Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The CheckTokenMembershipEx function determines whether the specified SID is enabled in the specified token.
Syntax
BOOL CheckTokenMembershipEx(
[in, optional] HANDLE TokenHandle,
[in] PSID SidToCheck,
[in] DWORD Flags,
[out] PBOOL IsMember
);
Parameters
[in, optional] TokenHandle
A handle to an access token. If present, this token is checked for the SID. If not present, then the current effective token is used. This must be an impersonation token.
[in] SidToCheck
A pointer to a SID structure. The function checks for the presence of this SID in the presence of the token.
[in] Flags
Flags that affect the behavior of the function. Currently the only valid flag is CTMF_INCLUDE_APPCONTAINER which allows app containers to pass the call as long as the other requirements of the token are met, such as the group specified is present and enabled.
[out] IsMember
TRUE if the SID is enabled in the token; otherwise, FALSE.
Return value
If the function succeeds, it returns TRUE.
If the function fails, it returns zero. To get extended error information, call GetLastError.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 8 [desktop apps | UWP apps] |
| Minimum supported server | Windows Server 2012 [desktop apps | UWP apps] |
| Target Platform | Windows |
| Header | securitybaseapi.h (include Windows.h) |
| Library | Advapi32.lib |
| DLL | Kernel32.dll |