AuthzModifySids function (authz.h)

The AuthzModifySids function adds, deletes, or modifies user and device groups in the Authz client context.


AUTHZAPI BOOL AuthzModifySids(
  [in]           AUTHZ_CLIENT_CONTEXT_HANDLE     hAuthzClientContext,
  [in]           PAUTHZ_SID_OPERATION            pSidOperations,
  [in, optional] PTOKEN_GROUPS                   pSids


[in] hAuthzClientContext

A handle to the client context to be modified.

[in] SidClass

Type of information to be modified. The caller can specify AuthzContextInfoGroupsSids, AuthzContextInfoRestrictedSids, or AuthzContextInfoDeviceSids.

[in] pSidOperations

A pointer to an array of AUTHZ_SID_OPERATION enumeration values that specify the group modifications to make.

[in, optional] pSids

A pointer to a TOKEN_GROUPS structure that specifies the groups to modify.

Return value

If the function succeeds, it returns TRUE.

If the function fails, it returns FALSE. To get extended error information, call GetLastError.


The AUTHZ_SID_OPERATION enumeration must have only one element if the value of that element is AUTHZ_SID_OPERATION_REPLACE_ALL. Otherwise, the array has the same number of elements as the corresponding PTOKEN_GROUPS.

When you want to use AuthzModifySids to delete, the SIDs are matched but not the SID flags. If no matching SID is found, no modifications are done and the call fails.


Minimum supported client Windows 8 [desktop apps only]
Minimum supported server Windows Server 2012 [desktop apps only]
Target Platform Windows
Header authz.h
Library Authz.lib
DLL Authz.dll