Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
Keywords: Trouble determine admin rights 562 error Invalid User Name
AddExtender("WWWNT34i.DLL") user=wntGetUser(@default) response=wntUserProps("", user, 7) message("The Privilege level is:",response)When I run it, I get an error:
WIL Extender Error 562: Invalid User NameI want to find out if the currently logged on ID has admin rights. Right now I am logged on with a domain ID that is in the local admin group, and I am getting this error.
Any old Admin, local machine admin, network admin, god-like admin?
The only method I have ever seen to reliably work is to attempt the desired operation and trap for errors.
1) Copy two files into the Windows directory, per DirWindows(0).
2) Change DACs (file permissions) on one of the two to give everyone Change permission.
3) Add items to the Common Start Menu.
>1) Copy two files into the >Windows directory, per >DirWindows(0). tempname=strcat(DirWindows(0),"aaatest.txt") ErrorMode(@off) handle=FileOpen(tempname,"WRITE") ErrorMode(@cancel) if handle!=0 FileClose(handle) FileDelete(tempname) endifif handle is equal to 0 then you can't write to the DirWindows(0) directory or the machine has died.
> >2) Change DACs (file >permissions) on one of the two >to give everyone Change >permission. Errormore(@off) flag=wntAccessAdd(...) ErrorMode(@cancel) if flag==0 it did not workI usually see if I can to a wrtie to HHEY_LOCAL_SYSTEM to check for this.
> >3) Add items to the Common >Start Menu.
ErrorMode(@off) flag=RegSetValue(@REGMACHINE,"some\innocious\place",0) ErrorMode(@cancel)Actually this is a pretty good all around admin test. Theoretically imperfect, but I have never seen it fail in practice.
Ultimately the answer to that question comes down the the fact that wntuserprops does not work in a complicated network environment. I guess that is true in my case, as I get the same error the original poster did. Our users log onto their computers with a domain account that is in one of the local groups (power users, in this case) and seemingly that is enough to confuse wntuserprops. I'm guessing it only works when the user one is testing is a local account on the machine?
So I have two questions/thoughts on this:
ErrorMode(@off) flag=RegSetValue(@REGMACHINE,"some\innocious\place",0) ErrorMode(@cancel)Actually this is a pretty good all around admin test. Theoretically imperfect, but I have never seen it fail in practice. "
That's an excellent idea, and I intend to use it in my script. This is a good test because after elevating a user (from Power User to Administrator) they in theory are admins (a test that simply looks to see if they are in the admin group will say they are an admin, even immediately after elevation) but in practice, they must logoff/logon before they have the actual rights, so a direct test will be very useful. What I'm curious about is can you elaborate on why you think this test is theoretically imperfect? I am glad to hear that you've never had it fail in practice, that's encouraging.. :D
My thanks for a great product.
If this was done, then the simple test of seeing if you could write to HKEY_LOCAL_MACHINE would indicate that yes you can, and thus the technique would make the program think it had admin rights.
But I have never seen a machine where the admin let this happen.
The general idea is just to test the operation that you want to do, trap errors and see if it worked.
Article ID: W15201
File Created: 2002:11:06:14:12:24
Last Updated: 2002:11:06:14:12:24