PrivilegeCheck

  BOOL PrivilegeCheck(ClientToken, Privileges, lpfResult)    
  HANDLE ClientToken;    
  PPRIVILEGE_SET Privileges;    
  LPBOOL lpfResult;    

The PrivilegeCheck function tests the caller's client's security context to see if it contains the specified privileges.

Parameters

ClientToken

Handle to a token object representing a client attempting access. This handle must be obtained by opening the token of a thread that is impersonating the client. The token must be open for TOKEN_QUERY access.

Privileges

Pointer to a set of privileges. The client's security context is to be checked to see which of the specified privileges are present. The results will be indicated in the attributes associated with each privilege. Note that flags in this parameter indicate whether all the privileges listed are needed, or any of the privileges.

lpfResult

Pointer to a Boolean variable that the function sets to indicate whether the client has all the specified privileges. A value of TRUE indicates the client has all the specified privileges. A value of FALSE indicates the client doesn't have them all.

Return Value

The return value is TRUE if the function was successful, or FALSE if an error occurred. Use the GetLastError function to obtain extended error information.

See Also

AccessCheck, AccessCheckAndAuditAlarm, AreAllAccessesGranted, AreAnyAccessesGranted, MapGenericMask, ObjectCloseAuditAlarm, ObjectOpenAuditAlarm, ObjectPrivilegeAuditAlarm, PrivilegedServiceAuditAlarm