_TOKEN_INFORMATION_CLASS Enumeration

The TOKEN_INFORMATION_CLASS enumeration type contains values that specify the type of information being assigned to or retrieved from an access token.

SeQueryInformationToken and ZwQueryInformationToken use TOKEN_INFORMATION_CLASS values to indicate the type of token information to retrieve.

Syntax

typedef enum _TOKEN_INFORMATION_CLASS {
  TokenUser                             ,
  TokenGroups                           ,
  TokenPrivileges                       ,
  TokenOwner                            ,
  TokenPrimaryGroup                     ,
  TokenDefaultDacl                      ,
  TokenSource                           ,
  TokenType                             ,
  TokenImpersonationLevel               ,
  TokenStatistics                       ,
  TokenRestrictedSids                   ,
  TokenSessionId                        ,
  TokenGroupsAndPrivileges              ,
  TokenSessionReference                 ,
  TokenSandBoxInert                     ,
  TokenAuditPolicy                      ,
  TokenOrigin                           ,
  TokenElevationType                    ,
  TokenLinkedToken                      ,
  TokenElevation                        ,
  TokenHasRestrictions                  ,
  TokenAccessInformation                ,
  TokenVirtualizationAllowed            ,
  TokenVirtualizationEnabled            ,
  TokenIntegrityLevel                   ,
  TokenUIAccess                         ,
  TokenMandatoryPolicy                  ,
  TokenLogonSid                         ,
  TokenIsAppContainer                   ,
  TokenCapabilities                     ,
  TokenAppContainerSid                  ,
  TokenAppContainerNumber               ,
  TokenUserClaimAttributes              ,
  TokenDeviceClaimAttributes            ,
  TokenRestrictedUserClaimAttributes    ,
  TokenRestrictedDeviceClaimAttributes  ,
  TokenDeviceGroups                     ,
  TokenRestrictedDeviceGroups           ,
  TokenSecurityAttributes               ,
  TokenIsRestricted                     ,
  TokenProcessTrustLevel                ,
  TokenPrivateNameSpace                 ,
  TokenSingletonAttributes              ,
  TokenBnoIsolation                     ,
  TokenChildProcessFlags                ,
  MaxTokenInfoClass
} TOKEN_INFORMATION_CLASS, *PTOKEN_INFORMATION_CLASS;

