public static extern bool DuplicateTokenEx(
SafeTokenHandle hExistingToken,
TokenRights dwDesiredAccess,
IntPtr lpTokenAttributes,
SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
TOKEN_TYPE TokenType,
ref SafeTokenHandle phNewToken);
/// <summary>
/// Opens a thread token.
/// </summary>
public static SafeTokenHandle OpenThreadToken(TokenRights desiredAccess, bool openAsSelf)
{
SafeTokenHandle threadToken;
if (!Direct.OpenThreadToken(ThreadMethods.Direct.GetCurrentThread(), desiredAccess, openAsSelf, out threadToken))
{
WindowsError error = ErrorHelper.GetLastError();
if (error != WindowsError.ERROR_NO_TOKEN)
{
throw ErrorHelper.GetIoExceptionForError(error, desiredAccess.ToString());
}
SafeTokenHandle processToken = OpenProcessToken(TokenRights.TOKEN_DUPLICATE);
if (!Direct.DuplicateTokenEx(
processToken,
TokenRights.TOKEN_IMPERSONATE | TokenRights.TOKEN_QUERY | TokenRights.TOKEN_ADJUST_PRIVILEGES,
IntPtr.Zero,
SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation,
TOKEN_TYPE.TokenImpersonation,
ref threadToken))
{
throw ErrorHelper.GetIoExceptionForLastError(desiredAccess.ToString());
}
}
return(threadToken);
}
/// <summary>
/// Opens a process token.
/// </summary>
public static SafeTokenHandle OpenProcessToken(TokenRights desiredAccess)
{
SafeTokenHandle processToken;
if (!Direct.OpenProcessToken(ProcessMethods.GetCurrentProcess(), desiredAccess, out processToken))
{
throw ErrorHelper.GetIoExceptionForLastError(desiredAccess.ToString());
}
return(processToken);
}
/// <summary>
/// Initializes a new instance of the <see cref="TokenAuditRule"/> class.
/// </summary>
/// <param name="identity">The identity.</param>
/// <param name="tokenRights">The token rights.</param>
/// <param name="type">The type.</param>
public TokenAuditRule(string identity, TokenRights tokenRights, AuditFlags type)
: this(new NTAccount(identity), tokenRights, type)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="TokenAuditRule"/> class.
/// </summary>
/// <param name="identity">The identity.</param>
/// <param name="tokenRights">The token rights.</param>
/// <param name="type">The type.</param>
public TokenAuditRule(IdentityReference identity, TokenRights tokenRights, AuditFlags type)
: base(identity, (int)tokenRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="TokenAuditRule"/> class.
/// </summary>
/// <param name="identity">The identity.</param>
/// <param name="tokenRights">The token rights.</param>
/// <param name="type">The type.</param>
public TokenAuditRule(string identity, TokenRights tokenRights, AuditFlags type)
: this(new NTAccount(identity), tokenRights, type)
{
}
/// <summary>
/// Initializes a new instance of the <see cref="TokenAuditRule"/> class.
/// </summary>
/// <param name="identity">The identity.</param>
/// <param name="tokenRights">The token rights.</param>
/// <param name="type">The type.</param>
public TokenAuditRule(IdentityReference identity, TokenRights tokenRights, AuditFlags type)
: base(identity, (int)tokenRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public TokenAccessRule(string identity, TokenRights tokenRights, AccessControlType type)
: this(new NTAccount(identity), tokenRights, type)
{
}
public TokenAccessRule(IdentityReference identity, TokenRights tokenRights, AccessControlType type)
: base(identity, (int)tokenRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public TokenAccessRule(string identity, TokenRights tokenRights, AccessControlType type)
: this(new NTAccount(identity), tokenRights, type)
{
}
public TokenAccessRule(IdentityReference identity, TokenRights tokenRights, AccessControlType type)
: base(identity, (int)tokenRights, false, InheritanceFlags.None, PropagationFlags.None, type)
{
}
public static extern bool OpenThreadToken(
SafeThreadHandle ThreadHandle,
TokenRights DesiredAccess,
[MarshalAs(UnmanagedType.Bool)] bool OpenAsSelf,
out SafeTokenHandle TokenHandle);
public static extern bool OpenProcessToken(
IntPtr ProcessHandle,
TokenRights DesiredAccesss,
out SafeTokenHandle TokenHandle);
