PDA

Click to See Complete Forum and Search --> : Program Explanation

Extreme_Coder
July 28th, 2005, 11:15 AM
Can anyone explain me the below program: ?


BOOL IsUserAdmin(VOID)
/*++
Routine Description: This routine returns TRUE if the caller's process
is a member of the Administrators local group. Caller is NOT expected
to be impersonating anyone and is expected to be able to open its own
process and process token.
Arguments: None.
Return Value:
TRUE - Caller has Administrators local group.
FALSE - Caller does not have Administrators local group. --
*/
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(
&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if(b)
{
if (!CheckTokenMembership( NULL, AdministratorsGroup, &b))
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
cvogt61457
July 28th, 2005, 11:20 AM
What are you wanting to know about the code?

The return value is TRUE if the user logged on the current thread has
administrator rights. FALSE otherwise.

This is in the comments !! :mad:
Extreme_Coder
July 28th, 2005, 11:46 AM
I am not asking about the Result and Scope of the Application. All I want to know is the API's used in the Program. Please don't think otherwise, if you don't understand my Question.
olivthill
July 28th, 2005, 12:09 PM
The Windows API which is called is: AllocateAndInitializeSid

You can find its description at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/allocateandinitializesid.asp

This API creates a SID. Your program needs that SID in order to find out to which group does the user belong.

Under Windows NT, etc, users can belong to groups, and files can be restricted to users or to groups. See http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/access_control.asp
cvogt61457
July 28th, 2005, 12:11 PM
Use MSDN.

Either online or with Visual Studio installation.

It has all the info you need to know.

This should be the first place for you to go. Once you have researched
the problem yourself, then post questions here to get more information.

A quick search of MSDN online gives the following URL's for the 3 functions
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/allocateandinitializesid.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/checktokenmembership.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/freesid.asp