/4196552/… it's c++, but you could make the same winapi call from c#

    – hometoast
    Jan 14 '11 at 19:08














4












4








4








I'm looking for a way to check that a remote process has administrator privileges from my (fully managed) code. It's safe to assume that my code will run be run with administrator privileges, so I don't care how invasive the technique to achieve my goal is, however I'm looking for a fully managed way which must be compatible with XP SP3 x86 all the way down to win7 x64.



Thanks in advance!



Edit: in order to clarify, I'm talking about a process running on the same machine, regardless of the user who started it. I want to make sure that either the identity associated with the process belongs to the Administrators group or that the main thread has full privileges, with special regards to inheriting handles opened by elevated processes and writing to the storage without any restriction but those applied to processes spawned with the "Run as administrator" option.






c# .net windows winapi uac







share|improve this question
















I'm looking for a way to check that a remote process has administrator privileges from my (fully managed) code. It's safe to assume that my code will run be run with administrator privileges, so I don't care how invasive the technique to achieve my goal is, however I'm looking for a fully managed way which must be compatible with XP SP3 x86 all the way down to win7 x64.



Thanks in advance!



Edit: in order to clarify, I'm talking about a process running on the same machine, regardless of the user who started it. I want to make sure that either the identity associated with the process belongs to the Administrators group or that the main thread has full privileges, with special regards to inheriting handles opened by elevated processes and writing to the storage without any restriction but those applied to processes spawned with the "Run as administrator" option.






c# .net windows winapi uac




c# .net windows winapi uac






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 14 '11 at 19:05







em70

















asked Jan 14 '11 at 18:49









em70em70

3,86733675




3,86733675













  • Remote process... Like, running on a different machine? Under another user account? Or just... a separate process from the one executing the check routine?

    – Shog9
    Jan 14 '11 at 18:52











  • Just a separate process on the same machine, regardless of the user account it's running from. Anything that can be opened with an OpenProcess call from the running process.

    – em70
    Jan 14 '11 at 18:55











  • How do you quality a process as having administrator privileges? Does it mean the account that started the process is in the admin group? Or that some privilege has been granted? Do all threads have to have to this privilege or identity associated with them?

    – Robert Horvick
    Jan 14 '11 at 18:57











  • Please read the edit

    – em70
    Jan 14 '11 at 19:05











  • duplicate? stackoverflow.com/questions/4196552/… it's c++, but you could make the same winapi call from c#

    – hometoast
    Jan 14 '11 at 19:08



















  • Remote process... Like, running on a different machine? Under another user account? Or just... a separate process from the one executing the check routine?

    – Shog9
    Jan 14 '11 at 18:52











  • Just a separate process on the same machine, regardless of the user account it's running from. Anything that can be opened with an OpenProcess call from the running process.

    – em70
    Jan 14 '11 at 18:55











  • How do you quality a process as having administrator privileges? Does it mean the account that started the process is in the admin group? Or that some privilege has been granted? Do all threads have to have to this privilege or identity associated with them?

    – Robert Horvick
    Jan 14 '11 at 18:57











  • Please read the edit

    – em70
    Jan 14 '11 at 19:05











  • duplicate? stackoverflow.com/questions/4196552/… it's c++, but you could make the same winapi call from c#

    – hometoast
    Jan 14 '11 at 19:08

















Remote process... Like, running on a different machine? Under another user account? Or just... a separate process from the one executing the check routine?

– Shog9
Jan 14 '11 at 18:52





Remote process... Like, running on a different machine? Under another user account? Or just... a separate process from the one executing the check routine?

– Shog9
Jan 14 '11 at 18:52













Just a separate process on the same machine, regardless of the user account it's running from. Anything that can be opened with an OpenProcess call from the running process.

– em70
Jan 14 '11 at 18:55





Just a separate process on the same machine, regardless of the user account it's running from. Anything that can be opened with an OpenProcess call from the running process.

– em70
Jan 14 '11 at 18:55













How do you quality a process as having administrator privileges? Does it mean the account that started the process is in the admin group? Or that some privilege has been granted? Do all threads have to have to this privilege or identity associated with them?

– Robert Horvick
Jan 14 '11 at 18:57





How do you quality a process as having administrator privileges? Does it mean the account that started the process is in the admin group? Or that some privilege has been granted? Do all threads have to have to this privilege or identity associated with them?

