November
7th,
2005
One of the LUA tasks I found very frustrating was detecting whether or not I was running as an Admin in a .BAT script. It’s very difficult to do this correctly and the best way I found was to write a separate program that would determine this for me. This has a couple of limitation, the main one being that it adds extra dependencies to your scripts and makes them harder to deploy.
Monad has greatly simplified this task as I can do the detection code uses simple scripts.
# Determine if I am running as an Admin
function AmIAdmin()
{
$local:ident = [System.Security.Principal.WindowsIdentity]::GetCurrent()
foreach ( $local:groupIdent in $ident.Groups )
{
if (
$groupIdent.IsValidTargetType([System.Security.Principal.SecurityIdentifier])
)
{
$local:groupSid =
$groupIdent.Translate([System.Security.Principal.SecurityIdentifier])
if ( $groupSid.IsWellKnown("AccountAdministratorSid") -or
$groupSid.IsWellKnown("BuiltinAdministratorsSid"))
{
return $true;
}
}
}
return $false;
}
I’ve added this to my profile so now it’s really easy to determine if I can complete an action or need to prompt for credentials in my scrips.