WinAPI: GetTokenInformation() with TokenElevationType - What do the enumerators actually mean?
See the question and my original answer on StackOverflowYou can check official documentation here for context: How User Account Control works
By default, both standard and administrator users access resources and execute apps in the security context of a standard user. When a user signs in, the system creates an access token for that user. The access token contains information about the level of access that the user is granted [...]
When an administrator logs on, two separate access tokens are created for the user: a standard user access token and an administrator access token.
So the meaning of TOKEN_ELEVATION_TYPE
enum values is this:
TokenElevationTypeDefault
: when you are a standard user (or in special cases, like an administrator without UAC on (check this link for example https://candritzky.wordpress.com/tag/uac/) so you don't have two access tokens. In this case, you can use GetTokenInformation's TokenElevation
class and TOKEN_ELEVATION's TokenIsElevated member to determine if the token has elevated privileges.
TokenElevationTypeFull
: when you have two tokens and you are using the elevated administrator access token.
TokenElevationTypeLimited
: when you have two tokens and you are using the standard user access token.