Managed C++: Retrieving User's Windows Security Information

I recently finished up a spyware-detection application that needed to determine various Windows security information such as whether or not the user has administrator rights. Thankfully, I was able to write the application in .NET so I had access to a few extremely helpful classes that made this task very easy. One of those classes is WindowsIdentity (found in the System::Security::Principal namespace). By using this class, I was able to retrieve security information such as the name of the user (including the domain or workgroup), whether or not the user is authenticated, and the authentication type. The following commented code shows how easy this task is:

  1. Include the necessary namespace:
    using namespace System::Security::Principal;
  2. Obtain the WindowsIdentity object associated with the current user:
  3. WindowsIdentity* identity = WindowsIdentity::GetCurrent();
  4. You now can query the WindowsIdentity object's property for the exact information you need:
    listSecurity.SetItemText(0, 1, CString(identity->Name));
    listSecurity.SetItemText(1, 1, CString(identity->AuthenticationType));
    listSecurity.SetItemText(2, 1, CString(identity->IsAuthenticated.ToString()));
    listSecurity.SetItemText(3, 1, CString(identity->IsAnonymous.ToString()));
    listSecurity.SetItemText(4, 1, CString(identity->IsGuest.ToString()));
    listSecurity.SetItemText(5, 1, CString(identity->IsSystem.ToString()));
    listSecurity.SetItemText(6, 1, CString(identity->Token.ToString()));
    

Looking Ahead

The next article will take this a step further and illustrate how you can verify whether the current user is in a specific group (such as the Administrator group), so that you can easily test whether a user has the necessary rights to invoke various functions in a given application.



About the Author

Tom Archer - MSFT

I am a Program Manager and Content Strategist for the Microsoft MSDN Online team managing the Windows Vista and Visual C++ developer centers. Before being employed at Microsoft, I was awarded MVP status for the Visual C++ product. A 20+ year veteran of programming with various languages - C++, C, Assembler, RPG III/400, PL/I, etc. - I've also written many technical books (Inside C#, Extending MFC Applications with the .NET Framework, Visual C++.NET Bible, etc.) and 100+ online articles.

Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Despite the popularity of cloud software, many companies are reluctant to move their contact centers to the cloud. This white paper breaks down cloud architecture, the benefits of cloud and the difference between cloud and on-premise systems. It's a helpful resource for companies who are curious about cloud contact center software but have reservations. It offers practical explanations, extensive research and a guide to selecting the right cloud contact center vendor.

  • The relentless march of end user organizations toward cloud services continues, despite long-standing fears about information security, the lack of visibility into cloud provider security controls, and the shortcomings of controls available to those who utilize cloud services. And while more and more security-as-a-service (SaaS) solutions and application programming interfaces (APIs) are becoming available, many cloud service providers just aren't moving fast enough to address today's enterprise needs. Read …

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date