Login/Register
How to view user privileges using windows cmd?
Asked Answered
Solved windowspowershellcmdprivilegeswmic
H

9

42

I am trying to view the user privileges using the command prompt in Windows. User account & User privileges such as:

SeBatchLogonRight
SeDenyBatchLogonRight
SeInteractiveLogonRight
SeDenyInteractiveLogonRight
SeServiceLogonRight
SeDenyServiceLogonRight
SeNetworkLogonRight
SeDenyNetworkLogonRight

I tried using ntrights but it's not working. I can't use any tool as I am trying to create an automated script for an OS audit.

Hepcat answered 23/7, 2012 at 6:24 Comment(2)
When you say ntrights is "not working", what exactly goes wrong?Silvertongued
Assuming it does not necessarily have to be cmd.exe: maybe you can do this wih powershell? if so, maybe ask the question again here, this time with "powershell" tag.Gammy
P
21

I'd start with:

secedit /export /areas USER_RIGHTS /cfg OUTFILE.CFG

Then examine the line for the relevant privilege. However, the problem now is that the accounts are listed as SIDs, not usernames.

Puritanism answered 27/7, 2012 at 22:48 Comment(5)
Worth a mention... To find out which privs the current user has, use WHOAMI /PRIV.Puritanism
More details on secedit here.Garges
Would be good if you could explain the details of this command better. I didn't get any sensible output from that on Win8.1.Garges
This is pretty horrible to use but it works well. After exporting the template using Simon's command above, you can import it again using: Secedit /configure /db secedit.sdb /cfg outfile.cfg /quiet /areas USER_RIGHTSIsagogics
I'm not sure whether this will work for rights that are acquired indirectly, e.g., via group membership.Silvertongued
P
63

You can use the following commands:

whoami /priv
whoami /all

For more information, check whoami @ technet.

Pacification answered 23/8, 2013 at 8:47 Comment(3)
Note that it's only available out of the box since Vista. In XP, it's in the "Windows XP SP2 Support Tools" download.Absolution
This is the best answer. IMHO Anyone still using XP needs to upgradePervasive
Note that this will work for privileges but not for rights.Silvertongued
F
24

Mark Russinovich wrote a terrific tool called AccessChk that lets you get this information from the command line. No installation is necessary.

http://technet.microsoft.com/en-us/sysinternals/bb664922.aspx

For example:

accesschk.exe /accepteula -q -a SeServiceLogonRight

Returns this for me:

IIS APPPOOL\DefaultAppPool
IIS APPPOOL\Classic .NET AppPool
NT SERVICE\ALL SERVICES

By contrast, whoami /priv and whoami /all were missing some entries for me, like SeServiceLogonRight.

Fikes answered 7/1, 2014 at 7:2 Comment(4)
Tremendous -- not least, allows verification of the right for another user without impersonation with RUNAS.Shikoku
Yes, whoami /priv will only work for privileges, not rights, because it works by examining the current user token. Rights are only used at logon time, so there's no need for them to be kept in the token.Silvertongued
In later versions of acceschk, -q has been replaced with -nobannerApriorism
AccessChk only works with domain accounts.Apriorism
P
21

I'd start with:

secedit /export /areas USER_RIGHTS /cfg OUTFILE.CFG

Then examine the line for the relevant privilege. However, the problem now is that the accounts are listed as SIDs, not usernames.

Puritanism answered 27/7, 2012 at 22:48 Comment(5)
Worth a mention... To find out which privs the current user has, use WHOAMI /PRIV.Puritanism
More details on secedit here.Garges
Would be good if you could explain the details of this command better. I didn't get any sensible output from that on Win8.1.Garges
This is pretty horrible to use but it works well. After exporting the template using Simon's command above, you can import it again using: Secedit /configure /db secedit.sdb /cfg outfile.cfg /quiet /areas USER_RIGHTSIsagogics
I'm not sure whether this will work for rights that are acquired indirectly, e.g., via group membership.Silvertongued
K
2

Go to command prompt and enter the command,

net user <username>

Will show your local group memberships.

If you're on a domain, use localgroup instead:

net localgroup Administrators or net localgroup [Admin group name]

Check the list of local groups with localgroup on its own.

net localgroup
Khadijahkhai answered 23/7, 2012 at 6:40 Comment(2)
I need the detailed privileges of all users as i am logged in as admin... not the basic user info...Hepcat
Group membership is a different concept than user privileges. Use whoami /privPervasive
R
0

I wrote an open source tool that might be of assistance:

https://github.com/Bill-Stewart/PrivMan

To view a specific account (user or group) privileges/rights, you would use:

PrivMan -a username --list

The output will be the list of privileges/rights (e.g., SeServiceLogonRight, etc.) directly assigned to that account.

Radburn answered 22/1, 2024 at 21:15 Comment(0)
S
0

This is not using windows command but leaving it hear because it came handy for me.

There is a tool https://github.com/winsiderss/systeminformer/ (successor of Process Hacker) which allows inspecting the token for each process and lists privileges available on the token. So if we find a process executing as the user we care about, we can check privileges availble to the token which is essentially the privileges availble to the user. If we start System Informer as NT Authority\System using a tool like psexec we can inspect tokens for every user.

Sodomy answered 13/5, 2024 at 16:45 Comment(0)
A
0

Install the newly released modul Carbon.Security which works on both local accounts and domain accounts

Get-CPrivilege -Identity <user>

Carbon has been around a long while, but it's gotten pretty big. So the new release splits Carbon into several smaller modules instead.

Apriorism answered 17/6, 2024 at 14:39 Comment(0)
S
0

You may also use Windows PowerShell or the PowerShell window in Visual Studio and use the following command:

Get-ADPrincipalGroupMembership -Identity "username" | Select-Object -ExpandProperty Name

If you want the specific information attached to each role, you can do it this way:

Get-ADUser -Identity "username" | Get-ADPrincipalGroupMembership
Supervise answered 27/6, 2024 at 16:11 Comment(0)
S
-4

Use whoami /priv command to list all the user privileges.

Supercharge answered 5/6, 2017 at 12:59 Comment(1)
You should not duplicate existing answers, especially that there already is a more complete answer.Barbour

© 2022 - 2025 — McMap. All rights reserved.