Download the Tom's Hardware App from the App Store
The reference for current tech news
Yes No
Ads
Tom's Hardware > Forum > Windows 2000/NT > General Discussion > How to determine in batch-file, if user is administrator

How to determine in batch-file, if user is administrator

Forum Windows 2000/NT : General Discussion How to determine in batch-file, if user is administrator

Related Content
You have searched for "How to determine in batch-file, if user is administrator" . You might be interested in the following threads:

See more for "How to determine in batch-file, if user is administrator"

Can't find your answer?
Ask!

General Discussion

Word :    Username :           
 
Anonymous   08-04-2005 at 10:18:39 PM
- 0 +

Archived from groups: alt.msdos.batch.nt,microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsnt.misc (More info?)

 

Hi NG!

Is there any possibility to determine in a batch-file, if the logged-on
user is member of Administrators-Group?
This should even work, if the user is member of a domain...

Of course I can try, to create a file unter %SYSTEMROOT% or something
else, and then check, if it was created...

but perhaps there is a better practice?

Any suggestion is greatly appreciated,

Best regard,
/Heiko Pliefke

Reply to Anonymous
Register or log in to remove.
Anonymous   08-04-2005 at 10:18:40 PM
- 0 +

Archived from groups: alt.msdos.batch.nt,microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsnt.misc (More info?)

 

On Thu, 04 Aug 2005 16:18:39 +0200, Heiko Pliefke <sledge_hammer@freenet.de> wrote:

>Hi NG!
>
>Is there any possibility to determine in a batch-file, if the logged-on
>user is member of Administrators-Group?
>This should even work, if the user is member of a domain...
>
>Of course I can try, to create a file unter %SYSTEMROOT% or something
>else, and then check, if it was created...
>
>but perhaps there is a better practice?
>
>Any suggestion is greatly appreciated,
>
>Best regard,
>/Heiko Pliefke

in the batch, add the following lines to determine if the logged on user is a local administrator:

set admin=N
set domain=%USERDOMAIN%\
If /i "%domain%" EQU "%computername%\" set domain=
set user=%domain%%username%
for /f "Tokens=*" %%a in ('net localgroup administrators^|find /i "%user%"') do set admin=Y


Then just test the value of %admin%

If "%admin% EQU "Y" goto isAdmin

Reply to Anonymous
Anonymous   08-04-2005 at 10:18:40 PM
- 0 +

Archived from groups: alt.msdos.batch.nt,microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsnt.misc (More info?)

 

Try IFMEMBER.EXE from the Windows Server 2003 Resource Kit Tools:
http://www.microsoft.com/downloads [...] 8c4790cffd



"Heiko Pliefke" <sledge_hammer@freenet.de> wrote in message
news:1123165119.614281@nbgm66x...
> Hi NG!
>
> Is there any possibility to determine in a batch-file, if the logged-on
> user is member of Administrators-Group?
> This should even work, if the user is member of a domain...
>
> Of course I can try, to create a file unter %SYSTEMROOT% or something
> else, and then check, if it was created...
>
> but perhaps there is a better practice?
>
> Any suggestion is greatly appreciated,
>
> Best regard,
> /Heiko Pliefke

Reply to Anonymous
Anonymous   08-04-2005 at 10:18:41 PM
- 0 +

Archived from groups: microsoft.public.win2000.cmdprompt.admin,microsoft.public.windowsnt.misc (More info?)

 

Jerold Schulman wrote:

> in the batch, add the following lines to determine if the logged on
> user is a local administrator:
>
> set admin=N
> set domain=%USERDOMAIN%\
> If /i "%domain%" EQU "%computername%\" set domain=
> set user=%domain%%username%
> for /f "Tokens=*" %%a in ('net localgroup administrators^|find /i "%user%"') do set admin=Y
>
> Then just test the value of %admin%
>
> If "%admin% EQU "Y" goto isAdmin

It would seem that this method would fail if the user is a member of a
group that's a member of Administrators.

Ifmember.exe doesn't have this problem, but it's not language-independent.

To address these issues, I wrote isadmin.exe:

http://www.cybermesa.com/~bstewart/wast.html

Internally, isadmin.exe enumerates the SIDs for the current user and
returns an exit code of 1 if the current user is a member of
Administrators (e.g., SID S-1-5-32-544).

--
Bill Stewart

Reply to Anonymous
joker56123   03-28-2011 at 11:49:42 PM
- 0 +

I know this is an old post but I wanted to share some info. I use Ifmember.exe in my logon scripts to find out if a user is a memeber of a group and that works great but I couldnt figure out how to use it to verify if a "certain", not the currently logged in user, group was already added to the Local Administrators group. So I was able to use Jerold's post earlier to use it for that function.

First I will show you how I use Ifmember.exe

set GROUP1=(Any AD group)
set USERDOMAIN=(Your AD Domain)
if "%GROUP1%"=="" goto complete
"ifmember.exe" "%USERDOMAIN%\%GROUP1%"
if not errorlevel 1 goto complete

net use k: /delete /y
net use k: \\Server\DataPath /Persistent:Yes

:complete

***This is how I used the FOR funtion***

for /f "Tokens=*" %%a in ('net localgroup administrators^|find /i "(your domain here)\Domain Admins"') do goto domainadmin
net localgroup Administrators /add "(your domain here)\Domain Admins"
echo Added Domain Admins to the Local Administrators group
: domainadmin
for /f "Tokens=*" %%a in ('net localgroup administrators^|find /i "(your domain here)\(Any AD Group or User"') do goto admins
net localgroup Administrators /add "(your domain here)\(Any AD Group or User)"
echo Added "Your User" to the Local Administrators group
:admins

Good luck.


Message edited by joker56123 on 03-28-2011 at 11:52:28 PM
Reply to joker56123
accolade   11-22-2011 at 03:38:16 PM
- 0 +

Here's a one-liner that doesn't require additional tools:

Code :
  1. >nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"&&(
  2.     echo admin...
  3. )

source: http://stackoverflow.com/q/4054937


Here is how I use it, in a routine that elevates a batch script itself:

Code :
  1. :: Ensure ADMIN Privileges
  2.     :: adaptation of https://sites.google.com/site/eneerge/home/BatchGotAdmin and http://stackoverflow.com/q/4054937
  3.     @echo off
  4.     :: Check for ADMIN Privileges
  5.     >nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
  6.     if '%errorlevel%' NEQ '0' (
  7.         REM Get ADMIN Privileges
  8.         echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
  9.         echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
  10.         "%temp%\getadmin.vbs"
  11.         del "%temp%\getadmin.vbs"
  12.         exit /B
  13.     ) else (
  14.         REM Got ADMIN Privileges
  15.         pushd "%cd%"
  16.         cd /d "%~dp0"
  17.         @echo on
  18.     )


Reply to accolade
Register or log in to remove.
Ask the community Add a reply
See all topics related to "How to determine in batch-file, if user is administrator"
Tom's Hardware > Forum > Windows 2000/NT > General Discussion > How to determine in batch-file, if user is administrator
Go to:

There are 1513 identified and unidentified users. To see the list of identified users, Click here.

Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.826 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
  • Ask the community now
  • Publish
Ad
Ads
Latest best answer
Restoring an acronis image of NT 4.0
By hang-the-9, 28 days ago:

After you do the restore, before booting the image, boot off an NT 4 CD, start a command...

Related Topics
See all relatives topics
Best offers
Must-see
They won a badge
Join us in greeting them
How do I win badges?
Top experts
Become an expert The rank