Since migrating to AD we have noticed that although you may be an admin of a pc, there are times when you cannot install or run certain programs. The error message from the programs usually consists of something like "You must be an administrator to run this program." We have checked and in fact are admins.

Yesterday, I was tinkering with a script and included @priv in a if statement. Much to my surprise the script would not run. Finally I figured out @priv was returning "User".

Does anyone know where @priv determines this information, because maybe the two problems are connected.

The following script checks for permissions in various ways and the results for my account are:
code:
Priv       :  USER
Admin Group:  True
Local Admin:  True
  
Break on
? "Priv       :  " + @priv
? "Admin Group:  "
if ingroup("\\" + @wksta + "\administrators")
  "True"
else
  "False"
endif
? "Local Admin:  "
if localadmin()
  "True"
else
  "False"
endif
 

function LocalAdmin()
 $LocalAdmin=ingroup('@wksta\'+sidtoname('S-1-5-32-544'))-1+@inwin
endfunction