Home Library Learn Downloads Support Community
Sign in | United States - English | |
This topic has not yet been rated - Rate this topic

CreateToken function

Applies to: desktop apps only

The CreateToken function is used by SSP/APs to create tokens while processing calls to SpAcceptLsaModeContext.

Syntax

Copy 
NTSTATUS CreateToken(
  __in   PLUID LogonId,
  __in   PTOKEN_SOURCE TokenSource,
  __in   SECURITY_LOGON_TYPE LogonType,
  __in   SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
  __in   LSA_TOKEN_INFORMATION_TYPE TokenInformationType,
  __in   PVOID TokenInformation,
  __in   PTOKEN_GROUPS TokenGroups,
  __in   PUNICODE_STRING AccountName,
  __in   PUNICODE_STRING AuthorityName,
  __in   PUNICODE_STRING Workstation,
  __in   PUNICODE_STRING ProfilePath,
  __out  PHANDLE Token,
  __out  PNTSTATUS SubStatus
);

Parameters

LogonId [in]

Pointer to a logon session identifier for the new token. This identifier is obtained from a previous call to CreateLogonSession.

TokenSource [in]

Pointer to a TOKEN_SOURCE structure that specifies the source for this token. Specify the package name.

LogonType [in]

A SECURITY_LOGON_TYPE value that indicates the type of logon.

ImpersonationLevel [in]

A SECURITY_IMPERSONATION_LEVEL value that indicates the extent to which a server process can impersonate a client process.

TokenInformationType [in]

Specifies the type of structure in the TokenInformation parameter.

ValueMeaning
LsaTokenInformationNull

LSA_TOKEN_INFORMATION_NULL

LsaTokenInformationV1

LSA_TOKEN_INFORMATION_V1

 

TokenInformation [in]

Pointer to the token information. The type of structure pointed to by TokenInformation is indicated by the TokenInformationType parameter.

If the structure pointed to by this parameter is an LSA_TOKEN_INFORMATION_V1 structure, the caller must allocate the memory for the Groups member of that structure by calling the AllocatePrivateHeap function.

TokenGroups [in]

Pointer to a TOKEN_GROUPS structure that specifies groups not contained in TokenInformation.

AccountName [in]

Pointer to a UNICODE_STRING structure that contains the name of the security principal. This information is used for auditing and name searches.

AuthorityName [in]

Pointer to a UNICODE_STRING structure that contains the name of the authority that validated the logon credentials, normally the Windows domain name.

Workstation [in]

Pointer to a UNICODE_STRING structure that contains the name of the client's workstation, normally a NetBIOS name.

ProfilePath [in]

Pointer to a UNICODE_STRING structure that contains the path to the user's profile, if any.

Token [out]

Pointer that receives the address of a handle to the new token. When you have finished using the handle, close it by calling the CloseHandle function.

SubStatus [out]

Pointer to a variable that receives error information.

Return value

If the function succeeds, the return value is STATUS_SUCCESS.

If the function fails, the return value is an NTSTATUS code that indicates the reason it failed.

Remarks

A pointer to the CreateToken function is available in the LSA_SECPKG_FUNCTION_TABLE structure received by the SpInitialize function.

Requirements

Minimum supported client

Windows 2000 Professional

Minimum supported server

Windows 2000 Server

Header
Ntsecpkg.h

See also

SpAcceptLsaModeContext
LSA_SECPKG_FUNCTION_TABLE
SpInitialize

 

 

Send comments about this topic to Microsoft

Build date: 3/13/2012

Did you find this helpful?
(1500 characters remaining)
Community Content Add
Annotations FAQ