Export (0) Print
Expand All

Authorization Interfaces

The following interfaces are used with authorization applications.

In this section

TopicDescription

IAzApplication

Defines an installed instance of an application. An IAzApplication object is created when an application is installed.

IAzApplication2

Inherits from the IAzApplication interface and implements additional methods to initialize IAzClientContext2 objects.

IAzApplication3

Provides methods to manage IAzRoleAssignment, IAzRoleDefinition, and IAzScope2 objects.

IAzApplications

Represents a collection of IAzApplication objects.

IAzApplicationGroup

Defines a collection of principals.

IAzApplicationGroup2

Extends the IAzApplicationGroup interface by adding support for the BizRule group type.

IAzApplicationGroups

Represents a collection of IAzApplicationGroup objects.

IAzAuthorizationStore

Defines the container that is the root of the authorization policy store.

IAzAuthorizationStore2

Inherits from the AzAuthorizationStore object and implements methods to create and open IAzApplication2 objects.

IAzAuthorizationStore3

Extends the IAzAuthorizationStore2 interface with methods that manage business rule (BizRule) support and caching.

IAzBizRuleContext

Contains information about a Business Rule (BizRule) operation.

IAzBizRuleInterfaces

Provides methods and properties used to manage a list of IDispatch interfaces that can be called by business rule (BizRule) scripts.

IAzBizRuleParameters

Provides methods and properties used to manage a list of parameters that can be passed to business rule (BizRule) scripts.

IAzClientContext

Maintains the state that describes a particular client.

IAzClientContext2

Inherits from the IAzClientContext interface and implements new methods that manipulate the client context.

IAzClientContext3

Extends the IAzClientContext2 interface.

IAzNameResolver

Translates security identifiers (SIDs) into principal display names.

IAzObjectPicker

Displays a dialog box that allows users to select one or more principals from a list.

IAzOperation

Defines a low-level operation supported by an application.

IAzOperation2

Extends the IAzOperation with a method that returns the role assignments associated with the operation.

IAzOperations

Represents a collection of IAzOperation objects.

IAzPrincipalLocator

Locates and chooses Active Directory Application Mode (ADAM) principals in Authorization Manager.

IAzRole

Defines the set of operations that can be performed by a set of users within a scope.

IAzRoleAssignment

Represents a role to which users and groups can be assigned.

IAzRoleAssignments

Represents a collection of IAzRoleAssignment objects.

IAzRoleDefinition

Represents one or more IAzRoleDefinition, IAzTask, and IAzOperation objects that specify a set of operations.

IAzRoleDefinitions

Represents a collection of IAzRoleDefinition objects.

IAzRoles

Represents a collection of IAzRole objects.

IAzScope

Defines a logical container of resources to which the application manages access.

IAzScope2

Extends the IAzScope interface to manage IAzRoleAssignment and IAzRoleDefinition objects.

IAzScopes

Represents a collection of IAzScope objects.

IAzTask

Describes a set of operations.

IAzTask2

Extends the IAzTask interface with a method that returns the role assignments associated with the task.

IAzTasks

Represents a collection of IAzTask objects.

IeAxiService

Initializes a system service object to install an ActiveX object when the current user does not have permission to install the object.

IeAxiServiceCallback

Called by the IeAxiSystemInstaller interface to verify that an ActiveX object can be installed.

IeAxiSystemInstaller

Installs an ActiveX object.

IEffectivePermission

Provides a means to determine effective permission for a security principal on an object.

IEffectivePermission2

Provides a way to determine effective permission for a security principal on an object.

ISecurityInformation

Enables the access control editor to communicate with the caller of the CreateSecurityPage and EditSecurity functions.

ISecurityInformation2

Enables the access control editor to obtain information from the client that is not provided by the ISecurityInformation interface.

ISecurityInformation3

Provides methods necessary for displaying an elevated access control editor when a user clicks the Edit button on an access control editor page that displays an image of a shield on that Edit button.

ISecurityInformation4

Enables the access control editor (ACE) to obtain the share's security descriptor to initialize the share page.

ISecurityObjectTypeInfo

Provides a means of determining the source of inherited access control entries (ACEs) in discretionary access control lists (DACLs) and system access control lists (SACLs).

 

Authorization interfaces are categorized according to usage as follows:

Access Control Editor Interfaces

The following interfaces are used with the access control editor.

ActiveX Installer Interfaces

ActiveX Installer provides the following interfaces.

Authorization Manager Interfaces

Authorization Manager provides the following interfaces.

 

 

Community Additions

ADD
Show:
© 2014 Microsoft