Constants

TokenUser The buffer receives a TOKEN_USER structure containing the token's user account.
TokenGroups The buffer receives a TOKEN_GROUPS structure containing the group accounts associated with the token.
TokenPrivileges The buffer receives a TOKEN_PRIVILEGES structure containing the token's privileges.
TokenOwner The buffer receives a TOKEN_OWNER structure containing the default owner SID for newly created objects.
TokenPrimaryGroup The buffer receives a TOKEN_PRIMARY_GROUP structure containing the default primary group SID for newly created objects.
TokenDefaultDacl The buffer receives a TOKEN_DEFAULT_DACL structure containing the default discretionary ACL (DACL)) for newly created objects.
TokenSource The buffer receives a TOKEN_SOURCE structure containing the source of the token. TOKEN_QUERY_SOURCE access is needed to retrieve this information.
TokenType The buffer receives a TOKEN_TYPE value indicating whether the token is a primary or impersonation token.
TokenImpersonationLevel The buffer receives a SECURITY_IMPERSONATION_LEVEL value indicating the impersonation level of the token. If the access token is not an impersonation token, the call to SeQueryInformationToken or ZwQueryInformationToken fails.
TokenStatistics The buffer receives a TOKEN_STATISTICS structure containing various token statistics.
TokenRestrictedSids The buffer receives a TOKEN_GROUPS structure containing the list of restricting SIDs in a restricted token. This value is valid starting with Windows Vista.
TokenSessionId The buffer receives a DWORD value that indicates the Terminal Services session identifier associated with the token. If the token is associated with the Terminal Server console session, the session identifier is zero. A nonzero session identifier indicates a Terminal Services client session. In a non-Terminal Services environment, the session identifier is zero. This value is valid starting with Windows Vista.
TokenGroupsAndPrivileges The buffer receives a TOKEN_GROUPS_AND_PRIVILEGES structure that contains the user SID, the group accounts, the restricted SIDs, and the authentication ID associated with the token. This value is valid starting with Windows Vista.
TokenSessionReference Reserved for system use.
TokenSandBoxInert The buffer receives a DWORD value that is nonzero if the token includes the SANDBOX_INERT flag. This value is valid starting with Windows Vista.
TokenAuditPolicy Reserved for system use.
TokenOrigin The buffer receives a TOKEN_ORIGIN value. If the token resulted from a logon that used explicit credentials, such as passing a name, domain, and password to the user-mode LogonUser function, then the TOKEN_ORIGIN structure will contain the ID of the logon session that created it. If the token resulted from network authentication, such as a call to user-mode AcceptSecurityContext function or a call to user-mode LogonUser function with dwLogonType set to LOGON32_LOGON_NETWORK or LOGON32_LOGON_NETWORK_CLEARTEXT, then this value will be zero. This value is valid starting with Windows Server 2003.
TokenElevationType
TokenLinkedToken The buffer receives a TOKEN_LINKED_TOKEN structure that contains a handle to another token that is linked to this token. This value is valid starting with Windows Vista.
TokenElevation The buffer receives a TOKEN_ELEVATION structure that specifies whether the token is elevated. This value is valid starting with Windows Vista.
TokenHasRestrictions The buffer receives a DWORD value that is nonzero if the token has ever been filtered. This value is valid starting with Windows Vista.
TokenAccessInformation The buffer receives a TOKEN_ACCESS_INFORMATION structure that specifies security information contained in the token. This value is valid starting with Windows Vista.
TokenVirtualizationAllowed The buffer receives a DWORD value that is nonzero if virtualization is allowed for the token. This value is valid starting with Windows Vista.
TokenVirtualizationEnabled The buffer receives a DWORD value that is nonzero if virtualization is enabled for the token. This value is valid starting with Windows Vista.
TokenIntegrityLevel The buffer receives a TOKEN_MANDATORY_LABEL structure that specifies the token's integrity level. This value is valid starting with Windows Vista. For SeQueryInformationToken the output is the actual integrity level (DWORD).
TokenUIAccess The buffer receives a DWORD value that is nonzero if the token has the UIAccess flag set. This value is valid starting with Windows Vista.
TokenMandatoryPolicy The buffer receives a TOKEN_MANDATORY_POLICY structure that specifies the token's mandatory integrity policy. This value is valid starting with Windows Vista.
TokenLogonSid The buffer receives a TOKEN_GROUPS structure that specifies the token's logon SID. This value is valid starting with Windows Vista.
TokenIsAppContainer The buffer receives a DWORD value that is nonzero if the token has the application container flag set. This value is valid starting with Windows 8.
TokenCapabilities The buffer receives a TOKEN_GROUPS structure and an array of SID_AND_ATTRIBUTES structures for each token capability. This value is valid starting with Windows 8.
TokenAppContainerSid The buffer receives a TOKEN_APPCONTAINER_INFORMATION structure that contains the AppContainerSid associated with the token. If the token is not associated with an app container, the TokenAppContainer member of the TOKEN_APPCONTAINER_INFORMATION structure points to NULL. This value is valid starting with Windows 8.
TokenAppContainerNumber The buffer receives a DWORD value that is the application container number. This value is valid starting with Windows 8.
TokenUserClaimAttributes The buffer receives a CLAIM_SECURITY_ATTRIBUTES_INFORMATION structure that specifies the user's claim attributes. This value is valid starting with Windows 8.
TokenDeviceClaimAttributes The buffer receives a CLAIM_SECURITY_ATTRIBUTES_INFORMATION structure that specifies the device's claim attributes. This value is valid starting with Windows 8.
TokenRestrictedUserClaimAttributes Reserved for system use.
TokenRestrictedDeviceClaimAttributes Reserved for system use.
TokenDeviceGroups The buffer receives a TOKEN_GROUPS structure and an array of SID_AND_ATTRIBUTES structures for each device group. This value is valid starting with Windows 8.
TokenRestrictedDeviceGroups Reserved for system use.
TokenSecurityAttributes Reserved for system use.
TokenIsRestricted Reserved for system use.
TokenProcessTrustLevel Reserved for system use.
TokenPrivateNameSpace
TokenSingletonAttributes
TokenBnoIsolation
TokenChildProcessFlags
MaxTokenInfoClass The maximum value for this enumeration.

Requirements

   
Header ntifs.h (include Ntifs.h)

See Also

ACL

SECURITY_IMPERSONATION_LEVEL

SID

SeFilterToken

SeQueryInformationToken

SeTokenIsRestricted

TOKEN_DEFAULT_DACL

TOKEN_GROUPS

TOKEN_ORIGIN

TOKEN_OWNER

TOKEN_PRIMARY_GROUP

TOKEN_PRIVILEGES

TOKEN_SOURCE

TOKEN_STATISTICS

TOKEN_TYPE

TOKEN_USER

ZwQueryInformationToken

ZwSetInformationToken