Search
Module:
Directory

   Desktop Functions:

   Smart Device Functions:


Show Recent Changes
Subscribe (RSS)
Misc. Pages
Comments
FAQ
Helpful Tools
Playground
Suggested Reading
Website TODO List
Download Visual Studio Add-In

GetTokenInformation (advapi32)
 
.
Summary
Retrieves a specified type of information about an access token

C# Signature:

[DllImport("advapi32.dll", SetLastError=true)]
static extern bool GetTokenInformation(
    IntPtr TokenHandle,
    TOKEN_INFORMATION_CLASS TokenInformationClass,
    IntPtr TokenInformation,
    uint TokenInformationLength,
    out uint ReturnLength);

C# Signature without user defined enum:

C# Signature without user defined class:

[DllImport("advapi32.dll", SetLastError=true)]
static extern bool GetTokenInformation(
    IntPtr TokenHandle,
    uint TokenInformationClass,
    IntPtr TokenInformation,
    uint TokenInformationLength,
    out uint ReturnLength);

VB.NET Definition:

    Public Declare Function GetTokenInformation Lib "advapi32.dll" ( _
    ByVal TokenHandle As IntPtr, ByVal TokenInformationClass As TOKEN_INFORMATION_CLASS, _
    ByVal TokenInformation As IntPtr, ByVal TokenInformationLength As System.UInt32, _
    ByRef ReturnLength As System.UInt32) As Boolean

User-Defined Types:

TOKEN_INFORMATION_CLASS

Notes:

Call once with zero for the third and fourth parameters to obtain the required size, then allocate the buffer and call again supplying these parameters.

Tips & Tricks:

Please add some!

Sample Code:

// Prints out sid of current user

using System;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Text;
namespace test
{
     class clsLookupAccountName
     {

         enum TOKEN_INFORMATION_CLASS
         {
             TokenUser = 1,
             TokenGroups,
             TokenPrivileges,
             TokenOwner,
             TokenPrimaryGroup,
             TokenDefaultDacl,
             TokenSource,
             TokenType,
             TokenImpersonationLevel,
             TokenStatistics,
             TokenRestrictedSids,
             TokenSessionId,
             TokenGroupsAndPrivileges,
             TokenSessionReference,
             TokenSandBoxInert,
             TokenAuditPolicy,
             TokenOrigin
         }

         public struct TOKEN_USER
         {
             public SID_AND_ATTRIBUTES User ;
         }

             [StructLayout(LayoutKind.Sequential)]
         public struct SID_AND_ATTRIBUTES
         {

             public IntPtr Sid ;
             public int Attributes ;
         }

         // Using IntPtr for pSID insted of Byte[]
         [DllImport("advapi32", CharSet=CharSet.Auto, SetLastError=true)]
         static extern bool ConvertSidToStringSid(
             IntPtr pSID,
             out IntPtr ptrSid);


         [DllImport("kernel32.dll")]
         static extern IntPtr LocalFree(IntPtr hMem);


         [DllImport("advapi32.dll", SetLastError=true)]
         static extern bool GetTokenInformation(
             IntPtr TokenHandle,
             TOKEN_INFORMATION_CLASS TokenInformationClass,
             IntPtr TokenInformation,
             int TokenInformationLength,
             out int ReturnLength);


         [STAThread]
         static void Main(string[] args)
         {
             int TokenInfLength = 0 ;
             bool Result ;

             // first call gets lenght of TokenInformation
             Result = GetTokenInformation( WindowsIdentity.GetCurrent().Token , TOKEN_INFORMATION_CLASS.TokenUser , IntPtr.Zero , TokenInfLength , out TokenInfLength );

             IntPtr TokenInformation = Marshal.AllocHGlobal( TokenInfLength ) ;

             Result = GetTokenInformation( WindowsIdentity.GetCurrent().Token  , TOKEN_INFORMATION_CLASS.TokenUser , TokenInformation , TokenInfLength , out TokenInfLength ) ;

             if( Result )
             {
             TOKEN_USER TokenUser = ( TOKEN_USER )Marshal.PtrToStructure( TokenInformation , typeof( TOKEN_USER ) ) ;

             IntPtr pstr = IntPtr.Zero;
             Boolean ok = ConvertSidToStringSid( TokenUser.User.Sid  , out pstr );
             string sidstr = Marshal.PtrToStringAuto( pstr );
             LocalFree(pstr);
             Console.WriteLine(@"Found sid {0}",sidstr);
             }

             Marshal.FreeHGlobal( TokenInformation );

             Console.ReadLine();
         }
     }
}

There's a sample based on this at http://stackoverflow.com/questions/2146153/how-to-get-the-logon-sid-in-c/2146418#2146418 that gets the LogonSID instead.

Alternative Managed API:

Do you know one? Please contribute it!

Documentation

Please edit this page!

Do you have...

  • helpful tips or sample code to share for using this API in managed code?
  • corrections to the existing content?
  • variations of the signature you want to share?
  • additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).

 
Access PInvoke.net directly from VS:
Terms of Use
Edit This Page
Find References
Show Printable Version
Revisions