Although this question was asked an aeon ago, I'd like to point out to a more recent solution, coming straight from the official Microsoft developer documentation that I've been using since 2010, proven to work reliably on Windows 2000, Windows XP and Windows 7 back then and up to Windows 10 as of today.
I came across here while trying to ensure that I would still use a valid solution.
Of course I'd like the original solution authors here to comment on the issue, should there be any objections but I guess this solution would have been adequate already when the question was asked back in 2013.
Solution 1 seems to be the answer but it does not distinguish between elevated and non-elevated privileges, what I read to be the original question. It always returns
TRUE
on my Windows 10 machine, no matter if I run it within an elevated UAC prompt or not.
The KB article #118626 mentioned in
Solution 3 has been removed by Microsoft, but the Web Archive still holds a copy here for anyone interested:
How To Determine Whether a Thread Is Running in User Context of Local Administrator Account[
^]
I just mention this because there's already a recommendation at the beginning of its summary:
Quote:
With Windows 2000 and later versions, you can use the CheckTokenMembership() API instead of the steps described in this article. For additional information, see the Microsoft Platform SDK documentation.
CheckTokenMembership function (securitybaseapi.h) - Win32 apps | Microsoft Learn[
^]
The docs there say the minimum OS versions are:
Quote:
Minimum supported client Windows XP [desktop apps | UWP apps]
Minimum supported server Windows Server 2003 [desktop apps | UWP apps]
But as mentioned earlier this solution already worked on Windows 2000.
Here is my slightly modernized version of the sample code:
bool IsUserAdmin()
{
BOOL b;
SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;
PSID AdministratorsGroup;
b = AllocateAndInitializeSid(
&NtAuthority,
2,
SECURITY_BUILTIN_DOMAIN_RID,
DOMAIN_ALIAS_RID_ADMINS,
0, 0, 0, 0, 0, 0,
&AdministratorsGroup);
if (b == TRUE)
{
if (CheckTokenMembership(NULL, AdministratorsGroup, &b) == FALSE)
{
b = FALSE;
}
FreeSid(AdministratorsGroup);
}
return (b == TRUE);
}
Many thanks to all of you! It was an interesting read :)