检测另一个进程是否以“以管理员身份运行”启动

时间:2011-03-29 22:10:47

标签: c# vb.net

我们的应用程序需要通过COM接口与另一个程序通信。如果以“以管理员身份运行”启动其他程序,则该界面将不起作用。想要检测此其他进程是否处于此状态并警告用户。有任何想法吗?

寻找.NET语言(C#或VB.NET)。

TIA

2 个答案:

答案 0 :(得分:3)

您可以尝试这样的事情:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.InteropServices;
using System.Diagnostics;
using System.Security.Principal;
using System.Reflection;

namespace WindowsFormsApplication2
{

    public class ProcessHelper
    {
        [DllImport("advapi32.dll", SetLastError = true)]
        private static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);

        [DllImport("kernel32.dll", SetLastError = true)]
        private static extern bool CloseHandle(IntPtr hObject);

        private const int STANDARD_RIGHTS_REQUIRED      = 0xF0000;
        private const int TOKEN_ASSIGN_PRIMARY           =0x1;
        private const int TOKEN_DUPLICATE                 = 0x2;
        private const int TOKEN_IMPERSONATE              = 0x4;
        private const int TOKEN_QUERY                     = 0x8;
        private const int TOKEN_QUERY_SOURCE             = 0x10;
        private const int TOKEN_ADJUST_GROUPS           = 0x40;
        private const int TOKEN_ADJUST_PRIVILEGES        = 0x20;
        private const int TOKEN_ADJUST_SESSIONID          = 0x100;
        private const int TOKEN_ADJUST_DEFAULT          = 0x80;
        private const int TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED | TOKEN_ASSIGN_PRIMARY | TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_QUERY_SOURCE | TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_ADJUST_SESSIONID | TOKEN_ADJUST_DEFAULT);

        public static bool IsProcessOwnerAdmin(string processName)
        {
            Process proc = Process.GetProcessesByName(processName)[0];

            IntPtr ph = IntPtr.Zero;

            OpenProcessToken(proc.Handle, TOKEN_ALL_ACCESS, out ph);

            WindowsIdentity iden = new WindowsIdentity(ph);

            bool result = false;

            foreach (IdentityReference role in iden.Groups)
            {
                if (role.IsValidTargetType(typeof(SecurityIdentifier)))
                {
                    SecurityIdentifier sid = role as SecurityIdentifier;

                    if (sid.IsWellKnown(WellKnownSidType.AccountAdministratorSid) || sid.IsWellKnown(WellKnownSidType.BuiltinAdministratorsSid))
                    {
                        result = true;
                        break;
                    }
                }
            }

            CloseHandle(ph);

            return result;
        }
    }

    static class Program
    {
        [STAThread]
        static void Main()
        {
            bool isAdmin = ProcessHelper.IsProcessOwnerAdmin("outlook");
        }
    }
}

这也是一件好事:Well-known security identifiers in Windows operating systems

这应该是一个很好的起点: - )

答案 1 :(得分:-2)

可能要晚了,但是我为我创建了这个代码(错误代码...尝试n catch,我知道,但是它可以工作):

private void Msg_Click(object sender, RoutedEventArgs e)
    {
        //running at all
        if (Process.GetProcessesByName("OUTLOOK").Any())
        {
            try
            {
                var app = (Application)System.Runtime.InteropServices.Marshal.GetActiveObject("Outlook.Application");
            }

            //running normally
            catch (InvalidCastException)
            {
              
            }

            //running as admin
            catch (System.Runtime.InteropServices.COMException)
            {

            }
            catch (Exception ex)
            {
                Debug.WriteLine(ex);
            }
        }

    }

相关问题
最新问题