OpenProcessToken function

Applies to: desktop apps only

The OpenProcessToken function opens the access token associated with a process.

Syntax

BOOL WINAPI OpenProcessToken(
  __in   HANDLE ProcessHandle,
  __in   DWORD DesiredAccess,
  __out  PHANDLE TokenHandle
);

Parameters

ProcessHandle [in]

A handle to the process whose access token is opened. The process must have the PROCESS_QUERY_INFORMATION access permission.

DesiredAccess [in]

Specifies an access mask that specifies the requested types of access to the access token. These requested access types are compared with the discretionary access control list (DACL) of the token to determine which accesses are granted or denied.

For a list of access rights for access tokens, see Access Rights for Access-Token Objects.

TokenHandle [out]

A pointer to a handle that identifies the newly opened access token when the function returns.

Return value

If the function succeeds, the return value is nonzero.

If the function fails, the return value is zero. To get extended error information, call GetLastError.

Remarks

Close the access token handle returned through the TokenHandle parameter by calling CloseHandle.

Requirements

Minimum supported client	Windows XP
Minimum supported server	Windows Server 2003
Header	Winbase.h (include Windows.h)
Library	Advapi32.lib
DLL	Advapi32.dll

See also

Access Control

Basic Access Control Functions

AccessCheck

AdjustTokenGroups

AdjustTokenPrivileges

CloseHandle

GetTokenInformation

OpenThreadToken

SetTokenInformation

 

 

Send comments about this topic to Microsoft

Build date: 3/7/2012

double post

sorry. it was a double post. i don't know how to remove a post here.

Checking if the current application has been executed with elevated rights.

This is an example which explains how to check the elevation level of the current process. The function returns 1 if the process is executed with Full or Default rights. Else it returns a 0. A return value of -1 indicates that an error has occured.

int isElevatedProcess()
{
    HANDLE h_Process;
    HANDLE h_Token;
    
    TOKEN_ELEVATION t_TokenElevation;
    TOKEN_ELEVATION_TYPE e_ElevationType;

    DWORD dw_TokenLength;

    h_Process = GetCurrentProcess();

    if(OpenProcessToken(h_Process,TOKEN_READ,&h_Token) == FALSE)
    {
        printf("Error: Couldn't open the process token\n");
        return -1;
    }

    if(GetTokenInformation(h_Token,TokenElevation,&t_TokenElevation,sizeof(t_TokenElevation),&dw_TokenLength) == FALSE)
    {
        printf("Error: Couldn't retrieve the elevation right of the current process token\n");
        return -1;
    }

    if(t_TokenElevation.TokenIsElevated != 0)
    {
        if(GetTokenInformation(h_Token,TokenElevationType,&e_ElevationType,sizeof(e_ElevationType),&dw_TokenLength) == FALSE)
        {
            printf("Error: Couldn't retrieve the elevation token class\n");
            return -1;
        }
        else
        {
            if(e_ElevationType == TokenElevationTypeFull || e_ElevationType == TokenElevationTypeDefault)
            {
                return 1;
            }
            else
            {
                return 0;
            }
        }
    }
    else
    {
        return 0;
    }

    if(CloseHandle(h_Token) == FALSE)
    {
        printf("Error: Couldn't close the process token\n");
        return -1;
    }
}

vb.net syntax

<DllImport("advapi32.dll", CharSet:=CharSet.Unicode, SetLastError:=True)> _
Public Shared Function OpenProcessToken(<[In]> ByVal ProcessToken As IntPtr, <[In]> ByVal DesiredAccess As TokenAccessLevels, 

<Out()> ByRef TokenHandle As IntPtr) As Boolean
End Function

VB.NET

Dim hToken As IntPtr = WindowsIdentity.GetCurrent(TokenAccessLevels.AdjustPrivileges Or TokenAccessLevels.Query).Token

C# syntax

[DllImport("advapi32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
internal static extern bool OpenProcessToken([In] IntPtr ProcessToken, [In] TokenAccessLevels DesiredAccess, [In, Out] ref IntPtr TokenHandle);