– Robert Horvick
Jan 14 '11 at 18:57













Please read the edit

– em70
Jan 14 '11 at 19:05





Please read the edit

– em70
Jan 14 '11 at 19:05













duplicate? stackoverflow.com/questions/4196552/… it's c++, but you could make the same winapi call from c#

– hometoast
Jan 14 '11 at 19:08





duplicate? stackoverflow.com/questions/4196552/… it's c++, but you could make the same winapi call from c#

– hometoast
Jan 14 '11 at 19:08












4 Answers
4






active

oldest

votes


















6














OpenProcess(PROCESS_QUERY_[LIMITED_]INFORMATION)+OpenProcessToken(TOKEN_DUPLICATE) to get the token, then DuplicateTokenEx(TOKEN_QUERY,SecurityImpersonation,TokenImpersonation) to get the impersonation token, then pass that token and the SID from CreateWellKnownSid(WinBuiltinAdministratorsSid) to CheckTokenMembership.



To be able to open (almost) every process for PROCESS_QUERY_INFORMATION access you need to be running as administrator and with debug privileges. On Vista and later you can use PROCESS_QUERY_LIMITED_INFORMATION.



Example code available in this answer.






share|improve this answer


























  • Debug privs are not a problem, however your solution involves a lot of P/Invoke calls. Do you know if any of these functions have been wrapped to provide a more streamlined process? In the meantime, +1 :)

    – em70
    Jan 14 '11 at 20:56













  • I don't know .NET well enough to come up with a list of alternative native functions, but I do know that CheckTokenMembership does more than a simple check of SID's in a token since it deals with deny SID's etc, so unless the equivalent .NET function (if any) is documented to call CheckTokenMembership internally I don't think it would be safe to use.

    – Anders
    Jan 14 '11 at 21:05






  • 1





    Dear @Anders can You pls tell me whats wrong with it, it seems everything is done as you have written Take a look at this pls

    – Grigor Yeghiazaryan
    Nov 24 '18 at 14:27





















1














You could use GetTokenInformation or IsUserAnAdmin API calls.






share|improve this answer
























  • I can't run code from said process unless I inject it. Furthermore none of the methods you mentioned, from what I gather, have native implementations.

    – em70
    Jan 14 '11 at 19:49



















1














To check if process started with user from Administrative group you should use the way described by Anders. To check integrity level on Vista or Windows 7 use GetTokenInformation with specifing TokenIntegrityLevel token class to get TOKEN_MANDATORY_LABEL struct which contains SID associated with mandatory integrity level of the token.






share|improve this answer
























  • TokenIntegrityLevel does not exist on XP, you also would have to deal with UAC turned off on NT6+ so you would need to call CheckTokenMembership no matter what. Checking the integrity level would just be pointless extra code.

    – Anders
    Jan 14 '11 at 21:08













  • I didn't get your point about turned off UAC. Could you clarify please?

    – DReJ
    Jan 14 '11 at 21:21











  • @DReJ: When UAC is off, the system is pretty close to XP, no split tokens etc

    – Anders
    Jan 14 '11 at 21:37











  • @Anders: I understand, but why have you decided that UAC is off?

    – DReJ
    Jan 14 '11 at 21:41











  • @DReJ: Why I have decided that UAC is off? That question does not make any sense to me... But, it is a fact that UAC can be turned off on NT6, so you have to be able to deal with that situation...

    – Anders
    Jan 14 '11 at 23:49



















1














I have created Process.Extensions.dll extension using solution offered by Anders



https://stackoverflow.com/a/53460693/3855622






share|improve this answer























    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f4694743%2fcheck-if-another-process-has-admin-privileges-in-net%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    4 Answers
    4






    active

    oldest

    votes








    4 Answers
    4






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    6














    OpenProcess(PROCESS_QUERY_[LIMITED_]INFORMATION)+OpenProcessToken(TOKEN_DUPLICATE) to get the token, then DuplicateTokenEx(TOKEN_QUERY,SecurityImpersonation,TokenImpersonation) to get the impersonation token, then pass that token and the SID from CreateWellKnownSid(WinBuiltinAdministratorsSid) to CheckTokenMembership.



    To be able to open (almost) every process for PROCESS_QUERY_INFORMATION access you need to be running as administrator and with debug privileges. On Vista and later you can use PROCESS_QUERY_LIMITED_INFORMATION.



