BOOL GetTokenInformation(TokenHandle, TokenInformationClass, TokenInformation, TokenInformationLength, ReturnLength) | |||
HANDLE TokenHandle; | |||
TOKEN_INFORMATION_CLASS TokenInformationClass; | |||
LPVOID TokenInformation; | |||
DWORD TokenInformationLength; | |||
PDWORD ReturnLength; |
The GetTokenInformation function retrieves various types of information about a specified token. The caller must have appropriate access privileges to obtain the information, as noted below in the discussion of the TokenInformation parameter.
TokenHandle
Handle to the token whose information the function will retrieve.
TokenInformationClass
Specifies the type of token information the function will retrieve and put into the buffer pointed to by TokenInformation. TOKEN_INFORMATION_CLASS is an enumerated type. Possible values are listed in the discussion of the TokenInformation parameter.
TokenInformation
Pointer to a buffer that the function will fill with the requested information. The buffer must be aligned on at least a longword boundary. The type of data structure put into the buffer depends upon the type of information specified by the TokenInformationClass parameter, as shown in this list:
Token Information Class | Structure Returned |
TokenUser | ||
TOKEN_USER data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_USER data structure has the following form: |
typedef struct _TOKEN_USER { /* tu */
SID_AND_ATTRIBUTES User;
} TOKEN_USER ;
TokenGroups | ||
TOKEN_GROUPS data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_GROUPS data structure has the following form: |
typedef struct _TOKEN_GROUPS { /* tg */
DWORD GroupCount;
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
} TOKEN_GROUPS ;
TokenPrivileges | ||
TOKEN_PRIVILEGES data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_PRIVILEGES data structure has the following form: |
typedef struct _TOKEN_PRIVILEGES { /* tp */
DWORD PrivilegeCount;
LUID_AND_ATTRIBUTES Privileges[ANYSIZE_ARRAY];
} TOKEN_PRIVILEGES ;
TokenOwner | ||
TOKEN_OWNER data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_OWNER data structure has the following form: |
typedef struct _TOKEN_OWNER { /* to */
PSID Owner;
} TOKEN_OWNER ;
TokenPrimaryGroup | ||
TOKEN_PRIMARY_GROUP data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_PRIMARY_GROUP data structure has the following form: |
typedef struct _TOKEN_PRIMARY_GROUP {
PSID PrimaryGroup;
} TOKEN_PRIMARY_GROUP ;
TokenDefaultDacl | ||
TOKEN_DEFAULT_DACL data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_DEFAULT_DACL data structure has the following form: |
typedef struct _TOKEN_DEFAULT_DACL {
PACL DefaultDacl;
} TOKEN_DEFAULT_DACL ;
TokenSource | ||
TOKEN_SOURCE data structure. TOKEN_QUERY_SOURCE access is needed to retrieve this information about a token. The TOKEN_SOURCE data structure has the following form: |
typedef struct _TOKEN_SOURCE { /* ts */
CHAR SourceName[8];
LUID SourceIdentifier;
} TOKEN_SOURCE ;
TokenType | ||
TOKEN_TYPE data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_TYPE data structure has the following form: |
typedef enum tagTOKEN_TYPE { /* tt */
TokenPrimary = 1,
TokenImpersonation
} TOKEN_TYPE ;
TokenImpersonationLevel | ||
SECURITY_IMPERSONATION_LEVEL data structure. TOKEN_QUERY access is needed to retrieve this information about a token. STATUS_INVALID_INFO_CLASS status is returned if the token type is not ImpersonationToken. The SECURITY_IMPERSONATION_LEVEL data structure has the following form: |
typedef enum tagSECURITY_IMPERSONATION_LEVEL { /* sil */
SecurityAnonymous = 1,
SecurityIdentification,
SecurityImpersonation,
SecurityDelegation
} SECURITY_IMPERSONATION_LEVEL ;
TokenStatistics | ||
TOKEN_STATISTICS data structure. TOKEN_QUERY access is needed to retrieve this information about a token. The TOKEN_STATISTICS data structure has the following form: |
typedef struct _TOKEN_STATISTICS { /* tst */
LUID TokenId;
LUID AuthenticationId;
LARGE_INTEGER ExpirationTime;
TOKEN_TYPE TokenType;
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel;
DWORD DynamicCharged;
DWORD DynamicAvailable;
DWORD GroupCount;
DWORD PrivilegeCount;
LUID ModifiedId;
} TOKEN_STATISTICS ;
TokenInformationLength
Specifies the size in bytes of the buffer pointed to by TokenInformation.
ReturnLength
Pointer to a variable that the function will set to the actual size in bytes of the requested information. If this value is larger than the value specified by TokenInformationLength, then the buffer pointed to by TokenInformation is too small, and the function stores no data into the buffer.
If the value of TokenInformationClass is TokenDefaultDacl, and the token has no default, the function sets the variable pointed to by ReturnLength to zero, and stores no data into the buffer.
The return value is TRUE if the function was successful, or FALSE if an error occurred. Use the GetLastError function to obtain extended error information.
AdjustTokenGroups, AdjustTokenPrivileges, OpenProcessToken, OpenThreadToken, SetTokenInformation