Opens the access token associated with a process
#include <WinAPIProc.au3>
_WinAPI_OpenProcessToken ( $iAccess [, $hProcess = 0] )
| $iAccess | Access mask that specifies the requested types of access to the access token. This parameter can be one or more of the following values. $TOKEN_ALL_ACCESS $TOKEN_ADJUST_DEFAULT $TOKEN_ADJUST_GROUPS $TOKEN_ADJUST_PRIVILEGES $TOKEN_ADJUST_SESSIONID $TOKEN_ASSIGN_PRIMARY $TOKEN_DUPLICATE $TOKEN_EXECUTE $TOKEN_IMPERSONATE $TOKEN_QUERY $TOKEN_QUERY_SOURCE $TOKEN_READ $TOKEN_WRITE |
| $hProcess | [optional] Handle to the process whose access token is opened. The process must have the $PROCESS_QUERY_INFORMATION access permission. If this parameter is 0 (Default), will use the current process. |
| Success: | Handle that identifies the newly opened access token. |
| Failure: | 0, call _WinAPI_GetLastError() to get extended error information. |
Close the access token handle returned through this function by calling _WinAPI_CloseHandle().
Search OpenProcessToken in MSDN Library.
#include <APIRegConstants.au3>
#include <Debug.au3>
#include <WinAPIError.au3>
#include <WinAPIHObj.au3>
#include <WinAPIProc.au3>
#include <WinAPIReg.au3>
#RequireAdmin
_DebugSetup(Default, True)
Example()
Func Example()
Local $aPrivileges[2] = [$SE_BACKUP_NAME, $SE_RESTORE_NAME]
; Enable "SeBackupPrivilege" and "SeRestorePrivilege" privileges to save and restore registry hive
Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY))
Local $aAdjust
_WinAPI_AdjustTokenPrivileges($hToken, $aPrivileges, $SE_PRIVILEGE_ENABLED, $aAdjust)
If @error Or @extended Then
_DebugReport('Error' & @TAB & 'You do not have the required privileges.' & @CRLF)
Exit
EndIf
; Save "HKEY_CURRENT_USER\Software\AutoIt v3" to reg.dat
Local $hKey = _WinAPI_RegOpenKey($HKEY_CURRENT_USER, 'Software\AutoIt v3', $KEY_READ)
If _WinAPI_RegSaveKey($hKey, @TempDir & '\reg.dat', 1) Then
_DebugReport('- "HKEY_CURRENT_USER\Software\AutoIt v3" has been saved to reg.dat.' & @CRLF)
Else
_DebugReport("! RegSaveKey @error =" & @error & @TAB & _WinAPI_GetErrorMessage(@extended) & @CRLF)
EndIf
_WinAPI_RegCloseKey($hKey)
; Restore "HKEY_CURRENT_USER\Software\AutoIt v3" to "HKEY_CURRENT_USER\Software\AutoIt v3 (Duplicate)"
$hKey = _WinAPI_RegCreateKey($HKEY_CURRENT_USER, 'Software\AutoIt v3 (Duplicate)', $KEY_WRITE)
If _WinAPI_RegRestoreKey($hKey, @TempDir & '\reg.dat') Then
_DebugReport('- "HKEY_CURRENT_USER\Software\AutoIt v3" has been restored to "HKEY_CURRENT_USER\Software\AutoIt v3 (Duplicate)".' & @CRLF)
Else
_DebugReport("! RegRestoreKey @error =" & @error & @TAB & _WinAPI_GetErrorMessage(@extended) & @CRLF)
EndIf
_WinAPI_RegCloseKey($hKey)
; Restore "SeBackupPrivilege" and "SeRestorePrivilege" privileges by default
_WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust)
_WinAPI_CloseHandle($hToken)
FileDelete(@TempDir & '\reg.dat')
EndFunc ;==>Example