    Example code available in this answer.






    share|improve this answer


























    • Debug privs are not a problem, however your solution involves a lot of P/Invoke calls. Do you know if any of these functions have been wrapped to provide a more streamlined process? In the meantime, +1 :)

      – em70
      Jan 14 '11 at 20:56













    • I don't know .NET well enough to come up with a list of alternative native functions, but I do know that CheckTokenMembership does more than a simple check of SID's in a token since it deals with deny SID's etc, so unless the equivalent .NET function (if any) is documented to call CheckTokenMembership internally I don't think it would be safe to use.

      – Anders
      Jan 14 '11 at 21:05






    • 1





      Dear @Anders can You pls tell me whats wrong with it, it seems everything is done as you have written Take a look at this pls

      – Grigor Yeghiazaryan
      Nov 24 '18 at 14:27


















    6














    OpenProcess(PROCESS_QUERY_[LIMITED_]INFORMATION)+OpenProcessToken(TOKEN_DUPLICATE) to get the token, then DuplicateTokenEx(TOKEN_QUERY,SecurityImpersonation,TokenImpersonation) to get the impersonation token, then pass that token and the SID from CreateWellKnownSid(WinBuiltinAdministratorsSid) to CheckTokenMembership.



    To be able to open (almost) every process for PROCESS_QUERY_INFORMATION access you need to be running as administrator and with debug privileges. On Vista and later you can use PROCESS_QUERY_LIMITED_INFORMATION.



    Example code available in this answer.






    share|improve this answer


























    • Debug privs are not a problem, however your solution involves a lot of P/Invoke calls. Do you know if any of these functions have been wrapped to provide a more streamlined process? In the meantime, +1 :)

      – em70
      Jan 14 '11 at 20:56













    • I don't know .NET well enough to come up with a list of alternative native functions, but I do know that CheckTokenMembership does more than a simple check of SID's in a token since it deals with deny SID's etc, so unless the equivalent .NET function (if any) is documented to call CheckTokenMembership internally I don't think it would be safe to use.

      – Anders
      Jan 14 '11 at 21:05






    • 1





      Dear @Anders can You pls tell me whats wrong with it, it seems everything is done as you have written Take a look at this pls

      – Grigor Yeghiazaryan
      Nov 24 '18 at 14:27
















    6












    6








    6







    OpenProcess(PROCESS_QUERY_[LIMITED_]INFORMATION)+OpenProcessToken(TOKEN_DUPLICATE) to get the token, then DuplicateTokenEx(TOKEN_QUERY,SecurityImpersonation,TokenImpersonation) to get the impersonation token, then pass that token and the SID from CreateWellKnownSid(WinBuiltinAdministratorsSid) to CheckTokenMembership.



    To be able to open (almost) every process for PROCESS_QUERY_INFORMATION access you need to be running as administrator and with debug privileges. On Vista and later you can use PROCESS_QUERY_LIMITED_INFORMATION.



    Example code available in this answer.






    share|improve this answer















    OpenProcess(PROCESS_QUERY_[LIMITED_]INFORMATION)+OpenProcessToken(TOKEN_DUPLICATE) to get the token, then DuplicateTokenEx(TOKEN_QUERY,SecurityImpersonation,TokenImpersonation) to get the impersonation token, then pass that token and the SID from CreateWellKnownSid(WinBuiltinAdministratorsSid) to CheckTokenMembership.



    To be able to open (almost) every process for PROCESS_QUERY_INFORMATION access you need to be running as administrator and with debug privileges. On Vista and later you can use PROCESS_QUERY_LIMITED_INFORMATION.



    Example code available in this answer.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Nov 24 '18 at 16:06

























    answered Jan 14 '11 at 20:36









    AndersAnders

    70.4k1075128




    70.4k1075128













    • Debug privs are not a problem, however your solution involves a lot of P/Invoke calls. Do you know if any of these functions have been wrapped to provide a more streamlined process? In the meantime, +1 :)

      – em70
      Jan 14 '11 at 20:56













    • I don't know .NET well enough to come up with a list of alternative native functions, but I do know that CheckTokenMembership does more than a simple check of SID's in a token since it deals with deny SID's etc, so unless the equivalent .NET function (if any) is documented to call CheckTokenMembership internally I don't think it would be safe to use.

