KERB_PURGE_TKT_CACHE_REQUEST structure (ntsecapi.h)
The KERB_PURGE_TKT_CACHE_REQUEST structure contains information used to delete entries from the ticket cache.
It is used by LsaCallAuthenticationPackage.
Syntax
typedef struct _KERB_PURGE_TKT_CACHE_REQUEST {
KERB_PROTOCOL_MESSAGE_TYPE MessageType;
LUID LogonId;
UNICODE_STRING ServerName;
UNICODE_STRING RealmName;
} KERB_PURGE_TKT_CACHE_REQUEST, *PKERB_PURGE_TKT_CACHE_REQUEST;
Members
MessageType
KERB_PROTOCOL_MESSAGE_TYPE value identifying the type of request being made. This member must be set to KerbPurgeTicketCacheMessage.
LogonId
LUID structure containing the logon session identifier. This can be zero for the current user's logon session. If not zero, the caller must have the SeTcbPrivilege privilege set. If this fails, the Kerberos authentication package sets the ProtocolStatus parameter of LsaCallAuthenticationPackage to STATUS_ACCESS_DENIED.
ServerName
UNICODE_STRING containing the name of the service whose tickets should be deleted from the cache.
RealmName
UNICODE_STRING containing the name of the realm whose tickets should be deleted from the cache.
Remarks
If both ServerName and RealmName are of zero length, LsaCallAuthenticationPackage will delete all tickets for the logon session identified by LogonId. Otherwise, LsaCallAuthenticationPackage will search the cache tickets for ServerName@RealmName, and will delete all such tickets.
LsaCallAuthenticationPackage does not return this buffer. It returns STATUS_SUCCESS if one or more tickets are deleted. If no tickets are found, the function returns SEC_E_NO_CREDENTIALS.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Header | ntsecapi.h |