Using Active Directory to Configure AzMan on IIS

  • Article

You can configure AzMan on CCFIIS by using Active Directory as the store type. Make sure that the domain is Windows 2003 functional level. If not, raise it to the domain functional level. For more information about using Active Directory, see the Windows 2003 help.

To use Active Directory to configure AzMan

  1. Click Start, and then click Run.

  2. Type mmc in the text box, and then press Enter.

  3. Click File, and then click Add/Remove Snap-in.

  4. Click Add.

  5. In the new window, select AuthorizationManager, and then click Add.

  6. Close the new window, and then click OK.

  7. Right-click Authorization Manager, and then click Options.

  8. Select Developmentmode, and then click OK.

  9. Right-click Authorization Manager, and then click New Authorization Store.

  10. Select Active Directory.

  11. In the Store Name field, enter the connection information as shown below:

  12. CN= AzManCCF,DC=<CCF Domain>,DC=<Domain Controller>

  13. Click Ok.

  14. Right-click AzManCCF, and then click Properties.

  15. Click the Security tab.

  16. Select Reader from the Authorization Manager user roles list box.

  17. Click Add.

  18. Type the domain user ASPUSER in the new window, and then click OK.

  19. Click OK in the parent window.

  20. Right-click AzManCCF in the MMC snap-in, and then click New Application.

  21. In the New Application dialog box, enter the application name as CCF, and click OK. Repeat this step and add the application CCF_WORKFLOWS.

  22. Under CCF, right-click Groups, and then click New Application Group.

  23. In the New Application Group dialog box, enter the group name as Agent, and click OK.

  24. Right-click Agent, and then click Properties.

  25. In the agent Properties dialog box, select the Members tab.

  26. Click Add Windows Users and Groups.

  27. Type CCFUsers in the text box, enter the object names in the selection box, and then click OK.

  28. Click OK.

  29. Under the CCF application, open Definitions.

  30. Right-click Role Definitions, and then click New Role Definition.

  31. In the Role Definition dialog box, type the name AgentUsers, and then click OK.

  32. Right-click CCF, and then click New Scope.

  33. Type the hosted application name in the Name box. The name should be the same as the name in the Application table.

  34. Click the newly created hosted application scope.

  35. Right-click Role Assignments, and then click Assign Roles.

  36. Select AgentUsers, and then click OK.

  37. Right-click AgentUsers, and then click Assign Application Groups.

  38. Select Agent, and then click OK.

  39. Open the Web.config file in the Microsoft.Ccf.Csr.WebServices.CcfInfrastructure virtual directory.

  40. Update the AzManStore key’s value as follows:

  41. value="ldap://CN=AzManCCF,DC=<CCFDomainName"

  42. where CCF is the domain name.

To use Active Directory to add a new hosted application to AzMan

  1. Right-click CCF and then click New Scope.

  2. Type the host application name in the Name box. The name should be same as the name in the Application table.

  3. Click the newly created hosted application scope.

  4. Right-click Role Assignments, and click then Assign Roles.

  5. Select AgentUsers, and then click OK.

  6. Right-click AgentUsers, and then click Assign Application Groups.

  7. Select Agent, and then click OK.

  8. Open the Web.config file in the Microsoft.Ccf.Csr.WebServices.CcfInfrastructure virtual directory.

  9. Update the AzManStore key’s value as follows:

  10. value="msldap://CN=AzManCCF,DC=CCF"

  11. where CCF is the domain name.