Export (0) Print
Expand All

IAzAuthorizationStore interface

The AzAuthorizationStore object defines the container that is the root of the authorization policy store.

Members

The IAzAuthorizationStore interface inherits from the IUnknown interface. IAzAuthorizationStore also has these types of members:

Methods

The IAzAuthorizationStore interface has these methods.

MethodDescription
AddDelegatedPolicyUser

Adds the specified SID in text form to the list of principals that act as delegated policy users.

AddDelegatedPolicyUserName

Adds the specified account name to the list of principals that act as delegated policy users.

AddPolicyAdministrator

Adds the specified security identifier (SID) in text form to the list of principals that act as policy administrators.

AddPolicyAdministratorName

Adds the specified account name to the list of principals that act as policy administrators.

AddPolicyReader

Adds the specified SID in text form to the list of principals that act as policy readers.

AddPolicyReaderName

Adds the specified account name to the list of principals that act as policy readers.

AddPropertyItem

Adds the specified principal to the specified list of principals.

CloseApplication

Unloads a specified IAzApplication object from the cache.

CreateApplication

Creates an IAzApplication object with the specified name.

CreateApplicationGroup

Creates an IAzApplicationGroup object with the specified name.

Delete

Deletes the policy store currently in use by the AzAuthorizationStore object.

DeleteApplication

Removes the IAzApplication object with the specified name from the AzAuthorizationStore object.

DeleteApplicationGroup

Removes the IAzApplicationGroup object with the specified name from the AzAuthorizationStore object.

DeleteDelegatedPolicyUser

Removes the specified SID in text form from the list of principals that act as delegated policy users.

DeleteDelegatedPolicyUserName

Removes the specified account name from the list of principals that act as delegated policy users.

DeletePolicyAdministrator

Deletes the specified SID in text form from the list of principals that act as policy administrators.

DeletePolicyAdministratorName

Removes the specified account name from the list of principals that act as policy administrators.

DeletePolicyReader

Deletes the specified SID in text form from the list of principals that act as policy readers.

DeletePolicyReaderName

Removes the specified account name from the list of principals that act as policy readers.

DeletePropertyItem

Removes the specified principal from the specified list of principals.

GetProperty

Returns the AzAuthorizationStore object property with the specified property ID.

Initialize

Initializes the authorization manager.

OpenApplication

Opens the IAzApplication object with the specified name.

OpenApplicationGroup

Opens the IAzApplicationGroup object with the specified name.

SetProperty

Sets the specified value to the AzAuthorizationStore object property with the specified property ID.

Submit

Persists changes made to the AzAuthorizationStore object.

UpdateCache

Updates the cache of objects and object attributes to match the underlying policy store.

 

Properties

The IAzAuthorizationStore interface has these properties.

PropertyAccess typeDescription

ApplicationData

Read/write

Sets or retrieves an opaque field that can be used by the application to store information.

ApplicationGroups

Read-only

Retrieves an IAzApplicationGroups object that is used to enumerate groups from the policy data.

Applications

Read-only

Retrieves an IAzApplications object that is used to enumerate applications from the policy store.

ApplyStoreSacl

Read/write

Sets or retrieves a value that indicates whether policy audits should be generated when the authorization store is modified.

DelegatedPolicyUsers

Read-only

Retrieves the SIDs of principals that act as delegated policy users in text form.

DelegatedPolicyUsersName

Read-only

Retrieves the account names of principals that act as delegated policy users.

Description

Read/write

Sets or retrieves a comment describing the operation.

DomainTimeout

Read/write

Sets or retrieves the time in milliseconds after which a domain is determined to be unreachable.

GenerateAudits

Read/write

Sets or retrieves a value that indicates whether run-time audits should be generated.

MaxScriptEngines

Read/write

Sets or retrieves the maximum number of Business Rule (BizRule) script engines that will be cached.

PolicyAdministrators

Read-only

Retrieves the SIDs of principals that act as policy administrators in text form.

PolicyAdministratorsName

Read-only

Retrieves the account names of principals that act as policy administrators.

PolicyReaders

Read-only

Retrieves the SIDs of principals that act as policy readers in text form.

PolicyReadersName

Read-only

Retrieves the account names of principals that act as policy readers.

ScriptEngineTimeout

Read/write

Sets or retrieves the time in milliseconds that the IAzClientContext::AccessCheck method will wait for a BizRule to complete execution before canceling it.

TargetMachine

Read-only

Retrieves the name of the computer on which account resolution should occur.

Writable

Read-only

Retrieves a value that indicates whether the object can be modified by the user context that called the Initialize method.

 

Remarks

The AzAuthorizationStore object is named according to the URL passed to the Initialize method. The object has no name within the policy store.

The application must ensure that the user context from which the Initialize method is called is used for all future access to the AzAuthorizationStore object, except for the IAzApplication::InitializeClientContextFromToken method.

Note  If an XML store is used over a network, the traffic is not automatically encrypted. IPsec can be used to encrypt the authorization information in transit.

Requirements

Minimum supported client

Windows Vista [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Redistributable

Windows Server 2003 Administration Tools Pack on Windows XP

Header

Azroles.h

Library

Azroles.lib

DLL

Azroles.dll

IID

IID_IAzAuthorizationStore is defined as edbd9ca9-9b82-4f6a-9e8b-98301e450f14

 

 

Community Additions

ADD
Show:
© 2014 Microsoft