Windows 2003 SP1 & AzMan 1.1

Windows Server 2003 Service Pack 1 includes improvement in authorization store creation time and provides additional enumeration methods to optimize performance for specific queries.

In addition to new Authorization Manager queries, Service Pack 1 includes new interfaces to enable integration of ADAM principals and for use with Active Directory Federation Services. The new interfaces for SP1 are: (Click on each to see the SDK documentation and list of new methods for each.)

IAzAuthorizationStore2
IAzApplication2
IAzClientContext2

1 Comment

  • So anybody actually figured out what AzMan 1.1 provides in real terms over 1.0?



    If you have been working with AzMan 1.0 you will probably well know the issues around non-windows users and their SIDs (i.e. Extranet / Portal scenarios).



    Firstly, Windows 2003 Server SP1 certainly doesn't repair any of the shortcomings of the Authorization Manager mmc interface, so don't expect to be able to point it at ADAM and bring the users into AzMan.



    So, for anything tricky (or should I say non-windowsy) we are still stuck with a role-your-own approach to authentication call & administration. That's where I had held hope for the SP1 improvements. Particularly in avoiding having to do all the ConvertSidToStringSid mucking around.



    However the above isn't looking that promising to me at first glance. A new method that stood out was IAzClientContext2.AddStringSids, but what does this actually offer in terms of implementing a neater solution involving AzMan & ADAM?



    I guess when the documentation fails it is time to have a tinker!



    Any hints appreciated.

Comments have been disabled for this content.