Yes, sometimes I’m writing a batch file and I need to check if the user is running this as an elevated user. Archaic, I know, but it’s needed. You basically need to check if the current user is part of the “High” Integrity Level group.
I’m posting this because I have the hardest time trying to search for this whenever I need it. Unlike the other kludgey solutions on the net, this one actually inspects the Mandatory Integrity Control in Windows Vista/7/8.
Run this command:
whoami.exe /GROUPS | find "S-1-16-12288" > nul if "%errorlevel%"=="0" ( echo You are elevated. ) else ( echo You are not elevated. )
If you need to do this in PowerShell, you can use:
([Security.Principal.WindowsIdentity]::GetCurrent().Groups.Value -contains "S-1-5-32-544")
If you need to relaunch the batch file as Administrator, you’ll need to rely on some crafty PowerShell code:
powershell.exe -command Start-Process -Verb RunAs -FilePath cmd.exe -ArgumentList '/c %~f0'