By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,839 Members | 2,270 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,839 IT Pros & Developers. It's quick & easy.

Check to see if USER is in the local administrators group and subgroups

P: 2
I want to get the follow vbScript to work in VB.NET

Set objRun = CreateObject("wscript.Shell")
strUserName = objRun.ExpandEnvironmentStrings("%USERNAME%")
Dim strComputer, member, strUsername, IsMember
Dim grp, obj, objRun

strComputer = "."
'WScript.Echo strUsername
Set grp = GetObject("WinNT://" & strComputer & "/Administrators,group")

For Each member In grp.Members
'WScript.Echo member.Name & " (" & member.Class & ")"
If LCase(member.Name) = strUsername Then
IsMember = member.Name
Else

If (member.Class = "Group") Then
For Each obj In member.Members
If LCase(obj.Name) = strUserName Then
IsMember = obj.Name
'WScript.Echo obj.Name & " (" & obj.Class & ")"
End If
Next
End If
End If
Next

WScript.Echo IsMember & " is a Local Administrator!"

I currently have this VB.NET code but I don't know how to enumerate the members of each group inside the local administrator's group.

Dim strUserName As String = Environment.GetEnvironmentVariable("UserName")
Dim localMachine As New DirectoryEntry("WinNT://" & Environment.MachineName)
Dim admGroup As DirectoryEntry = localMachine.Children.Find("administrators", "group")
Dim members As Object = admGroup.Invoke("members", Nothing)

For Each groupMember As Object In CType(members, IEnumerable)
Dim member As New DirectoryEntry(groupMember)
If member.Name = strUserName Then
tbIsAdmin.Text = "YES"
Else
tbIsAdmin.Text = "NO"
End If
Next

Any help or suggestions are appreciated.

Thanks
Marty
Oct 13 '08 #1
Share this Question
Share on Google+
2 Replies


Plater
Expert 5K+
P: 7,872
That code worked for me.
What is it doing for you?

Could you also do this:
Expand|Select|Wrap|Line Numbers
  1. WindowsPrincipal wp = new WindowsPrincipal(WindowsIdentity.GetCurrent());
  2. bool a = wp.IsInRole("Administrators");
  3.  
Oct 13 '08 #2

P: 2
That code worked for me.
What is it doing for you?

Could you also do this:
Expand|Select|Wrap|Line Numbers
  1. WindowsPrincipal wp = new WindowsPrincipal(WindowsIdentity.GetCurrent());
  2. bool a = wp.IsInRole("Administrators");
  3.  

The WindowsPrincipal and IsInRole("Administrators") works!

The problem I was having with the above script was that it it was not enumerating the Domain groups in the local administrator's group. Thus if the logged on user was a member of a Domain group residing in the Local Admin's group it would return that the user is not in administrator's group when in fact he is.

However, the code you provided is a much better method in my opinion. Thanks so much!!!

Marty
Oct 13 '08 #3

Post your reply

Sign in to post your reply or Sign up for a free account.