WindowsIdentity缺少组-特别是管理员组 [英] WindowsIdentity Missing Groups - Particularly Administrators Group

问题描述

我正在使用模拟来实例化连接到域的Windows 7计算机上的WindowsIdentity.我通过Groups属性返回了很多组.一些域，本地和内置域，但是我没有得到用户所在的内置Adminisrators组.对于为什么会发生这种情况，我感到很困惑.任何帮助将不胜感激.

I'm using Impersonation to instantiate a WindowsIdentity on a Windows 7 machine that is connected to a domain. I get back a lot of groups via Groups property. Some domain, local, and builtin but I'm not getting the builtin Adminisrators group which the user is in. I am very puzzled as to why this is happening. Any help would be appreciated.

更新:

当我通过命令行"whoami/groups"运行时，我可以正确看到所有组.使用WindowsIdentity.Groups(尤其是管理员组)时，我只是缺少了一些.如果whoami Windows命令正确地确定了我的组，我该怎么办?我也尝试过WinAPI NetUserGetGroups&NetUserGetLocalGroups返回的组更少，因此看起来像是破产..Net/C#或WinAPI中还有其他方法可以找出所有用户组吗?

When I run, via command line, "whoami /groups" I can see all of my groups correctly. I'm just missing some when I use WindowsIdentity.Groups (particularly administrators group). If the whoami Windows command is figuring out my groups correctly how can I? I've also tried WinAPI NetUserGetGroups & NetUserGetLocalGroups which return even less groups so those seem like a bust. Is there any other way in .Net/C# or WinAPI that I can figure out all of the users' groups?

推荐答案

这是用户帐户控制在行动.除非以管理员身份执行，否则它将从帐户中删除管理员特权.

This is the User Account Control in action. It will remove administrator privileges from accounts unless executed as an administrator.

它旨在通过将应用程序软件限制为标准用户权限，直到管理员授权增加或提升权限，从而提高Microsoft Windows的安全性.

It aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation.

这篇关于WindowsIdentity缺少组-特别是管理员组的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！