The GetTokenInformation function retrieves a specified type of information about an access token. The calling process must have appropriate access rights to obtain the information.
BOOL GetTokenInformation(
HANDLE TokenHandle, // handle of access token
TOKEN_INFORMATION_CLASS TokenInformationClass,
// type of information to retrieve
LPVOID TokenInformation, // address of retrieved information
DWORD TokenInformationLength,
// size of information buffer
PDWORD ReturnLength // address of required buffer size
);
Token Information Class | Structure Returned |
---|---|
TokenUser | The buffer receives a TOKEN_USER structure containing the token's user account. |
TokenGroups | The buffer receives a TOKEN_GROUPS structure containing the group accounts associated with the token. |
TokenPrivileges | The buffer receives a TOKEN_PRIVILEGES structure containing the token's privileges. |
TokenOwner | The buffer receives a TOKEN_OWNER structure containing the default owner SID for newly created objects. |
TokenPrimaryGroup | The buffer receives a TOKEN_PRIMARY_GROUP structure containing the default primary group SID for newly created objects. |
TokenDefaultDacl | The buffer receives a TOKEN_DEFAULT_DACL structure containing the default DACL for newly created objects. |
TokenSource | The buffer receives a TOKEN_SOURCE structure containing the source of the token. TOKEN_QUERY_SOURCE access is needed to retrieve this information. |
TokenType | The buffer receives a TOKEN_TYPE value indicating whether the token is a primary or impersonation token. |
TokenImpersonationLevel | The buffer receives a SECURITY_IMPERSONATION_LEVEL value indicating the impersonation level of the token. If the access token is not an impersonation token, the function fails. |
TokenStatistics | The buffer receives a TOKEN_STATISTICS structure containing various token statistics. |
TokenRestrictedSids | The buffer receives a TOKEN_GROUPS structure containing the list of restricting SIDs in a restricted token. |
If the value of the TokenInformationClass parameter is TokenDefaultDacl and the token has no default DACL, the function sets the variable pointed to by ReturnLength to sizeof(TOKEN_DEFAULT_DACL) and sets the DefaultDacl member of the TOKEN_DEFAULT_DACL structure to NULL.
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError.
Windows NT: Requires version 3.1 or later.
Windows: Unsupported.
Windows CE: Unsupported.
Header: Declared in winbase.h.
Import Library: Use advapi32.lib.
Access Control Overview, Access Control Functions, AdjustTokenGroups, AdjustTokenPrivileges, OpenProcessToken, OpenThreadToken, SetTokenInformation, SECURITY_IMPERSONATION_LEVEL, TOKEN_DEFAULT_DACL, TOKEN_GROUPS, TOKEN_INFORMATION_CLASS, TOKEN_OWNER, TOKEN_PRIMARY_GROUP, TOKEN_PRIVILEGES, TOKEN_SOURCE, TOKEN_STATISTICS, TOKEN_TYPE, TOKEN_USER