LSA_TOKEN_INFORMATION_TYPE enumeration

The LSA_TOKEN_INFORMATION_TYPE enumeration specifies the levels of information that can be included in a logon token.

When the LSA calls either LsaApLogonUser, LsaApLogonUserEx, or LsaApLogonUserEx2 the authentication package is expected to return one of the following enumeration values to indicate the type of token information structure returned.

Syntax


typedef enum _LSA_TOKEN_INFORMATION_TYPE { 
  LsaTokenInformationNull,
  LsaTokenInformationV1
} LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;

Constants

LsaTokenInformationNull

The token information is stored in an LSA_TOKEN_INFORMATION_NULL structure.

This token information type is used for anonymous logons or null sessions, where a token is needed but the client's identity is unknown.

For example, a non-authenticated network circuit (such as a domain controller's null session) can be given NULL information. In this case, an anonymous token is generated for the logon. An anonymous token does not permit access to protected system resources, but does allow access to unprotected system resources.

LsaTokenInformationV1

The token information is stored in a LSA_TOKEN_INFORMATION_V1 structure. This structure contains information that an authentication package can place in a Version 1 Windows token object. A Version 1 Windows token object stores all the information needed to build a token and is used in most logon cases. The LSA creates the token object, and returns a handle to that token object to the caller of LsaLogonUser.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Ntsecpkg.h

 

 

Community Additions

ADD
Show:
© 2014 Microsoft