NtImpersonateClientOfPort - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTLPCAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
NtImpersonateClientOfPort(
    _In_ HANDLE PortHandle,
    _In_ PPORT_MESSAGE Message
    );

#endif

View code on GitHub
#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwImpersonateClientOfPort(
    _In_ HANDLE PortHandle,
    _In_ PPORT_MESSAGE Message
    );

#endif

View code on GitHub

NtImpersonateClientOfPort is called by LPC server process to get security context of client. That means: client's Token Object is associated with calling server thread (like NtSetInformationThread with ThreadImpersonationToken information class).

PortHandle

HANDLE to Port Object opened with NtAcceptConnectPort call.

Request

Pointer to LPC_MESSAGE structure contains reason of impersonation.

Documented by

See also

Edit description on GitHub