Edit

Share via

LSA_CONVERT_AUTH_DATA_TO_TOKEN callback function (ntsecpkg.h)

  • Article

The ConvertAuthDataToToken function creates an access token from the authorization data returned from the GetAuthDataForUser or GetUserAuthData functions.

Syntax

LSA_CONVERT_AUTH_DATA_TO_TOKEN LsaConvertAuthDataToToken;

NTSTATUS LsaConvertAuthDataToToken(
  [in]  PVOID UserAuthData,
  [in]  ULONG UserAuthDataSize,
  [in]  SECURITY_IMPERSONATION_LEVEL ImpersonationLevel,
  [in]  PTOKEN_SOURCE TokenSource,
  [in]  SECURITY_LOGON_TYPE LogonType,
  [in]  PUNICODE_STRING AuthorityName,
  [out] PHANDLE Token,
  [out] PLUID LogonId,
  [out] PUNICODE_STRING AccountName,
  [out] PNTSTATUS SubStatus
)
{...}

Parameters

[in] UserAuthData

Pointer to the authorization data received from the GetAuthDataForUser or GetUserAuthData functions.

[in] UserAuthDataSize

Size, in bytes, of the authorization data specified by the UserAuthData parameter.

[in] ImpersonationLevel

A SECURITY_IMPERSONATION_LEVEL value specifying the impersonation level for the token to be created.

[in] TokenSource

Pointer to a TOKEN_SOURCE structure specifying the source to record in the token.

[in] LogonType

A SECURITY_LOGON_TYPE value indicating the type of logon to record in the token.

[in] AuthorityName

Pointer to a UNICODE_STRING structure that specifies the name of the authority that authorized this user, typically a domain name.

[out] Token

Pointer to a HANDLE that receives the user token handle.

When you have finished using the user token, release the handle by calling CloseHandle.

[out] LogonId

Pointer to an LUID that receives the logon identifier for the token.

[out] AccountName

Pointer to a UNICODE_STRING structure that receives the account name encoded in the UserAuthData parameter.

[out] SubStatus

Pointer to a variable that receives additional information about the return value of the function call.

Return value

If the function succeeds, the return value is STATUS_SUCCESS.

If the function fails, the return value is an NTSTATUS code indicating the reason it failed.

Remarks

A pointer to the ConvertAuthDataToToken function is available in the LSA_SECPKG_FUNCTION_TABLE structure received by the SpInitialize function.

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Target Platform Windows
Header ntsecpkg.h

See also

GetAuthDataForUser

GetUserAuthData

LSA_SECPKG_FUNCTION_TABLE

SECURITY_IMPERSONATION_LEVEL

SECURITY_LOGON_TYPE

SpInitialize

TOKEN_SOURCE

UNICODE_STRING