3.1.1.8 Current User Root Key

The server MUST support dynamically mapping a subkey of the HKEY_USERS predefined key as the HKEY_CURRENT_USER root key for each client request to operate on the HKEY_CURRENT_USER root key.

The server determines which subkey of HKEY_USERS  maps to HKEY_CURRENT_USER by first obtaining the SID in the RPC_SID form of the caller from the value of the element Token.Sids[Token.UserIndex]. The ADM element Token is initialized by retrieving the identity token for the current execution context by calling the abstract interface GetRpcImpersonationAccessToken(NULL) (see section 3.1.5). The value of the Token.Sids array element indexed at Token.UserIndex is the SID of the caller. The server MUST convert the SID from the RPC_SID form to a string (see [MS-DTYP] section 2.4.2.1) to determine which subkey of HKEY_USERS SHOULD be mapped to HKEY_CURRENT_USER. The name of the subkey of HKEY_USERS which SHOULD be mapped to a particular HKEY_CURRENT_USER client request is exactly the string representation of the SID of the caller.

Note In other registry documentation and registry utilities outside of this specification, in any user context, the current user root key is defined as a predefined key with the name "HKEY_CURRENT_USER".