typedef enum _TOKEN_INFORMATION_CLASS {
TokenUser = 1,
TokenGroups,
TokenPrivileges,
TokenOwner,
TokenPrimaryGroup,
TokenDefaultDacl,
TokenSource,
TokenType,
TokenImpersonationLevel,
TokenStatistics,
TokenRestrictedSids,
TokenSessionId,
TokenGroupsAndPrivileges,
TokenSessionReference,
TokenSandBoxInert,
TokenAuditPolicy,
TokenOrigin,
TokenElevationType,
TokenLinkedToken,
TokenElevation,
TokenHasRestrictions,
TokenAccessInformation,
TokenVirtualizationAllowed,
TokenVirtualizationEnabled,
TokenIntegrityLevel,
TokenUIAccess,
TokenMandatoryPolicy,
TokenLogonSid,
MaxTokenInfoClass
} TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;
- TokenUser
The buffer receives a
TOKEN_USER structure that contains the user account of the token.
- TokenGroups
The buffer receives a
TOKEN_GROUPS structure that contains the group accounts associated with the token.
- TokenPrivileges
The buffer receives a
TOKEN_PRIVILEGES structure that contains the privileges of the token.
- TokenOwner
The buffer receives a
TOKEN_OWNER structure that contains the default owner security identifier (SID) for newly created objects.
- TokenPrimaryGroup
The buffer receives a
TOKEN_PRIMARY_GROUP structure that contains the default primary group SID for newly created objects.
- TokenDefaultDacl
The buffer receives a
TOKEN_DEFAULT_DACL structure that contains the default DACL for newly created objects.
- TokenSource
The buffer receives a
TOKEN_SOURCE structure that contains the source of the token. TOKEN_QUERY_SOURCE access is needed to retrieve this information.
- TokenType
The buffer receives a
TOKEN_TYPE value that indicates whether the token is a primary or impersonation token.
- TokenImpersonationLevel
The buffer receives a
SECURITY_IMPERSONATION_LEVEL value that indicates the impersonation level of the token. If the access token is not an impersonation token, the function fails.
- TokenStatistics
The buffer receives a
TOKEN_STATISTICS structure that contains various token statistics.
- TokenRestrictedSids
The buffer receives a
TOKEN_GROUPS structure that contains the list of restricting SIDs in a
restricted token.
- TokenSessionId
The buffer receives a DWORD value that indicates the Terminal Services session identifier that is associated with the token.
- If the token is associated with the terminal server console session, the session identifier is zero.
- If the token is associated with the terminal server client session, the session identifier is nonzero.
In a non-Terminal Services environment, the session identifier is zero.
If TokenSessionId is set with SetTokenInformation, the application must have the Act As Part Of the Operating System privilege, and the application must be enabled to set the session ID in a token.
- TokenGroupsAndPrivileges
The buffer receives a TOKEN_GROUPS_AND_PRIVILEGES structure that contains the user SID, the group accounts, the restricted SIDs, and the authentication ID associated with the token.
- TokenSessionReference
Reserved.
- TokenSandBoxInert
The buffer receives a DWORD value that is nonzero if the token includes the SANDBOX_INERT flag.
- TokenAuditPolicy
Reserved.
- TokenOrigin
The buffer receives a TOKEN_ORIGIN value.
If the token resulted from a logon that used explicit credentials, such as passing a name, domain, and password to the LogonUser function, then the TOKEN_ORIGIN structure will contain the ID of the logon session that created it.
If the token resulted from network authentication, such as a call to AcceptSecurityContext or a call to LogonUser with dwLogonType set to LOGON32_LOGON_NETWORK or LOGON32_LOGON_NETWORK_CLEARTEXT, then this value will be zero.
Windows XP/2000: This value is not supported.
- TokenElevationType
The buffer receives a TOKEN_ELEVATION_TYPE value that specifies the elevation level of the token.
- TokenLinkedToken
The buffer receives a TOKEN_LINKED_TOKEN structure that contains a handle to another token that is linked to this token.
- TokenElevation
The buffer receives a TOKEN_ELEVATION structure that specifies whether the token is elevated.
- TokenHasRestrictions
The buffer receives a DWORD value that is nonzero if the token has ever been filtered.
- TokenAccessInformation
The buffer receives a TOKEN_ACCESS_INFORMATION structure that specifies security information contained in the token.
- TokenVirtualizationAllowed
The buffer receives a DWORD value that is nonzero if virtualization is allowed for the token.
- TokenVirtualizationEnabled
The buffer receives a DWORD value that is nonzero if virtualization is enabled for the token.
- TokenIntegrityLevel
The buffer receives a TOKEN_MANDATORY_LABEL structure that specifies the token's integrity level.
- TokenUIAccess
The buffer receives a DWORD value that is nonzero if the token has the UIAccess flag set.
- TokenMandatoryPolicy
The buffer receives a TOKEN_MANDATORY_POLICY structure that specifies the token's mandatory integrity policy.
- TokenLogonSid
The buffer receives the token's logon security identifier (SID).
- MaxTokenInfoClass
The maximum value for this enumeration