DuplicateTokenEx (advapi32)
Last changed: -

The DuplicateTokenEx function creates a new access token that duplicates an existing token. This function can create either a primary token or an impersonation token.

C# Signature:

[DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
public extern static bool DuplicateTokenEx(
    IntPtr hExistingToken,
    uint dwDesiredAccess,
    ref SECURITY_ATTRIBUTES lpTokenAttributes,
    TOKEN_TYPE TokenType,
    out IntPtr phNewToken );

C# Signature

[DllImport("advapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]

    public extern static bool DuplicateTokenEx(
        IntPtr hExistingToken,
        uint dwDesiredAccess,
        IntPtr lpTokenAttributes,
        uint ImpersonationLevel,
        uint TokenType,
        out IntPtr phNewToken);

VB Signature:

    Declare Auto Function DuplicateTokenEx Lib "advapi32.dll" ( _
    ByVal ExistingTokenHandle As IntPtr, _
    ByVal dwDesiredAccess As UInt32, _
    ByRef lpThreadAttributes As SECURITY_ATTRIBUTES, _
    ByVal ImpersonationLevel As Integer, _
    ByVal TokenType As Integer, _
    ByRef DuplicateTokenHandle As System.IntPtr) As Boolean

<DllImport("advapi32.dll", CharSet:=CharSet.Auto, SetLastError:=True)>
    Public Shared Function DuplicateTokenEx(hExistingToken As IntPtr, dwDesiredAccess As UInteger, lpTokenAttributes As IntPtr, ImpersonationLevel As SECURITY_IMPERSONATION_LEVEL, TokenType As TOKEN_TYPE, ByRef phNewToken As IntPtr) As Boolean
    End Function

User-Defined Types:




Alternative Managed API:

Do you know one? Please contribute it!



Tips & Tricks:

Please add some!

Since you can't use UInt32 constants in VB.NET, here is one way of passing in a value for dwDesiredAccess

    Const GRANTED_ALL As String = "10000000"

    ret = DuplicateTokenEx(Token, UInt32.Parse(GRANTED_ALL, System.Globalization.NumberStyles.HexNumber), sa, SecurityImpersonation, TokenType, DupedToken)

Sample Code:

Please add some!