get if logged in as administrator (NT/2000 only)

Author: Thomas Stutz 

 

const

  SECURITY_NT_AUTHORITY: TSIDIdentifierAuthority =

    (Value: (0, 0, 0, 0, 0, 5));

  SECURITY_BUILTIN_DOMAIN_RID = $00000020;

  DOMAIN_ALIAS_RID_ADMINS = $00000220;

 

function IsAdmin: Boolean;

var

  hAccessToken: THandle;

  ptgGroups: PTokenGroups;

  dwInfoBufferSize: DWORD;

  psidAdministrators: PSID;

  x: Integer;

  bSuccess: BOOL;

begin

  Result   := False;

  bSuccess := OpenThreadToken(GetCurrentThread, TOKEN_QUERY, True,

    hAccessToken);

  if not bSuccess then

  begin

    if GetLastError = ERROR_NO_TOKEN then

      bSuccess := OpenProcessToken(GetCurrentProcess, TOKEN_QUERY,

        hAccessToken);

  end;

  if bSuccess then

  begin

    GetMem(ptgGroups, 1024);

    bSuccess := GetTokenInformation(hAccessToken, TokenGroups,

      ptgGroups, 1024, dwInfoBufferSize);

    CloseHandle(hAccessToken);

    if bSuccess then

    begin

      AllocateAndInitializeSid(SECURITY_NT_AUTHORITY, 2,

        SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,

        0, 0, 0, 0, 0, 0, psidAdministrators);

      {$R-}

      for x := 0 to ptgGroups.GroupCount - 1 do

        if EqualSid(psidAdministrators, ptgGroups.Groups[x].Sid) then

        begin

          Result := True;

          Break;

        end;

      {$R+}

      FreeSid(psidAdministrators);

    end;

    FreeMem(ptgGroups);

  end;

end;

 

procedure TForm1.Button1Click(Sender: TObject);

begin

  if isAdmin then

    ShowMessage('Logged in as Administrator');

end;