      – Anders
      Jan 14 '11 at 21:05






    • 1





      Dear @Anders can You pls tell me whats wrong with it, it seems everything is done as you have written Take a look at this pls

      – Grigor Yeghiazaryan
      Nov 24 '18 at 14:27





















    • Debug privs are not a problem, however your solution involves a lot of P/Invoke calls. Do you know if any of these functions have been wrapped to provide a more streamlined process? In the meantime, +1 :)

      – em70
      Jan 14 '11 at 20:56













    • I don't know .NET well enough to come up with a list of alternative native functions, but I do know that CheckTokenMembership does more than a simple check of SID's in a token since it deals with deny SID's etc, so unless the equivalent .NET function (if any) is documented to call CheckTokenMembership internally I don't think it would be safe to use.

      – Anders
      Jan 14 '11 at 21:05






    • 1





      Dear @Anders can You pls tell me whats wrong with it, it seems everything is done as you have written Take a look at this pls

      – Grigor Yeghiazaryan
      Nov 24 '18 at 14:27



















    Debug privs are not a problem, however your solution involves a lot of P/Invoke calls. Do you know if any of these functions have been wrapped to provide a more streamlined process? In the meantime, +1 :)

    – em70
    Jan 14 '11 at 20:56







    Debug privs are not a problem, however your solution involves a lot of P/Invoke calls. Do you know if any of these functions have been wrapped to provide a more streamlined process? In the meantime, +1 :)

    – em70
    Jan 14 '11 at 20:56















    I don't know .NET well enough to come up with a list of alternative native functions, but I do know that CheckTokenMembership does more than a simple check of SID's in a token since it deals with deny SID's etc, so unless the equivalent .NET function (if any) is documented to call CheckTokenMembership internally I don't think it would be safe to use.

    – Anders
    Jan 14 '11 at 21:05





    I don't know .NET well enough to come up with a list of alternative native functions, but I do know that CheckTokenMembership does more than a simple check of SID's in a token since it deals with deny SID's etc, so unless the equivalent .NET function (if any) is documented to call CheckTokenMembership internally I don't think it would be safe to use.

    – Anders
    Jan 14 '11 at 21:05




    1




    1





    Dear @Anders can You pls tell me whats wrong with it, it seems everything is done as you have written Take a look at this pls

    – Grigor Yeghiazaryan
    Nov 24 '18 at 14:27







    Dear @Anders can You pls tell me whats wrong with it, it seems everything is done as you have written Take a look at this pls

    – Grigor Yeghiazaryan
    Nov 24 '18 at 14:27















    1














    You could use GetTokenInformation or IsUserAnAdmin API calls.






    share|improve this answer
























    • I can't run code from said process unless I inject it. Furthermore none of the methods you mentioned, from what I gather, have native implementations.

      – em70
      Jan 14 '11 at 19:49
















    1














    You could use GetTokenInformation or IsUserAnAdmin API calls.






    share|improve this answer
























    • I can't run code from said process unless I inject it. Furthermore none of the methods you mentioned, from what I gather, have native implementations.

      – em70
      Jan 14 '11 at 19:49














    1












    1








    1







    You could use GetTokenInformation or IsUserAnAdmin API calls.






    share|improve this answer













    You could use GetTokenInformation or IsUserAnAdmin API calls.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Jan 14 '11 at 19:11









    hometoasthometoast

    9,37843356




    9,37843356













    • I can't run code from said process unless I inject it. Furthermore none of the methods you mentioned, from what I gather, have native implementations.

      – em70
      Jan 14 '11 at 19:49



















    • I can't run code from said process unless I inject it. Furthermore none of the methods you mentioned, from what I gather, have native implementations.

      – em70
      Jan 14 '11 at 19:49

















    I can't run code from said process unless I inject it. Furthermore none of the methods you mentioned, from what I gather, have native implementations.

    – em70
    Jan 14 '11 at 19:49





    I can't run code from said process unless I inject it. Furthermore none of the methods you mentioned, from what I gather, have native implementations.

    – em70
    Jan 14 '11 at 19:49











    1














    To check if process started with user from Administrative group you should use the way described by Anders. To check integrity level on Vista or Windows 7 use GetTokenInformation with specifing TokenIntegrityLevel token class to get TOKEN_MANDATORY_LABEL struct which contains SID associated with mandatory integrity level of the token.






    share|improve this answer
























    • TokenIntegrityLevel does not exist on XP, you also would have to deal with UAC turned off on NT6+ so you would need to call CheckTokenMembership no matter what. Checking the integrity level would just be pointless extra code.

      – Anders
      Jan 14 '11 at 21:08













    • I didn't get your point about turned off UAC. Could you clarify please?

