How to use ADAM Principals in Authorization Manager (AzMan) for Fine Grain Authorization

Check out this really cool post from the AzMan Team blog! 

The ADAM and AzMan teams got together to show how to use ADAM principals with AzMan.  Sudheer, Authorization Manager Team, provides a description and csharp / C# code from that effort. Note: you need to be using Windows 2003 SP 1, the updated Win2k3 Admin Pack for XP or the updated Win2k backport. 



Comments (1)

  1. sujaseb says:

    I am folowing the design pattern for using ADAM for roles in ASP.Net(

    I have a web application, in which all the users for this application are present in the AD. But I dont want to create roles for my application inside AD. So I am planning to use ADAM as a role store. I am following the above link to implement ADAM as role store.

    Everything worked fine, But I have a few questions.

    I have imported the azman.ldf (which is the schema for Azman) while creating my ADAM instance. I opened the azman, created a store in my ADAM instance, then created an application. Created a role named "Reader" and added some windows users to these roles from Azman. Now , when I open the "ADAM ADSI EDIT" and connected to my ADAM instance. When I browsed it, I could see the roles that I created in Azman in it. But it doesnt show me the users added to the roles.

    Now I am confused. When I add a user to a role from AD to Azman thru Azman, what is happening in the backgroud? Is the user attributes available in ADAM?

    – If yes, why I am not able to see the user? How can I edit the user attributes from ADAM? Can I add some extra attributes to the user?

    – If the user doesnt exist, I wonder how I will do the synchronisation of AD and ADAM? If a user gets deleted from AD, how will my ADAM gets to know about it?