Authorization manager
CCF Authorization component allows applications to be mapped to users, groups and roles. These Application Mappings can be stored either in AzMan or in the CCF database. For more information, see Configuring Authorization Manager.
If you choose to use SQL server to store authorization information, ensure to use the high availability solutions described in the above sections. If you choose to use Windows Authorization Manager to store authorization information, Azman allows persistence into:
XML document. It recommended that you use a XML document for development environment but not for production environment.
Active Directory. The Active Directory store allows applications to take advantage of the existing domain infrastructure to provide the application with storage, availability, redundancy, and distribution of the authorization policy.
-
- To use Active Directory to store the Authorization Manager policy, the domain must have a functional level of Windows Server 2003
- In such scenario, CCF high-quality access to Authorization Manager Policy. It is recommended to have CCF Servers closed to a Domain Controllers. (Only for CCF Core Services role)
- It is recommended that you use this option when groups with more than 5000 members are required.
SQL Server (Windows 2008 only). By using this option, Azman will create a new Database to store profiling information.
For more information about Authorization Manager, refer to https://technet.microsoft.com/en-us/library/cc732290.aspx. CCF also allows not using Microsoft Authorization manager. By choosing this option, you will only be able to map windows group to applications.