2011-01-20 16:40:32 UTC
I am trying to determine in my application if particular user is
domain admin or not. I can easially find information on how to check
if user is local admin (in msdn), but there is nothing on domain
Ideally, I would like to check if:
1. User is local admin
2. User is local user, but not local admin (maybe also check for Power
3. User is domain admin
4. User is domain user, but not admin
So far, I found a method to get domain SID by using:
LsaQueryInformationPolicy(..., PolicyPrimaryDomainInformation, ...)
Which is working pretty well, so I can say if machine is in domain or
not. Now, having domain SID and user SID, I guess I can check if
user's SID is composed from domain SID?
Any hints on functions to use are appriciated!