Adding Users to an Application Group in Script
In Authorization Manager, an application group is a group of users and user groups. An application group can contain other application groups, so groups of users can be nested. An application group is represented by an IAzApplicationGroup object.
To allow members of an application group to perform a task or set of tasks
Assign that application group to a role that contains those tasks.
Roles are represented by IAzRole objects.
The following example shows how to create an application group, add a user as a member of the application group, and assign the application group to an existing role. The example assumes that there is an existing XML policy store named MyStore.xml in the root directory of drive C, that this store contains an application named Expense, and that this application contains a role named Expense Administrator.
' Create the AzAuthorizationStore object.
Dim AzManStore
Set AzManStore = CreateObject("AzRoles.AzAuthorizationStore")
' Initialize the authorization store.
AzManStore.Initialize 2, "msxml://C:\MyStore.xml"
' Create an application object in the store.
Dim expenseApp
Set expenseApp= AzManStore.OpenApplication("Expense")
' Create an application group object.
Dim appGroup
Set appGroup = expenseApp.CreateApplicationGroup("Approvers")
' Add a member to the group.
' Replace with valid domain and user name.
appGroup.AddMemberName("domain\\username")
' Save information to the store.
appGroup.Submit
' Open a role object.
Dim adminRole
Set adminRole = expenseApp.OpenRole("Expense Administrator")
' Add the group to the role.
adminRole.AddAppMember("Approvers")
' Save the information to the store.
adminRole.Submit
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for