I am putting this place holder out for Windows 2003 Authorization Manager ( AzMan) questions.
If you have them, please ask them.
The AzMan (pronounced "A" "Z" "Man" ) update is included in the following:
Windows 2003 SP1 Admin Pak[^]
Windows 2000 Authorization Manager Runtime [^]
You will need to GAC the PIA. You should use the new interfaces for performance and all the benefits of the new interfaces such as the ability to create an emtpty client context and set the LDAPQueryDN supporting dynamic query groups in ADAM. This update to azman facilitates ADAM and ADFS integration environments. AzMan acts as a claims transformation engine when used in conjunction with ADFS. In each case, it is possible to build an empty client context and load sids (typically in the case of an ADAM authentication environment) or load roles and groups based on ADFS group claim assertions.
[Update: There was a change in packaging. The PIA is not included in the Win2k3 admin pack for WinXP. It is possible to create an interop from the azroles.dll or use the PIA from Win2k3 under %windir%\Microsoft.Net\Authman\(version) ]