Forum Discussion
Hello Alexander
If we are talking about Windows (you wrote PC) maybe you can try this. There is a process "wininit.exe" which is visible under user with Administrator rights only but is present on all Windows sessions.
I think you can try to detect whether this process is present on system. For user with standard privileges return value will be false. For user with administrative privileges return value will be true. I think so
References:
https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-access-policy-manager-visual-policy-editor/access-policy-item-reference/about-endpoint-security-client-side-items/about-windows-process.html
https://support.f5.com/csp/article/K15302653
- Alexander_SlinkAltostratus
Hi Vladimir,
Thanks for the reply.
The wininit.exe process is visible for both roles (admin and standard).
So this is not an option.
But thank you!
isn't a simple memberOf enough for this? if you control the AD you know which groups contain admins.
- Alexander_SlinkAltostratus
Hi Boneyard,
Thanks, but unfortunately no.
This is a different case.
can you explain the case clearer then?
Hi Alexander
According to https://support.f5.com/csp/article/K15302653 article "Starting with BIG-IP 13.1.0, you can use the inspector service in lieu of administrative privileges" but I think you can try to open registry key HKEY_LOCAL_MACHINE\SAM\SAM. Windows user without admin permissions receives error opening this key
- Alexander_SlinkAltostratus
Hi Vladimir,
No, this is not an option too.
I have admin privileges, but I can't open the key.