In Windows NT, an access token is an important security element that identifies not only a specific user, but much more information. A few important elements of an access token include a user’s access privileges, security identifier (SID), and group SIDs, which represent the groups in which the user belongs. If you have a specific user’s access token and the appropriate access rights, you can know pretty much everything about the user.
In the previous section, the ValidateCall function instantiated a CImpersonatedUser C++ class and invoked the ObtainAccessToken method to obtain the remote user’s access token. Because the CImpersonatedUser class encapsulates an access token, we will be able to inquire for the following client security information. Due to the way NTLM works, we can obtain all this information on the server side without knowing the client’s password.
Security identifier (SID)—Unique identifier that identifies a specific user. Each user account is automatically assigned a SID on Windows NT when the account is created. Even if you delete and create a brand new account with the same name as the previous account, you will not get the same SID; instead, NT assigns a new and unique SID each time.
SIDs of the groups in which the user belongs.
Names of the groups in which the user belongs.
As shown in the following code, the CImpersonatedUser class is straightforward, so let’s briefly introduce the bolded member functions of this class, as we’ll ...