Поделиться через


CAccessToken::CreateRestrictedToken

Call this method to create a new, restricted CAccessToken object.

bool CreateRestrictedToken(
   CAccessToken* pRestrictedToken,
   const CTokenGroups& SidsToDisable,
   const CTokenGroups& SidsToRestrict,
   const CTokenPrivileges& PrivilegesToDelete = CTokenPrivileges( )
) const throw(...);

Параметры

  • pRestrictedToken
    The new, restricted CAccessToken object.

  • SidsToDisable
    A CTokenGroups object that specifies the deny-only SIDs.

  • SidsToRestrict
    A CTokenGroups object that specifies the restricting SIDs.

  • PrivilegesToDelete
    A CTokenPrivileges object that specifies the privileges to delete in the restricted token. The default creates an empty object.

Возвращаемое значение

Returns true on success, false on failure.

Заметки

CreateRestrictedToken uses the CreateRestrictedToken Win32 function to create a new CAccessToken object, with restrictions.

ПримечаниеПримечание.

This method is only available on Windows 2000 or later.

Примечание о безопасностиПримечание о безопасности.

When using CreateRestrictedToken, ensure the following: the existing token is valid (and not entered by the user) and SidsToDisable and PrivilegesToDelete are both valid (and not entered by the user). If the method returns false, deny functionality.

Требования

Header: atlsecurity.h

См. также

Основные понятия

CAccessToken Class

CAccessToken Members

CAccessToken::CreatePrimaryToken

CAccessToken::CreateImpersonationToken