// ntifs.h
typedef struct _TOKEN_GROUPS {
ULONG GroupCount;
#if ...
SID_AND_ATTRIBUTES *Groups[];
#else
SID_AND_ATTRIBUTES Groups[ANYSIZE_ARRAY];
#endif
} TOKEN_GROUPS, *PTOKEN_GROUPS;
View the official Windows Driver Kit DDI reference
No description available.
TOKEN_GROUPS contains information about the group security identifiers (SID) in an access token.
GroupCount
Specifies the number of groups in the access token.
Groups[*]
Specifies an array of SID_AND_ATTRIBUTES structures containing a set of SIDs and corresponding attributes.
Groups[ANYSIZE_ARRAY]
Specifies an array of SID_AND_ATTRIBUTES structures containing a set of SIDs and corresponding attributes.
You can use SeFilterToken to designate one or more group SIDs as deny-only SIDs. Note that it is also possible to designate a user SID as a deny-only SID by specifying the user SID as one of the group SIDs in the TOKEN_GROUPS structure passed to SeFilterToken.