diff --git a/ntoskrnl/include/internal/se.h b/ntoskrnl/include/internal/se.h
index 46cf4380488..90c318878a9 100644
--- a/ntoskrnl/include/internal/se.h
+++ b/ntoskrnl/include/internal/se.h
@@ -34,6 +34,10 @@ typedef struct _TOKEN_AUDIT_POLICY_INFORMATION
     } Policies[1];
 } TOKEN_AUDIT_POLICY_INFORMATION, *PTOKEN_AUDIT_POLICY_INFORMATION;
 
+#define TOKEN_CREATE_METHOD    0xCUL
+#define TOKEN_DUPLICATE_METHOD 0xDUL
+#define TOKEN_FILTER_METHOD    0xFUL
+
 FORCEINLINE
 PSID
 SepGetGroupFromDescriptor(
diff --git a/ntoskrnl/se/token.c b/ntoskrnl/se/token.c
index c0f3e08585a..1415e36009d 100644
--- a/ntoskrnl/se/token.c
+++ b/ntoskrnl/se/token.c
@@ -1086,6 +1086,17 @@ SepDuplicateToken(
         goto Quit;
     }
 
+    /* Fill in token debug information */
+#if DBG
+    RtlCopyMemory(AccessToken->ImageFileName,
+                  PsGetCurrentProcess()->ImageFileName,
+                  min(sizeof(AccessToken->ImageFileName), sizeof(PsGetCurrentProcess()->ImageFileName)));
+
+    AccessToken->ProcessCid = PsGetCurrentProcessId();
+    AccessToken->ThreadCid = PsGetCurrentThreadId();
+    AccessToken->CreateMethod = TOKEN_DUPLICATE_METHOD;
+#endif
+
     /* Assign the data that reside in the TOKEN's variable information area */
     AccessToken->VariableLength = VariableLength;
     EndMem = (PVOID)&AccessToken->VariablePart;
@@ -1844,6 +1855,32 @@ SepCreateToken(
         goto Quit;
     }
 
+    /* Fill in token debug information */
+#if DBG
+    /*
+     * We must determine ourselves that the current
+     * process is not the initial CPU one. The initial
+     * process is not a "real" process, that is, the
+     * Process Manager has not yet been initialized and
+     * as a matter of fact we are creating a token before
+     * any process gets created by Ps. If it turns out
+     * that the current process is the initial CPU process
+     * where token creation execution takes place, don't
+     * do anything.
+     */
+    if (PsGetCurrentProcess() != &KiInitialProcess)
+    {
+        RtlCopyMemory(AccessToken->ImageFileName,
+                      PsGetCurrentProcess()->ImageFileName,
+                      min(sizeof(AccessToken->ImageFileName), sizeof(PsGetCurrentProcess()->ImageFileName)));
+
+        AccessToken->ProcessCid = PsGetCurrentProcessId();
+        AccessToken->ThreadCid = PsGetCurrentThreadId();
+    }
+
+    AccessToken->CreateMethod = TOKEN_CREATE_METHOD;
+#endif
+
     /* Assign the data that reside in the TOKEN's variable information area */
     AccessToken->VariableLength = VariableLength;
     EndMem = (PVOID)&AccessToken->VariablePart;
@@ -2181,6 +2218,17 @@ SepPerformTokenFiltering(
         goto Quit;
     }
 
+    /* Fill in token debug information */
+#if DBG
+    RtlCopyMemory(AccessToken->ImageFileName,
+                  PsGetCurrentProcess()->ImageFileName,
+                  min(sizeof(AccessToken->ImageFileName), sizeof(PsGetCurrentProcess()->ImageFileName)));
+
+    AccessToken->ProcessCid = PsGetCurrentProcessId();
+    AccessToken->ThreadCid = PsGetCurrentThreadId();
+    AccessToken->CreateMethod = TOKEN_FILTER_METHOD;
+#endif
+
     /* Assign the data that reside in the token's variable information area */
     AccessToken->VariableLength = VariableLength;
     EndMem = (PVOID)&AccessToken->VariablePart;
diff --git a/sdk/include/ndk/setypes.h b/sdk/include/ndk/setypes.h
index b76b0a144ff..1f54e097318 100644
--- a/sdk/include/ndk/setypes.h
+++ b/sdk/include/ndk/setypes.h
@@ -204,6 +204,14 @@ typedef struct _SECURITY_TOKEN_PROXY_DATA
 //
 // Token and auxiliary data
 //
+// ===================!!!IMPORTANT NOTE!!!=====================
+// ImageFileName, ProcessCid, ThreadCid and CreateMethod field
+// names are taken from Windows Server 2003 SP2 checked build
+// WinDBG debug extensions command purposes (such as !logonsession
+// command respectively). As such names are hardcoded, we have
+// to be compatible with them. THESE FIELD NAMES MUST NOT BE
+// CHANGED!!!
+// ============================================================
 typedef struct _TOKEN
 {
     TOKEN_SOURCE TokenSource;                         /* 0x00 */
@@ -236,7 +244,13 @@ typedef struct _TOKEN
     PSECURITY_TOKEN_AUDIT_DATA AuditData;             /* 0x94 */
     PSEP_LOGON_SESSION_REFERENCES LogonSession;       /* 0x98 */
     LUID OriginatingLogonSession;                     /* 0x9C */
-    ULONG VariablePart;                               /* 0xA4 */
+#if DBG
+    UCHAR ImageFileName[16];                          /* 0xA4 */
+    HANDLE ProcessCid;                                /* 0xB4 */
+    HANDLE ThreadCid;                                 /* 0xB8 */
+    ULONG CreateMethod;                               /* 0xBC */
+#endif
+    ULONG VariablePart;                               /* 0xC0 */
 } TOKEN, *PTOKEN;
 
 typedef struct _AUX_ACCESS_DATA