Merge f357475 into 48ecd67

eg/WinApi/User.py

@@ -16,9 +16,62 @@
 # You should have received a copy of the GNU General Public License along
 # with EventGhost. If not, see <http://www.gnu.org/licenses/>.
 
+import platform
+
+import ntsecuritycon
+import pywintypes
 import win32api
 import win32net
-import platform
+from win32net import NetUserModalsGet
+from win32security import LookupAccountSid
+
+
+# -------------------------------------------------------------------
+# `LookupAliasFromRid` and `LookupUserGroupFromRid` from
+# https://github.com/mhammond/pywin32/blob/master/win32/Demos/security/localized_names.py
+
+def lookup_alias_from_rid(TargetComputer, Rid):
+    # Sid is the same regardless of machine, since the well-known
+    # BUILTIN domain is referenced.
+    sid = pywintypes.SID()
+    sid.Initialize(ntsecuritycon.SECURITY_NT_AUTHORITY, 2)
+
+    for i, r in enumerate((ntsecuritycon.SECURITY_BUILTIN_DOMAIN_RID, Rid)):
+        sid.SetSubAuthority(i, r)
+
+    name, domain, typ = LookupAccountSid(TargetComputer, sid)
+    return name
+
+
+def lookup_user_group_from_rid(TargetComputer, Rid):
+    # get the account domain Sid on the target machine
+    # note: if you were looking up multiple sids based on the same
+    # account domain, only need to call this once.
+    umi2 = NetUserModalsGet(TargetComputer, 2)
+    domain_sid = umi2['domain_id']
+
+    sub_authority_count = domain_sid.GetSubAuthorityCount()
+
+    # create and init new sid with acct domain Sid + acct Rid
+    sid = pywintypes.SID()
+    sid.Initialize(domain_sid.GetSidIdentifierAuthority(),
+                   sub_authority_count + 1)
+
+    # copy existing subauthorities from account domain Sid into
+    # new Sid
+    for i in range(sub_authority_count):
+        sid.SetSubAuthority(i, domain_sid.GetSubAuthority(i))
+
+    # append Rid to new Sid
+    sid.SetSubAuthority(sub_authority_count, Rid)
+
+    name, domain, typ = LookupAccountSid(TargetComputer, sid)
+    return name
+
+
+# -------------------------------------------------------------------
+
+ADMIN_GROUP_NAME = lookup_alias_from_rid(None, ntsecuritycon.DOMAIN_ALIAS_RID_ADMINS)
 
 
 def NameSamCompatible():
@@ -77,7 +130,7 @@ def IsLocalAdmin():
 
     :rtype: bool
     """
-    return 'Administrators' in Groups()
+    return ADMIN_GROUP_NAME in Groups()
 
 
 def IsDomainAdmin():
@@ -93,7 +146,7 @@ def IsDomainAdmin():
         return False
     else:
         try:
-            return 'Administrators' in Groups(server=Domain())
+            return ADMIN_GROUP_NAME in Groups(server=Domain())
         except win32net.error as err:
             if err[0] == 1722:
                 return False