非提升时检查登录用户是否为管理员

我需要检查当前登录的用户是否是管理员，但是发现当 AD 组是管理员组的成员时，仅使用net localgroup administrators"是不够的.

I needed to check whether the currently logged on user is an administrator however found that just using 'net localgroup administrators' was insufficient when it came to AD groups being a member of the administrators group.

通常很容易将管理员权限与特定实例的提升权限混淆，我只想强调这个问题/答案不涉及进程提升状态检查.要求通常是确定登录用户是否是管理员组成员.更常见的是需要确定您的脚本是否以管理员权限运行.如果这是您的要求，那么请查看此处:管理权限

It is easy to confuse administrator privilege in general with elevated privileges of a specific instance and I just want to highlight that this question/answer does not deal with process elevation status checking. The requirement is to generally ascertain whether or not a logged on user is an administrators group member. Much more common is the need to determine whether or not your script is running with administrator privileges. If this is what you require then please look here instead: Administrative privileges

在这种特殊情况下，有一个禁用管理共享的策略(排除了我在 Windows XP 中使用的先前使用 \127.0.0.1\admin$ 测试管理共享是否存在的技术，以确定当前用户是否是管理员).[/编辑]

In this particular case, there is a policy disabling the admin shares (ruling out a previous technique I used with Windows XP of testing for the existence of the admin share using \127.0.0.1\admin$ to determine if the current user is an administrator). [/Edit]

下面是我收集并编写的代码，看看登录用户是否是管理员.

Below is the code I gathered and wrote see if the logged on user is an administrator.

我希望这能帮助那些和我有同样需求的人.

I hope this helps someone else who requires the same thing that I did.

如果有人能提供更优雅的解决方案，我们将不胜感激！

If anyone can provide a more elegant solution it would be appreciated!