Check if the script has elevated permissions
I would like to check whether the context in which my VBscript runs allows me to perform administrative tasks.
Requirements:
- The solution should work on all Windows operating systems starting with Server 2003. (This rules out solutions which just check for membership in the Administrators group -- remember that there's UAC in Vista and Windows 7!)
- The solution should be simple. A 50 LOC solution that checks the Windows group memberships (recursively, of course, since the user might be member of a groups which is member of a group ... which is member of the Administrators group) and then does some extra checks for Vista UAC is not simple.
- The solution may be a bit dirty, so something along the lines of this solution would be ok.
- It should not be too dirty. Writing a file to C:\Windows or writing a registry key is too dirty in my opinion, since it modifies the system. (EDIT: Which might not work anyway: for example, when using VBScript in a HTA, UAC redirection kicks in.)
Related question: https://stackoverflow.com/questions/301860 (all of the answers I found there (a) ignore the UAC issue and (b) are faulty because they ignore the possibility of a user having administrative permissions although not being direct member in the Administrators group)
Answer
I know this thread is very old and marked answered but this is a simpler method that has always worked for me. User S-1-5-19 is the Local NT Authority so accessing the key takes admin rights. It works if run via elevation.
Option Explicit
msgbox isAdmin(), vbOkonly, "Am I an admin?"
Private Function IsAdmin()
On Error Resume Next
CreateObject("WScript.Shell").RegRead("HKEY_USERS\S-1-5-19\Environment\TEMP")
if Err.number = 0 Then
IsAdmin = True
else
IsAdmin = False
end if
Err.Clear
On Error goto 0
End Function