The IsTokenRestricted function indicates whether a token contains a list of restricted security identifiers (SIDs).
Syntax
BOOL WINAPI IsTokenRestricted(
__in HANDLE TokenHandle
);
Parameters
- TokenHandle [in]
-
A handle to an access token to test.
Return Value
If the token contains a list of restricting SIDs, the return value is nonzero.
If the token does not contain a list of restricting SIDs, the return value is zero.
If an error occurs, the return value is zero. To get extended error information, call
GetLastError.
Remarks
The
CreateRestrictedToken function can restrict a token by disabling SIDs, deleting privileges, and specifying a list of restricting SIDs. The IsTokenRestricted function checks only for the list of restricting SIDs. If a token does not have any restricting SIDs, IsTokenRestricted returns FALSE, even though the token was created by a call to CreateRestrictedToken.
Requirements
| Minimum supported client | Windows 2000 Professional |
|---|
| Minimum supported server | Windows 2000 Server |
|---|
| Header | Winbase.h (include Windows.h) |
|---|
| Library | Advapi32.lib |
|---|
| DLL | Advapi32.dll |
|---|
See Also
- Access Control Overview
- Basic Access Control Functions
- CreateRestrictedToken
Send comments about this topic to Microsoft
Build date: 9/11/2009