1 / 7

Microsoft’s Roles Based Authorization Manager

Microsoft’s Roles Based Authorization Manager. CSG, May 2004. Shipping with Server 2003. Authorization Manager MMC snap-in AzMan Application Basic Groups LDAP Query Groups Authorization Store Role Based Access Control. New Group Types. Application Basic Groups

ziv
Download Presentation

Microsoft’s Roles Based Authorization Manager

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft’s Roles Based Authorization Manager CSG, May 2004

  2. Shipping with Server 2003 • Authorization Manager • MMC snap-in AzMan • Application Basic Groups • LDAP Query Groups • Authorization Store • Role Based Access Control

  3. New Group Types • Application Basic Groups • Features of NT and Win2k ACL groups • Adds a non-member list to the DSACL to enable exclusions • LDAP Query Groups • real time queries of user’s attributes to determine group membership

  4. Authorization Store • Active Directory may be used as the store • XML files may be used as the store • Implies that each application developer can create an authorization store without the cooperation of Domain or OU administrators

  5. interfaces • COM • Creation of the authorization store • Creation of roles, tasks, operations • Initialization of the store • Enumeration of memberships • Implication – a vbscript programmer can use these to perform all tasks • Point-and-click: AzMan MMC snap-in

  6. Uses • Native applications • Internal web services • Interaction with Trustbridge slated for Longhorn

  7. References • Role-Based Access Control Using Windows Server 2003 Authorization Manager : http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetserv/html/AzManRoles.asp • Using Dynamic Business Rules in Windows Server 2003 Authorization Manager : http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetserv/html/AzManBizRules.asp • Federating Identity and Authorization Across Organizations and Platforms, by Matt Hur : http://msdn.microsoft.com/events/pdc/agendaandsessions/sessions/default.aspx

More Related