AdvApi32DuplicateTokenEx Method

[DllImportAttribute("AdvApi32.dll", SetLastError = true)]
public static bool DuplicateTokenEx(
	IntPtr existingToken,
	TokenAccess desiredAccess,
	SecurityAttributes tokenAttributes,
	SecurityImpersonationLevel impersonationLevel,
	TokenType tokenType,
	out IntPtr refNewToken
)

<DllImportAttribute("AdvApi32.dll", SetLastError := true>]
Public Shared Function DuplicateTokenEx ( 
	existingToken As IntPtr,
	desiredAccess As TokenAccess,
	tokenAttributes As SecurityAttributes,
	impersonationLevel As SecurityImpersonationLevel,
	tokenType As TokenType,
	<OutAttribute> ByRef refNewToken As IntPtr
) As Boolean

Dim existingToken As IntPtr
Dim desiredAccess As TokenAccess
Dim tokenAttributes As SecurityAttributes
Dim impersonationLevel As SecurityImpersonationLevel
Dim tokenType As TokenType
Dim refNewToken As IntPtr

Dim returnValue As Boolean

returnValue = AdvApi32.DuplicateTokenEx(existingToken, 
	desiredAccess, tokenAttributes, 
	impersonationLevel, tokenType, refNewToken)

public:
[DllImportAttribute(L"AdvApi32.dll", SetLastError = true)]
static bool DuplicateTokenEx(
	IntPtr existingToken, 
	TokenAccess desiredAccess, 
	SecurityAttributes tokenAttributes, 
	SecurityImpersonationLevel impersonationLevel, 
	TokenType tokenType, 
	[OutAttribute] IntPtr% refNewToken
)

[<DllImportAttribute("AdvApi32.dll", SetLastError = true)>]
static member DuplicateTokenEx : 
        existingToken : IntPtr * 
        desiredAccess : TokenAccess * 
        tokenAttributes : SecurityAttributes * 
        impersonationLevel : SecurityImpersonationLevel * 
        tokenType : TokenType * 
        refNewToken : IntPtr byref -> bool 

No code example is currently available or this language may not be supported.

Parameters

existingToken  IntPtr

A handle to an access token opened with Duplicate access.

desiredAccess  TokenAccess

Specifies the requested access rights for the new token.

The DuplicateTokenEx(IntPtr, TokenAccess, SecurityAttributes, SecurityImpersonationLevel, TokenType, IntPtr) function compares the requested access rights with the existing token's discretionary access control list (DACL) to determine which rights are granted or denied.

To request the same access rights as the existing token, specify zero.

To request all access rights that are valid for the caller, specify MAXIMUM_ALLOWED.

tokenAttributes  SecurityAttributes

A pointer to a SecurityAttributes structure that specifies a security descriptor for the new token and determines whether child processes can inherit the token.

If tokenAttributes is NULL, the token gets a default security descriptor and the handle cannot be inherited.

If the security descriptor contains a system access control list (SACL), the token gets ACCESS_SYSTEM_SECURITY access right, even if it was not requested in desiredAccess.

To set the owner in the security descriptor for the new token, the caller's process token must have the RestorePrivilege (SE_RESTORE_NAME) privilege set.

impersonationLevel  SecurityImpersonationLevel

The impersonation level of the new token.

tokenType  TokenType

A values that differentiate between a primary token and an impersonation token.

refNewToken  IntPtr

A pointer to a HANDLE variable that receives the new token.

When you have finished using the new token, call the CloseHandle(IntPtr) function to close the token handle.

Return Value

If the function fails, the return value is .

To get extended error information, call GetLastWin32Error.

Reference