ACE
ACL
SID
Expand Minimize

TOKEN_ACCESS_INFORMATION structure

The TOKEN_ACCESS_INFORMATION structure specifies all the information in a token that is necessary to perform an access check.

Note  This structure doesn't contain token claim information. Applications that support conditional expression access control entries (ACEs) should not use this structure for verifying access. For information about access validation support for conditional expressions, see the AuthzAccessCheck and AccessCheckAndAuditAlarm functions.

Syntax


typedef struct _TOKEN_ACCESS_INFORMATION {
  PSID_AND_ATTRIBUTES_HASH     SidHash;
  PSID_AND_ATTRIBUTES_HASH     RestrictedSidHash;
  PTOKEN_PRIVILEGES            Privileges;
  LUID                         AuthenticationId;
  TOKEN_TYPE                   TokenType;
  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
  TOKEN_MANDATORY_POLICY       MandatoryPolicy;
  DWORD                        Flags;
  DWORD                        AppContainerNumber;
  PSID                         PackageSid;
  PSID_AND_ATTRIBUTES_HASH     CapabilitiesHash;
  PSID                         TrustLevelSid;
} TOKEN_ACCESS_INFORMATION, *PTOKEN_ACCESS_INFORMATION;

Members

SidHash

A pointer to a SID_AND_ATTRIBUTES_HASH structure that specifies a hash of the token's security identifier (SID).

RestrictedSidHash

A pointer to a SID_AND_ATTRIBUTES_HASH structure that specifies a hash of the token's restricted SID.

Privileges

A pointer to a TOKEN_PRIVILEGES structure that specifies information about the token's privileges.

AuthenticationId

A LUID structure that specifies the token's identity.

TokenType

A value of the TOKEN_TYPE enumeration that specifies the token's type.

ImpersonationLevel

A value of the SECURITY_IMPERSONATION_LEVEL enumeration that specifies the token's impersonation level.

MandatoryPolicy

A TOKEN_MANDATORY_POLICY structure that specifies the token's mandatory integrity policy.

Flags

Reserved. Must be set to zero.

AppContainerNumber

The app container number for the token or zero if this is not an app container token.

Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista:  This member is not available.

PackageSid

The app container SID or NULL if this is not an app container token.

Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista:  This member is not available.

CapabilitiesHash

Pointer to a SID_AND_ATTRIBUTES_HASH structure that specifies a hash of the token's capability SIDs.

Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista:  This member is not available.

TrustLevelSid

The protected process trust level of the token.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2008 [desktop apps only]

Header

Winnt.h (include Windows.h)

See also

TOKEN_INFORMATION_CLASS

 

 

Community Additions

ADD
Show:
© 2014 Microsoft