Access tokens for members of the local Administrators
With UAC, members of the
local Administrator group have two
access tokens
- one with standard user privileges
- one with administrator privileges
The second access token is normally
filtered so that a
process only sees the standard user privileges.
However, if a process is run as an Administrator (elevated privilege mode), the other token is also seen.