CheckTokenMembershipEx function (securitybaseapi.h)
The CheckTokenMembershipEx function determines whether the specified SID is enabled in the specified token.
Syntax
BOOL CheckTokenMembershipEx(
[in, optional] HANDLE TokenHandle,
[in] PSID SidToCheck,
[in] DWORD Flags,
[out] PBOOL IsMember
);
Parameters
[in, optional] TokenHandle
A handle to an access token. If present, this token is checked for the SID. If not present, then the current effective token is used. This must be an impersonation token.
[in] SidToCheck
A pointer to a SID structure. The function checks for the presence of this SID in the presence of the token.
[in] Flags
Flags that affect the behavior of the function. Currently the only valid flag is CTMF_INCLUDE_APPCONTAINER which allows app containers to pass the call as long as the other requirements of the token are met, such as the group specified is present and enabled.
[out] IsMember
TRUE if the SID is enabled in the token; otherwise, FALSE.
Return value
If the function succeeds, it returns TRUE.
If the function fails, it returns zero. To get extended error information, call GetLastError.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 8 [desktop apps | UWP apps] |
| Minimum supported server | Windows Server 2012 [desktop apps | UWP apps] |
| Target Platform | Windows |
| Header | securitybaseapi.h (include Windows.h) |
| Library | Advapi32.lib |
| DLL | Kernel32.dll |