PsReferenceImpersonationToken function (ntifs.h)
The PsReferenceImpersonationToken routine increments the reference count of the impersonation token for the specified thread.
Syntax
PACCESS_TOKEN PsReferenceImpersonationToken(
[in, out] PETHREAD Thread,
[out] PBOOLEAN CopyOnOpen,
[out] PBOOLEAN EffectiveOnly,
[out] PSECURITY_IMPERSONATION_LEVEL ImpersonationLevel
);
Parameters
[in, out] Thread
Address of the thread whose impersonation token's reference count is to be incremented.
[out] CopyOnOpen
Pointer to a caller-allocated Boolean variable. On return, this parameter receives TRUE if the token cannot be opened directly. In this case, the token must be duplicated, and the duplicate token must be used instead. If the token can be opened directly, this parameter receives FALSE.
[out] EffectiveOnly
Pointer to a caller-allocated Boolean variable. On return, this parameter receives FALSE if the thread is allowed to enable groups and privileges that are currently disabled in the client security context, TRUE otherwise.
[out] ImpersonationLevel
Pointer to a caller-allocated SECURITY_IMPERSONATION_LEVEL variable. On return, this parameter receives a value that specifies the impersonation level at which the thread is allowed to access the token.
Return value
PsReferenceImpersonationToken returns a pointer to the impersonation token for the given thread. If the thread is not currently impersonating a client, a NULL pointer is returned.
Remarks
If the thread is currently impersonating a client, PsReferenceImpersonationToken increments the reference count of the impersonation token and returns a pointer to the token. If the returned pointer is non-NULL, the impersonation token's reference count must be decremented by calling one of the following functions:
- ObDereferenceObject, for Windows 2000
- PsDereferenceImpersonationToken, for Microsoft Windows XP or later
For more information about security and access control, see Windows security model for driver developers and the documentation on these topics in the Windows SDK.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 2000 |
| Target Platform | Universal |
| Header | ntifs.h (include FltKernel.h, Ntifs.h) |
| Library | NtosKrnl.lib |
| DLL | NtosKrnl.exe |
| IRQL | PASSIVE_LEVEL |
| DDI compliance rules | HwStorPortProhibitedDDIs(storport) |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for