Archives
-
Binding an ADAM principal to Azman
As I mentioned in a previous post, I had a lot of problems last week trying to bind an ADAM principal to Azman.
I found a way to do that using the Azman PIA but unfortunately it is not supported by the Azman Role provider shipped within ASP.NET 2.0.
There are two available versions of Azman PIA, 1.0 and 1.2. The latest version was released within the W2k3 SP 1 and contains some improvements compared with the version 1.0.
The only way I found to bind an ADAM principal to Azman was through the user’s SID -
Problems with Azman and ADAM
Configuring both products to work together can be a nightmare.
I've spent almost three days trying to configure Azman and ADAM membership providers in a normal ASP.NET application, but I couldn't.
I wanted to use ADAM as user/group repository and Azman as authorization repository (to have fine grained access control and manage roles).
This article from MSDN has helped me a lot to configure both products, but it's a little tricky. It shows how to use ADAM as a repository for the Azman schema, but not as authentication server. Instead it uses a windows user to get the azman roles. -
Default algorithms in WSE 3.0
WSE 2.0 and 3.0, both provide AES128 + RSA 1.5 as default algorithms for symmetric encryption and key-wrap.
However, AES256 + RSA-OAEP are always recommended for these purposes, and Indigo will ship with that combination as default.