      – DReJ
      Jan 14 '11 at 21:21











    • @DReJ: When UAC is off, the system is pretty close to XP, no split tokens etc

      – Anders
      Jan 14 '11 at 21:37











    • @Anders: I understand, but why have you decided that UAC is off?

      – DReJ
      Jan 14 '11 at 21:41











    • @DReJ: Why I have decided that UAC is off? That question does not make any sense to me... But, it is a fact that UAC can be turned off on NT6, so you have to be able to deal with that situation...

      – Anders
      Jan 14 '11 at 23:49
















    1














    To check if process started with user from Administrative group you should use the way described by Anders. To check integrity level on Vista or Windows 7 use GetTokenInformation with specifing TokenIntegrityLevel token class to get TOKEN_MANDATORY_LABEL struct which contains SID associated with mandatory integrity level of the token.






    share|improve this answer
























    • TokenIntegrityLevel does not exist on XP, you also would have to deal with UAC turned off on NT6+ so you would need to call CheckTokenMembership no matter what. Checking the integrity level would just be pointless extra code.

      – Anders
      Jan 14 '11 at 21:08













    • I didn't get your point about turned off UAC. Could you clarify please?

      – DReJ
      Jan 14 '11 at 21:21











    • @DReJ: When UAC is off, the system is pretty close to XP, no split tokens etc

      – Anders
      Jan 14 '11 at 21:37











    • @Anders: I understand, but why have you decided that UAC is off?

      – DReJ
      Jan 14 '11 at 21:41











    • @DReJ: Why I have decided that UAC is off? That question does not make any sense to me... But, it is a fact that UAC can be turned off on NT6, so you have to be able to deal with that situation...

      – Anders
      Jan 14 '11 at 23:49














    1












    1








    1







    To check if process started with user from Administrative group you should use the way described by Anders. To check integrity level on Vista or Windows 7 use GetTokenInformation with specifing TokenIntegrityLevel token class to get TOKEN_MANDATORY_LABEL struct which contains SID associated with mandatory integrity level of the token.






    share|improve this answer













    To check if process started with user from Administrative group you should use the way described by Anders. To check integrity level on Vista or Windows 7 use GetTokenInformation with specifing TokenIntegrityLevel token class to get TOKEN_MANDATORY_LABEL struct which contains SID associated with mandatory integrity level of the token.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Jan 14 '11 at 21:00









    DReJDReJ

    1,8231313




    1,8231313













    • TokenIntegrityLevel does not exist on XP, you also would have to deal with UAC turned off on NT6+ so you would need to call CheckTokenMembership no matter what. Checking the integrity level would just be pointless extra code.

      – Anders
      Jan 14 '11 at 21:08













    • I didn't get your point about turned off UAC. Could you clarify please?

      – DReJ
      Jan 14 '11 at 21:21











    • @DReJ: When UAC is off, the system is pretty close to XP, no split tokens etc

      – Anders
      Jan 14 '11 at 21:37











    • @Anders: I understand, but why have you decided that UAC is off?

      – DReJ
      Jan 14 '11 at 21:41











    • @DReJ: Why I have decided that UAC is off? That question does not make any sense to me... But, it is a fact that UAC can be turned off on NT6, so you have to be able to deal with that situation...

      – Anders
      Jan 14 '11 at 23:49



















    • TokenIntegrityLevel does not exist on XP, you also would have to deal with UAC turned off on NT6+ so you would need to call CheckTokenMembership no matter what. Checking the integrity level would just be pointless extra code.

      – Anders
      Jan 14 '11 at 21:08













    • I didn't get your point about turned off UAC. Could you clarify please?

      – DReJ
      Jan 14 '11 at 21:21











    • @DReJ: When UAC is off, the system is pretty close to XP, no split tokens etc

      – Anders
      Jan 14 '11 at 21:37











    • @Anders: I understand, but why have you decided that UAC is off?

      – DReJ
      Jan 14 '11 at 21:41











    • @DReJ: Why I have decided that UAC is off? That question does not make any sense to me... But, it is a fact that UAC can be turned off on NT6, so you have to be able to deal with that situation...

      – Anders
      Jan 14 '11 at 23:49

















    TokenIntegrityLevel does not exist on XP, you also would have to deal with UAC turned off on NT6+ so you would need to call CheckTokenMembership no matter what. Checking the integrity level would just be pointless extra code.

