Edit

LSA_TOKEN_INFORMATION_TYPE enumeration (ntsecpkg.h)

  • Article

The LSA_TOKEN_INFORMATION_TYPE enumeration specifies the levels of information that can be included in a logon token.

When the LSA calls either LsaApLogonUser, LsaApLogonUserEx, or LsaApLogonUserEx2 the authentication package is expected to return one of the following enumeration values to indicate the type of token information structure returned.

Syntax

typedef enum _LSA_TOKEN_INFORMATION_TYPE {
  LsaTokenInformationNull,
  LsaTokenInformationV1,
  LsaTokenInformationV2,
  LsaTokenInformationV3
} LSA_TOKEN_INFORMATION_TYPE, *PLSA_TOKEN_INFORMATION_TYPE;

Constants

 
LsaTokenInformationNull
The token information is stored in an
LSA_TOKEN_INFORMATION_NULL structure.




This token information type is used for anonymous logons or null sessions, where a token is needed but the client's identity is unknown.

For example, a non-authenticated network circuit (such as a domain controller's null session) can be given NULL information. In this case, an anonymous token is generated for the logon. An anonymous token does not permit access to protected system resources, but does allow access to unprotected system resources.
LsaTokenInformationV1
The token information is stored in a
LSA_TOKEN_INFORMATION_V1 structure. This structure contains information that an authentication package can place in a Version 1 Windows token object. A Version 1 Windows token object stores all the information needed to build a token and is used in most logon cases. The LSA creates the token object, and returns a handle to that token object to the caller of
LsaLogonUser.
LsaTokenInformationV2
LsaTokenInformationV3

Requirements

Requirement Value
Minimum supported client Windows XP [desktop apps only]
Minimum supported server Windows Server 2003 [desktop apps only]
Header ntsecpkg.h