How To Detect If The Command Prompt Is Running Elevated

As I was setting up my Console2 shell tabs I was curious if running Console2 as an administrator would transfer the elevated privileges token to the tabs as well.

Turns out detecting this was not as straightforward as I thought it would be!

TL;DR

If you need to know how to detect if the command prompt is running elevated (or your script) use the following command:

whoami /groups

If the output contains these lines the process is running elevated:

Mandatory Label\High Mandatory Level Label            S-1-16-12288
                    Mandatory group, Enabled by default, Enabled group

The Long Answer

With the addition of User Account Control to Windows Vista the platform gained integrity levels – an integrity level indicates how much an application can be trusted to perform  actions on the system, e.g. accessing files or the registry and interacting with other processes. By adding this additional security feature to the OS it now has another indicator to help isolate (sandbox) programs and prevent them from going rogue on your system. Very cool!

The following integrity levels are supported:

• Untrusted – processes that are logged on anonymously are automatically designated as Untrusted
• Low – The Low integrity level is the level used by default for interaction with the Internet. As long as Internet Explorer is run in its default state, Protected Mode, all files and processes associated with it are assigned the Low integrity level. Some folders, such as the Temporary Internet Folder, are also assigned the Low integrity level by default.
• Medium – Medium is the context that most objects will run in. Standard users receive the Medium integrity level, and any object not explicitly designated with a lower or higher integrity level is Medium by default.
• High – Administrators are granted the High integrity level. This ensures that Administrators are capable of interacting with and modifying objects assigned Medium or Low integrity levels, but can also act on other objects with a High integrity level, which standard users can not do.
• System – As the name implies, the System integrity level is reserved for the system. The Windows kernel and core services are granted the System integrity level. Being even higher than the High integrity level of Administrators protects these core functions from being affected or compromised even by Administrators.
• Installer – The Installer integrity level is a special case and is the highest of all integrity levels. By virtue of being equal to or higher than all other WIC integrity levels, objects assigned the Installer integrity level are also able to uninstall all other objects.

 

For more info see the Windows Integrity Mechanism Design.

HP a1750e Upgrade to Windows 7

I upgraded my HP Pavilion a1750e machine from Vista to Windows 7 (32 bit) over the weekend, here is how it all went down…

Preparation

Before doing anything I wanted to make sure my system would be able to run Windows 7 so I downloaded the upgrade advisor and performed an analysis. The analysis takes a couple of minutes to do its work before showing you a report with all the (potential) problems you will encounter, allowing you to get your system ready before taking the big leap into an exciting new OS. The report is split up in sections covering the system hardware, devices (drivers) and programs.

One of the first things the upgrade report points out in the system section is the HP webpage describing how to upgrade your system, i recommend you take a look at it.

Drivers were listed as available for all hardware devices that come standard with this system. Two ‘unknown’ devices were listed for me: “HP psc 1600 series” (a printer) and “Yamaha USB-MIDI Driver (WDM)”. I took the opportunity to install the latest USB-MIDI driver from Yamaha (um304x86 at the time of this writing), it still functioned properly after the upgrade. The printer driver was automatically updated by the hardware wizard after the upgrade.

The programs section looked a little more problematic:

• Canon Camera Window MC 6 for ZoomBrowser EX, version 6.3.0.8, Known issues.
  I uninstalled this program before upgrading.
• Hardware Diagnostic Tools, version 5.00.4262.12, PC-Doctor, Inc., Update available.
  I have never used this program and did not update it. - If you experienced problems with it please leave me a comment.
• iTunes, version 7.4.0.28, Apple Inc., Reinstall after upgrade.
  I uninstalled this program before upgrading.
• Microsoft Expression Web, version 12.0.6215.1000, Microsoft Corporation, Update available.
  I did not bother updating it (yet).
• Roxio Express Labeler 3, version 2.1.0, Roxio, Update available.
  I did not update this program (yet). - If you experienced problems with this program please leave me a comment.
• Skype™ 3.8, version 3.8.188, Skype Technologies S.A., Known issues.
  I upgraded Skype to the latest version before upgrading which made the warning go away.
• Windows Mobile Device Center, version 6.1.6965.0, Microsoft Corporation, Reinstall after upgrade.
  I uninstalled this program before upgrading, then reinstalled Windows Mobile Device Center after the upgrade and connected my iPaq. The driver got automatically installed and it appears to function properly.

Execution

After all this prep work I started the upgrade which completed successfully in approximately three hours.

My system is the lucky owner of two sound devices, onboard “Realtek High Definition Audio” and a “Creative AudioPCI (ES1371,ES1373) (WDM)” card, the settings for these devices were seamlessly transferred during the upgrade and they still function properly. Very impressive. I think it is very cool you can hot-switch default audio output devices while playing sound in Windows 7!

Issues

Two issues I am aware of thus far:

• Canon Camera Window MC 6 for ZoomBrowser EX
  After upgrading I downloaded the latest ZoomBrowser EX installer from the Canon website: ZoomBrowser EX 6.4.1 Updater, Windows 7 is not available as a supported OS for downloads so I picked the Vista version. Unfortunately the Camera Window application is not functioning. – Setting the CameraWindow application to run in Vista SP2 compatibility mode will resolve this issue.
• Powersaving for the display does not work (NVIDIA GeForce 7900 GT/GTO).
  The display will go black but it never gets turned off. -  This issue was caused by the screensaver, changing to a different screensaver resolved the issue.