Type a page name and press Enter. You'll jump to the page if it exists, or you can create it if it doesn't.
To create a page in a module other than advapi32, prefix the name with the module name and a period.
DuplicateToken (advapi32)
.
C# Signature:
[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
public extern static bool DuplicateTokenEx(
IntPtr hExistingToken,
uint dwDesiredAccess,
ref SECURITY_ATTRIBUTES lpTokenAttributes,
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
TOKEN_TYPE TokenType,
out IntPtr phNewToken );
[DllImport("advapi32.dll", SetLastError=true)]
public extern static bool DuplicateToken(IntPtr ExistingTokenHandle, int
SECURITY_IMPERSONATION_LEVEL, out IntPtr DuplicateTokenHandle);
VB .NET Signature:
Declare Function DuplicateToken Lib "advapi32.dll" (ExistingTokenHandle As IntPtr, _
SECURITY_IMPERSONATION_LEVEL As Int16, ByRef DuplicateTokenHandle As IntPtr) _
As Boolean
VB .NET User-Defined Types:
Public Enum SecurityImpersonationLevel As Integer
'The server process cannot obtain identification information about the client,
'and it cannot impersonate the client. It is defined with no value given, and thus,
'by ANSI C rules, defaults to a value of zero.
SecurityAnonymous = 0
VB Signature:
Declare Auto Function DuplicateTokenEx Lib "advapi32.dll" ( _
ByVal ExistingTokenHandle As IntPtr, _
ByVal dwDesiredAccess As UInt32, _
ByRef lpThreadAttributes As SECURITY_ATTRIBUTES, _
ByVal ImpersonationLevel As Integer, _
ByVal TokenType As Integer, _
ByRef DuplicateTokenHandle As System.IntPtr) As Boolean
'The server process can obtain information about the client, such as security identifiers and privileges,
'but it cannot impersonate the client. This is useful for servers that export their own objects,
'for example, database products that export tables and views.
'Using the retrieved client-security information, the server can make access-validation decisions without
'being able to use other services that are using the client's security context.
SecurityIdentification = 1
Alternative Managed API:
Do you know one? Please contribute it!
'The server process can impersonate the client's security context on its local system.
'The server cannot impersonate the client on remote systems.
SecurityImpersonation = 2
Notes:
None.
'The server process can impersonate the client's security context on remote systems.
'NOTE: Windows NT: This impersonation level is not supported.
SecurityDelegation = 3
End Enum
C# User Defined Types:
public enum SecurityImpersonationLevel : int
{
/// <summary>
/// The server process cannot obtain identification information about the client,
/// and it cannot impersonate the client. It is defined with no value given, and thus,
/// by ANSI C rules, defaults to a value of zero.
/// </summary>
SecurityAnonymous = 0,
Tips & Tricks:
Please add some!
/// <summary>
/// The server process can obtain information about the client, such as security identifiers and privileges,
/// but it cannot impersonate the client. This is useful for servers that export their own objects,
/// for example, database products that export tables and views.
/// Using the retrieved client-security information, the server can make access-validation decisions without
/// being able to use other services that are using the client's security context.
/// </summary>
SecurityIdentification = 1,
Since you can't use UInt32 constants in VB.NET, here is one way of passing in a value for dwDesiredAccess
/// <summary>
/// The server process can impersonate the client's security context on its local system.
/// The server cannot impersonate the client on remote systems.
/// </summary>
SecurityImpersonation = 2,
Const GRANTED_ALL As String = "10000000"
/// <summary>
/// The server process can impersonate the client's security context on remote systems.
/// NOTE: Windows NT: This impersonation level is not supported.
/// </summary>
SecurityDelegation = 3,
}
ret = DuplicateTokenEx(Token, UInt32.Parse(GRANTED_ALL, System.Globalization.NumberStyles.HexNumber), sa, SecurityImpersonation, TokenType, DupedToken)
Notes:
None.
Sample Code:
Tips & Tricks:
Please add some!
Sample Code:
Please add some!
Alternative Managed API:
TODO
The DuplicateTokenEx function creates a new access token that duplicates an existing token. This function can create either a primary token or an impersonation token.
4/5/2012 1:49:37 PM - Carl Mailloux-209.226.94.110
The [SECURITY_ATTRIBUTES] structure contains the security descriptor for an object and specifies whether the handle retrieved by specifying this structure is inheritable. This structure provides security settings for objects created by various functions, such as Kernel32.CreateFile, Kernel32.CreatePipe, Kernel32.CreateProcess, or Advapi32.RegCreateKeyEx.
7/15/2010 5:39:54 AM - -67.168.202.202
The TOKEN_TYPE enumeration type contains values that differentiate between a primary token and an impersonation token.
6/8/2007 1:40:27 PM - -80.179.11.91
TODO - a short description of this collection of constants
4/6/2012 12:59:20 AM - anonymous
Please edit this page!
Do you have...
helpful tips or sample code to share for using this API in managed code?
corrections to the existing content?
variations of the signature you want to share?
additional languages you want to include?
Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).
Revisions