The fourth screencast in the AzMan series by Keith Brown is now available on Channel9. It is titled, “AzMan on Windows Server Code Name “Longhorn” and Windows Vista.” Yes, developers can continue to take advantage of a new featured AzMan on these next generation client and server platforms. The AzMan product group did a significant amount of work to bring you the following new features:
- Support added for Microsoft SQL Server to also be a store for AzMan’s policy.
- Support for business rule groups, that is, groups whose membership is determined at run-time by a script.
- Support for custom object pickers, so that application administrators can use the AzMan MMC Snap-in for applications that use Active Directory Lightweight Directory Services (AD LDS, formerly named ADAM) or SQL user accounts.
- Improvements were made to the API to simplify the programmer’s need to perform commonly used queries and access checks.
- LDAP queries no longer are limited to only user objects.
- Additional events are recorded in the log if auditing is active.
- Significant efficiencies were targeted and gained in this version of AzMan in relationship to loading the store, access check time and store creation time.
If you want to see the new AzMan in action, go to your Windows Vista machine, choose Run… and type azman.msc. Click on the Help icon in the Microsoft Management Console (MMC) for documentation on the above mentioned features. Keith highlights several of these enhancements in the screencast. For more resources on AzMan, please refer to my blog post “Windows Authorization Manager (AzMan): The Best Kept Secret…”