Share via

3.1.3 Determining Whether a Caller Is an Administrator

  • Article

During processing of methods that implement access checks of whether the caller is an administrator, this protocol performs access security verification on the caller's identity by using the support function SidInToken ([MS-DTYP] section 2.5.3.1.1). The input parameters of that algorithm are mapped as follows:

  • Token: MUST be the caller's token.

  • SidToTest: MUST be the SID of administrators.

  • PrincipalSelfSubstitute: MUST be NULL.