ziv
Uploaded by
7 SLIDES
209 VUES
70LIKES

Microsoft’s Roles Based Authorization Manager

DESCRIPTION

Dive into Microsoft's Role-Based Authorization Manager (AzMan), a powerful tool for managing access controls in Windows Server 2003. This comprehensive guide covers key features such as the MMC snap-in, LDAP query groups, and the authorization store, enabling developers to create tailored authorization solutions. Learn about integration with Active Directory, real-time queries for user attributes, and the role of COM in this innovative framework. Whether you're a VBScript programmer or an IT administrator, this resource equips you with the knowledge to effectively implement role-based access control.

1 / 7

Télécharger la présentation

Microsoft’s Roles Based Authorization Manager

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft’s Roles Based Authorization Manager CSG, May 2004

  2. Shipping with Server 2003 • Authorization Manager • MMC snap-in AzMan • Application Basic Groups • LDAP Query Groups • Authorization Store • Role Based Access Control

  3. New Group Types • Application Basic Groups • Features of NT and Win2k ACL groups • Adds a non-member list to the DSACL to enable exclusions • LDAP Query Groups • real time queries of user’s attributes to determine group membership

  4. Authorization Store • Active Directory may be used as the store • XML files may be used as the store • Implies that each application developer can create an authorization store without the cooperation of Domain or OU administrators

  5. interfaces • COM • Creation of the authorization store • Creation of roles, tasks, operations • Initialization of the store • Enumeration of memberships • Implication – a vbscript programmer can use these to perform all tasks • Point-and-click: AzMan MMC snap-in

  6. Uses • Native applications • Internal web services • Interaction with Trustbridge slated for Longhorn

  7. References • Role-Based Access Control Using Windows Server 2003 Authorization Manager : http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetserv/html/AzManRoles.asp • Using Dynamic Business Rules in Windows Server 2003 Authorization Manager : http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetserv/html/AzManBizRules.asp • Federating Identity and Authorization Across Organizations and Platforms, by Matt Hur : http://msdn.microsoft.com/events/pdc/agendaandsessions/sessions/default.aspx

More Related