Impersonation Tokens
An impersonating thread has two access tokens:
-
A primary access token that describes the security context of the server. To get a handle to this token, call the OpenProcessToken function.
-
An impersonation access token that describes the security context of the client being impersonated. To get a handle to this token, call the OpenThreadToken function.
A server can use the impersonation token in the following functions: