My local user account is in the Administrators group, and I wanted to simply figure out how a windows forms project would determine if I'm in the administrators group. So, I started a windows forms project and tried the following:
[STAThread]
static void Main()
{
string adminGroup1 = @"BUILTIN\Administrators";
string adminGroup2 = Environment.MachineName + @"\Administrators";
string adminGroup3 = Environment.MachineName.ToLower() + @"\Administrators";
string adminGroup4 = "Administrators";
string adminGroup5 = "administrators";
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
WindowsPrincipal currentUser1 = (WindowsPrincipal)Thread.CurrentPrincipal;
bool IsAdmin1_1 = currentUser1.IsInRole(adminGroup1); // false
bool IsAdmin1_2 = currentUser1.IsInRole(adminGroup2); // false
bool IsAdmin1_3 = currentUser1.IsInRole(adminGroup3); // false
bool IsAdmin1_4 = currentUser1.IsInRole(adminGroup4); // false
bool IsAdmin1_5 = currentUser1.IsInRole(adminGroup5); // false
WindowsPrincipal currentUser2 = new WindowsPrincipal(WindowsIdentity.GetCurrent());
bool IsAdmin2_1 = currentUser2.IsInRole(adminGroup1); // false
bool IsAdmin2_2 = currentUser2.IsInRole(adminGroup2); // false
bool IsAdmin2_3 = currentUser2.IsInRole(adminGroup3); // false
bool IsAdmin2_4 = currentUser1.IsInRole(adminGroup4); // false
bool IsAdmin2_5 = currentUser2.IsInRole(adminGroup5); // false
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
Application.Run(new Form1());
}
Why are all the above checks failing?
try
currentUser1.IsInRole(WindowsBuiltInRole.Administrator)
See MSDN.
"In Windows Vista and later versions of the Windows operating system, User Account Control (UAC) determines the privileges of a user. [..] The code that executes the IsInRole method does not display the Consent dialog box. The code returns false if you are in the standard user role, even if you are in the Built-in Administrators group"