Export (0) Print
Expand All
Expand Minimize

NtCompareTokens function

The NtCompareTokens function compares two access tokens and determines whether they are equivalent with respect to a call to the AccessCheck function.

Syntax


NTSTATUS NTAPI NtCompareTokens(
  _In_   HANDLE FirstTokenHandle,
  _In_   HANDLE SecondTokenHandle,
  _Out_  PBOOLEAN Equal
);

Parameters

FirstTokenHandle [in]

A handle to the first access token to compare. The token must be open for TOKEN_QUERY access.

SecondTokenHandle [in]

A handle to the second access token to compare. The token must be open for TOKEN_QUERY access.

Equal [out]

A pointer to a variable that receives a value that indicates whether the tokens represented by the FirstTokenHandle and SecondTokenHandle parameters are equivalent.

Return value

If the function succeeds, the function returns STATUS_SUCCESS.

If the function fails, it returns an NTSTATUS error code.

Remarks

Two access control tokens are considered to be equivalent if all of the following conditions are true:

  • Every security identifier (SID) that is present in either token is also present in the other token.
  • Neither or both of the tokens are restricted.
  • If both tokens are restricted, every SID that is restricted in one token is also restricted in the other token.
  • Every privilege present in either token is also present in the other token.

This function has no associated import library or header file; you must call it using the LoadLibrary and GetProcAddress functions.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Ntseapi.h

DLL

Ntdll.dll

 

 

Community Additions

ADD
Show:
© 2014 Microsoft