    – Anders
    Jan 14 '11 at 21:08







    TokenIntegrityLevel does not exist on XP, you also would have to deal with UAC turned off on NT6+ so you would need to call CheckTokenMembership no matter what. Checking the integrity level would just be pointless extra code.

    – Anders
    Jan 14 '11 at 21:08















    I didn't get your point about turned off UAC. Could you clarify please?

    – DReJ
    Jan 14 '11 at 21:21





    I didn't get your point about turned off UAC. Could you clarify please?

    – DReJ
    Jan 14 '11 at 21:21













    @DReJ: When UAC is off, the system is pretty close to XP, no split tokens etc

    – Anders
    Jan 14 '11 at 21:37





    @DReJ: When UAC is off, the system is pretty close to XP, no split tokens etc

    – Anders
    Jan 14 '11 at 21:37













    @Anders: I understand, but why have you decided that UAC is off?

    – DReJ
    Jan 14 '11 at 21:41





    @Anders: I understand, but why have you decided that UAC is off?

    – DReJ
    Jan 14 '11 at 21:41













    @DReJ: Why I have decided that UAC is off? That question does not make any sense to me... But, it is a fact that UAC can be turned off on NT6, so you have to be able to deal with that situation...

    – Anders
    Jan 14 '11 at 23:49





    @DReJ: Why I have decided that UAC is off? That question does not make any sense to me... But, it is a fact that UAC can be turned off on NT6, so you have to be able to deal with that situation...

    – Anders
    Jan 14 '11 at 23:49











    1














    I have created Process.Extensions.dll extension using solution offered by Anders



    https://stackoverflow.com/a/53460693/3855622






    share|improve this answer




























      1














      I have created Process.Extensions.dll extension using solution offered by Anders



      https://stackoverflow.com/a/53460693/3855622






      share|improve this answer


























        1












        1








        1







        I have created Process.Extensions.dll extension using solution offered by Anders



        https://stackoverflow.com/a/53460693/3855622






        share|improve this answer













        I have created Process.Extensions.dll extension using solution offered by Anders



        https://stackoverflow.com/a/53460693/3855622







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 24 '18 at 17:40









        Grigor YeghiazaryanGrigor Yeghiazaryan

        12816




        12816






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f4694743%2fcheck-if-another-process-has-admin-privileges-in-net%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Costa Masnaga

            Image
            .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m...
            Read more

            Fotorealismo

            Image
            Guerrino Boatto, Venice's St. Barnaba Church and canal Il fotorealismo è un genere di pittura basato sull'uso di una o più fotografie dalle quali l'artista prende le informazioni necessarie da utilizzare poi nel processo della creazione dell'opera, in genere ad olio o ad acrilico, al fine di avere un aspetto finale il più simile possibile alla fotografia. Indice 1 Storia 2 Lista dei fotorealisti 3 Note 4 Voci correlate 5 Altri progetti Storia | Il fotorealismo è un movimento che nasce negli Stati Uniti d'America alla fine degli anni sessanta [1] sulla scia della Pop Art [2] [3] [4] , e insieme condividono il carattere reazionario verso la travolgente ascesa dei media, che alla metà del ventesimo secolo si trasforma in un fenomeno di massa talmente imponente da minacciare il valore dell'immagine nell'arte. [5] [6] Ne consegue così che, colto il gesto d'inizio che fu della Pop Art, i fotorealisti aprono ad un ...
            Read more

            Sidney Franklin

            Image
            Questa voce sull'argomento registi statunitensi è solo un abbozzo . Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Sidney Franklin, foto di Carl Van Vechten Oscar alla memoria Irving G. Thalberg 1943 Sidney Franklin , all'anagrafe Sidney Arnold Franklin , (San Francisco, 21 marzo 1893 – Santa Monica, 18 maggio 1972), è stato un regista, produttore cinematografico e attore statunitense. Il 20 giugno 1963, si sposò con l'attrice australiana Enid Bennett. Il matrimonio durò fino alla morte dell'attrice, il 14 maggio 1969 [1] Indice 1 Filmografia 1.1 Regista 1.2 Aiuto regia (parziale) 1.3 Produttore 1.4 Attore (parziale) 2 Note 3 Altri progetti 4 Collegamenti esterni Filmografia | Regista | The Baby , co-regia Chester M. Franklin (1915) The Rivals , co-regia Chester M. Franklin (1915) Little Dick's First Case , co-regia Chester M. Franklin (1915) Her Filmland Hero , co-...
            Read more