C# Signature:

[DllImport("advapi32.dll", SetLastError=true)]
static extern bool OpenProcessToken(IntPtr ProcessHandle,
   UInt32 DesiredAccess, out IntPtr TokenHandle);

VB Signature:

Declare Function OpenProcessToken Lib "advapi32.dll" (ProcessHandle As IntPtr, _
   DesiredAccess As Integer, ByRef TokenHandle As IntPtr) As Boolean

Notes:

None.

Tips & Tricks:

Use these for DesiredAccess

    static uint STANDARD_RIGHTS_REQUIRED = 0x000F0000;
    static uint STANDARD_RIGHTS_READ = 0x00020000;
    static uint TOKEN_ASSIGN_PRIMARY = 0x0001;
    static uint TOKEN_DUPLICATE = 0x0002;
    static uint TOKEN_IMPERSONATE = 0x0004;
    static uint TOKEN_QUERY = 0x0008;
    static uint TOKEN_QUERY_SOURCE = 0x0010;
    static uint TOKEN_ADJUST_PRIVILEGES = 0x0020;
    static uint TOKEN_ADJUST_GROUPS = 0x0040;
    static uint TOKEN_ADJUST_DEFAULT = 0x0080;
    static uint TOKEN_ADJUST_SESSIONID = 0x0100;
    static uint TOKEN_READ = (STANDARD_RIGHTS_READ | TOKEN_QUERY);
    static uint TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED | TOKEN_ASSIGN_PRIMARY |
        TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_QUERY_SOURCE |
        TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_ADJUST_DEFAULT |
        TOKEN_ADJUST_SESSIONID);

Sample Code:

    [DllImport("advapi32.dll", SetLastError = true)]
    public static extern bool OpenProcessToken(IntPtr ProcessHandle, UInt32 DesiredAccess, out IntPtr TokenHandle);
    private static uint STANDARD_RIGHTS_REQUIRED = 0x000F0000;
    private static uint STANDARD_RIGHTS_READ = 0x00020000;
    private static uint TOKEN_ASSIGN_PRIMARY = 0x0001;
    private static uint TOKEN_DUPLICATE = 0x0002;
    private static uint TOKEN_IMPERSONATE = 0x0004;
    private static uint TOKEN_QUERY = 0x0008;
    private static uint TOKEN_QUERY_SOURCE = 0x0010;
    private static uint TOKEN_ADJUST_PRIVILEGES = 0x0020;
    private static uint TOKEN_ADJUST_GROUPS = 0x0040;
    private static uint TOKEN_ADJUST_DEFAULT = 0x0080;
    private static uint TOKEN_ADJUST_SESSIONID = 0x0100;
    private static uint TOKEN_READ = (STANDARD_RIGHTS_READ | TOKEN_QUERY);
    private static uint TOKEN_ALL_ACCESS = (STANDARD_RIGHTS_REQUIRED | TOKEN_ASSIGN_PRIMARY |
        TOKEN_DUPLICATE | TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_QUERY_SOURCE |
        TOKEN_ADJUST_PRIVILEGES | TOKEN_ADJUST_GROUPS | TOKEN_ADJUST_DEFAULT |
        TOKEN_ADJUST_SESSIONID);

     [DllImport("advapi32.dll", SetLastError = true)]
    public static extern bool GetTokenInformation(IntPtr TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, IntPtr TokenInformation, uint TokenInformationLength, out uint ReturnLength);
    public enum TOKEN_INFORMATION_CLASS
    {
        TokenUser = 1,
        TokenGroups,
        TokenPrivileges,
        TokenOwner,
        TokenPrimaryGroup,
        TokenDefaultDacl,
        TokenSource,
        TokenType,
        TokenImpersonationLevel,
        TokenStatistics,
        TokenRestrictedSids,
        TokenSessionId,
        TokenGroupsAndPrivileges,
        TokenSessionReference,
        TokenSandBoxInert,
        TokenAuditPolicy,
        TokenOrigin
    }

    public static byte[] GetSIDByteArr(IntPtr processHandle)
    {
        int MAX_INTPTR_BYTE_ARR_SIZE = 512;
        IntPtr tokenHandle;
        byte[] sidBytes;

        // Get the Process Token
        if (!OpenProcessToken(processHandle, TOKEN_READ, out tokenHandle))
        throw new ApplicationException("Could not get process token.  Win32 Error Code: " + Marshal.GetLastWin32Error());

        uint tokenInfoLength = 0;
        bool result;
        result = GetTokenInformation(tokenHandle, TOKEN_INFORMATION_CLASS.TokenUser, IntPtr.Zero, tokenInfoLength, out tokenInfoLength);  // get the token info length
        IntPtr tokenInfo = Marshal.AllocHGlobal((int)tokenInfoLength);
        result = GetTokenInformation(tokenHandle, TOKEN_INFORMATION_CLASS.TokenUser, tokenInfo, tokenInfoLength, out tokenInfoLength);  // get the token info

        // Get the User SID
        if (result)
        {
        TOKEN_USER tokenUser = (TOKEN_USER)Marshal.PtrToStructure(tokenInfo, typeof(TOKEN_USER));
        sidBytes = new byte[MAX_INTPTR_BYTE_ARR_SIZE];  // Since I don't yet know how to be more precise w/ the size of the byte arr, it is being set to 512
        Marshal.Copy(tokenUser.User.Sid, sidBytes, 0, MAX_INTPTR_BYTE_ARR_SIZE);  // get a byte[] representation of the SID
        }
        else throw new ApplicationException("Could not get process token.  Win32 Error Code: " + Marshal.GetLastWin32Error());

        return sidBytes;
    }

    // ******** Example: Call GetSIDByteArr() *************//
    Process[] myProcesses = Process.GetProcesses();
    foreach (Process myProcess in myProcesses)
    {
        byte[] sidBytes = Utility.GetSIDByteArr(myProcess.Handle);
    }
    // ****************************************************//

Alternative Managed API:

Do you know one? Please contribute it!

Please edit this page!

Do you have...

• helpful tips or sample code to share for using this API in managed code?
• corrections to the existing content?
• variations of the signature you want to share?
• additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).