public static unsafe extern Boolean32 CreateRestrictedToken( AccessToken ExistingTokenHandle, uint Flags, uint DisableSidCount, SID_AND_ATTRIBUTES *SidsToDisable, uint DeletePrivilegeCount, LuidAndAttributes *PrivilegesToDelete, uint RestrictedSidCount, SID_AND_ATTRIBUTES *SidsToRestrict, out AccessToken NewTokenHandle);
public unsafe static AccessToken CreateRestrictedToken(this AccessToken token, params SID[] sidsToDisable) { if (sidsToDisable == null || sidsToDisable.Length == 0) { throw new ArgumentNullException(); } SID_AND_ATTRIBUTES *sids = stackalloc SID_AND_ATTRIBUTES[sidsToDisable.Length]; fixed(SID *sid = sidsToDisable) { for (int i = 0; i < sidsToDisable.Length; i++) { sids[i].Sid = &sid[i]; } if (!Imports.CreateRestrictedToken(token, 0, (uint)sidsToDisable.Length, sids, 0, null, 0, null, out AccessToken restricted)) { throw Error.GetExceptionForLastError(); } return(restricted); } }
public static extern HRESULT CreateAppContainerProfile([NativeTypeName("PCWSTR")] ushort *pszAppContainerName, [NativeTypeName("PCWSTR")] ushort *pszDisplayName, [NativeTypeName("PCWSTR")] ushort *pszDescription, [NativeTypeName("PSID_AND_ATTRIBUTES")] SID_AND_ATTRIBUTES *pCapabilities, [NativeTypeName("DWORD")] uint dwCapabilityCount, [NativeTypeName("PSID *")] void **ppSidAppContainerSid);
public static extern int CreateRestrictedToken([NativeTypeName("HANDLE")] IntPtr ExistingTokenHandle, [NativeTypeName("DWORD")] uint Flags, [NativeTypeName("DWORD")] uint DisableSidCount, [NativeTypeName("PSID_AND_ATTRIBUTES")] SID_AND_ATTRIBUTES *SidsToDisable, [NativeTypeName("DWORD")] uint DeletePrivilegeCount, [NativeTypeName("PLUID_AND_ATTRIBUTES")] LUID_AND_ATTRIBUTES *PrivilegesToDelete, [NativeTypeName("DWORD")] uint RestrictedSidCount, [NativeTypeName("PSID_AND_ATTRIBUTES")] SID_AND_ATTRIBUTES *SidsToRestrict, [NativeTypeName("PHANDLE")] IntPtr *NewTokenHandle);