CheckTokenCapability function (securitybaseapi.h)
The CheckTokenCapability function checks the capabilities of a given token.
Syntax
BOOL CheckTokenCapability(
[in, optional] HANDLE TokenHandle,
[in] PSID CapabilitySidToCheck,
[out] PBOOL HasCapability
);
Parameters
[in, optional] TokenHandle
A handle to an access token. The handle must have TOKEN_QUERY access to the token. The token must be an impersonation token.
If TokenHandle is NULL, CheckTokenCapability uses the impersonation token of the calling thread. If the thread is not impersonating, the function duplicates the thread's primary token to create an impersonation token.
[in] CapabilitySidToCheck
A pointer to a capability SID structure. The CheckTokenCapability function checks the capabilities of this access token.
[out] HasCapability
Receives the results of the check. If the access token has the capability, it returns TRUE, otherwise, it returns FALSE.
Return value
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero. To get extended error information, call GetLastError
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 8 [desktop apps only] |
| Minimum supported server | Windows Server 2012 [desktop apps only] |
| Target Platform | Windows |
| Header | securitybaseapi.h (include Windows.h) |
| Library | Advapi32.lib |
| DLL | Kernel32.dll |