PyHANDLE = CreateRestrictedToken(ExistingTokenHandle, Flags
, SidsToDisable
, PrivilegesToDelete
, SidsToRestrict
)
Creates a restricted copy of an access token with reduced privs - requires win2K or higher
Parameters
ExistingTokenHandle : PyHANDLE
Handle to an access token (see win32security::LogonUser,win32security::OpenProcessTokenFlags : int
Valid values are zero or a combination of DISABLE_MAX_PRIVILEGE and SANDBOX_INERTSidsToDisable : (PySID_AND_ATTRIBUTES,...)
Ssequence of PySID_AND_ATTRIBUTES tuples, or NonePrivilegesToDelete : (PyLUID_AND_ATTRIBUTES,...)
Privilege LUIDS to remove from token (attributes are ignored), or NoneSidsToRestrict : (PySID_AND_ATTRIBUTES,...)
Sequence of PySID_AND_ATTRIBUTES tuples (attributes must be 0). Can be None.