IsTokenRestricted function (securitybaseapi.h)
The IsTokenRestricted function indicates whether a token contains a list of restricted security identifiers (SIDs).
Syntax
BOOL IsTokenRestricted(
[in] HANDLE TokenHandle
);
Parameters
[in] TokenHandle
A handle to an access token to test.
Return value
If the token contains a list of restricting SIDs, the return value is nonzero.
If the token does not contain a list of restricting SIDs, the return value is zero.
If an error occurs, the return value is zero. To get extended error information, call GetLastError.
Remarks
The CreateRestrictedToken function can restrict a token by disabling SIDs, deleting privileges, and specifying a list of restricting SIDs. The IsTokenRestricted function checks only for the list of restricting SIDs. If a token does not have any restricting SIDs, IsTokenRestricted returns FALSE, even though the token was created by a call to CreateRestrictedToken.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows XP [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Target Platform | Windows |
| Header | securitybaseapi.h (include Windows.h) |
| Library | Advapi32.lib |
| DLL | Advapi32.dll |