NtCreateLowBoxToken function
The NtCreateLowBoxToken function creates a LowBox (AppContainer) token object based on an existing access token and returns the handle opened for access to that token.
Syntax
NTSTATUS NTAPI NtCreateLowBoxToken(
_Out_ PHANDLE TokenHandle,
_In_ HANDLE ExistingTokenHandle,
_In_ ACCESS_MASK DesiredAccess,
_in_ POBJECT_ATTRIBUTES ObjectAttributes,
_in_ PSID PackageSid,
_in_ ULONG CapabilityCount,
_in_ PSID_AND_ATTRIBUTES Capabilities,
_in_ ULONG HandleCount,
_in_ HANDLE* Handles
);
Parameters
TokenHandle [out]
Returns the handle of the newly created LowBox token.
ExistingTokenHandle [in]
The handle of the existing created token. The token must be open for TOKEN_QUERY access.
DesiredAccess [in]
An ACCESS_MASK indicating which access types the handle is to provide to the new object.
ObjectAttributes [in, Optional]
Points to the standard OBJECT_ATTRIBUTES data structure.
PackageSid [in]
The Package that this token will belong to. This must point to a valid SID which must be a member of the LowBox Package SID group.
CapabilityCount [in]
The number of capabilities to include on the token.
Capabilities [in, Optional]
The SID_AND_ATTRIBUTES structure containing the capability SIDs to include on the token.
HandleCount [in]
The number of handles to be included on the token.
Handles [in, Optional]
Handles to the named object directories for the AppContainer.
Return value
If the function succeeds, the function returns STATUS_SUCCESS.
If the function fails, it returns an NTSTATUS error code. See NTSTATUS values for a list of error codes and their values.
Remarks
This API can only be called by medium or higher IL process.
This function has no associated import library or header file; you must call it using the LoadLibrary and GetProcAddress functions.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 8 [desktop apps only] |
| Minimum supported server | Windows Server 2012 [desktop apps only] |
| DLL | Ntdll.dll |