adjusttokenprivileges (advapi32)
Last changed: -91.119.3.204

.
Summary
Enables or disables privileges in a specified access token

C# Signature:

[DllImport("advapi32.dll", SetLastError=true)]
[return: MarshalAs(UnmanagedType.Bool)]
static extern bool AdjustTokenPrivileges(IntPtr TokenHandle,
   [MarshalAs(UnmanagedType.Bool)]bool DisableAllPrivileges,
   ref TOKEN_PRIVILEGES NewState,
   UInt32 BufferLength,
   ref TOKEN_PRIVILEGES PreviousState,
   IntPtr ReturnLength);

VB Signature:

Declare Function AdjustTokenPrivileges Lib "advapi32.dll" (
    ByVal TokenHandle As IntPtr, _
    ByVal DisableAllPrivileges As Boolean, _
    ByRef NewState As TOKEN_PRIVILEGES, _
    ByVal BufferLength As Integer, _
    ByRef PreviousState As TOKEN_PRIVILEGES, _
    ByVal ReturnLength As IntPtr) As Boolean

User-Defined Types:

TOKEN_PRIVILEGES

Notes:

None.

Tips & Tricks:

Please add some!

C# Sample Code:

Please add some!

VB.Net Sample Code:

    Const TOKEN_QUERY As Integer = &H8
    Const TOKEN_ADJUST_PRIVILEGES As Integer = &H20
    Const SE_RESTORE_NAME As String = "SeRestorePrivilege"

    Dim hProc, hToken As IntPtr
    Dim luid_Restore, As Long
    Dim tp As New TOKEN_PRIVILEGES

    ' get the current process's token
    hProc = Process.GetCurrentProcess().Handle
    hToken = IntPtr.Zero
    If Not OpenProcessToken(hProc, TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, hToken) Then
        Return False
    End If

    ' get the LUID for the Restore privilege (provided it already exist)
    luid_Restore = 0
    If Not LookupPrivilegeValue(Nothing, SE_RESTORE_NAME, luid_Restore) Then
        Return False
    End If

    tp.PrivilegeCount = 1
    tp.Privilege.Luid = luid_Restore
    tp.Privilege.Attributes = SE_PRIVILEGE_ENABLED

    ' enable the privileges
    If Not AdjustTokenPrivileges(hToken, False, tp, 0, IntPtr.Zero, IntPtr.Zero) Then
        Return False
    End If

    'good

Alternative Managed API:

Do you know one? Please contribute it!

Documentation