Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All
Expand Minimize

NtCompareTokens function

The NtCompareTokens function compares two access tokens and determines whether they are equivalent with respect to a call to the AccessCheck function.

Syntax


NTSTATUS NTAPI NtCompareTokens(
  _In_  HANDLE   FirstTokenHandle,
  _In_  HANDLE   SecondTokenHandle,
  _Out_ PBOOLEAN Equal
);

Parameters

FirstTokenHandle [in]

A handle to the first access token to compare. The token must be open for TOKEN_QUERY access.

SecondTokenHandle [in]

A handle to the second access token to compare. The token must be open for TOKEN_QUERY access.

Equal [out]

A pointer to a variable that receives a value that indicates whether the tokens represented by the FirstTokenHandle and SecondTokenHandle parameters are equivalent.

Return value

If the function succeeds, the function returns STATUS_SUCCESS.

If the function fails, it returns an NTSTATUS error code.

Remarks

Two access control tokens are considered to be equivalent if all of the following conditions are true:

  • Every security identifier (SID) that is present in either token is also present in the other token.
  • Neither or both of the tokens are restricted.
  • If both tokens are restricted, every SID that is restricted in one token is also restricted in the other token.
  • Every privilege present in either token is also present in the other token.

This function has no associated import library or header file; you must call it using the LoadLibrary and GetProcAddress functions.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

Ntseapi.h

DLL

Ntdll.dll

 

 

Community Additions

ADD
Show:
© 2015 Microsoft