IAzAuthorizationStore interface (azroles.h)
The AzAuthorizationStore object defines the container that is the root of the authorization policy store.
Inheritance
The IAzAuthorizationStore interface inherits from the IUnknown interface. IAzAuthorizationStore also has these types of members:
Methods
The IAzAuthorizationStore interface has these methods.
| IAzAuthorizationStore::AddDelegatedPolicyUser Adds the specified security identifier (SID) in text form to the list of principals that act as delegated policy users. (IAzAuthorizationStore.AddDelegatedPolicyUser) |
| IAzAuthorizationStore::AddDelegatedPolicyUserName Adds the specified account name to the list of principals that act as delegated policy users. (IAzAuthorizationStore.AddDelegatedPolicyUserName) |
| IAzAuthorizationStore::AddPolicyAdministrator Adds the specified security identifier (SID) in text form to the list of principals that act as policy administrators. (IAzAuthorizationStore.AddPolicyAdministrator) |
| IAzAuthorizationStore::AddPolicyAdministratorName Adds the specified account name to the list of principals that act as policy administrators. (IAzAuthorizationStore.AddPolicyAdministratorName) |
| IAzAuthorizationStore::AddPolicyReader Adds the specified security identifier (SID) in text form to the list of principals that act as policy readers. (IAzAuthorizationStore.AddPolicyReader) |
| IAzAuthorizationStore::AddPolicyReaderName Adds the specified account name to the list of principals that act as policy readers. (IAzAuthorizationStore.AddPolicyReaderName) |
| IAzAuthorizationStore::AddPropertyItem Adds the specified principal to the specified list of principals. (IAzAuthorizationStore.AddPropertyItem) |
| IAzAuthorizationStore::CloseApplication Unloads a specified IAzApplication object from the cache. |
| IAzAuthorizationStore::CreateApplication Creates an IAzApplication object with the specified name. |
| IAzAuthorizationStore::CreateApplicationGroup Creates an IAzApplicationGroup object with the specified name. (IAzAuthorizationStore.CreateApplicationGroup) |
| IAzAuthorizationStore::Delete Deletes the policy store currently in use by the AzAuthorizationStore object. |
| IAzAuthorizationStore::DeleteApplication Removes the IAzApplication object with the specified name from the AzAuthorizationStore object. |
| IAzAuthorizationStore::DeleteApplicationGroup Removes the IAzApplicationGroup object with the specified name from the AzAuthorizationStore object. |
| IAzAuthorizationStore::DeleteDelegatedPolicyUser Removes the specified security identifier (SID) in text form from the list of principals that act as delegated policy users. |
| IAzAuthorizationStore::DeleteDelegatedPolicyUserName Removes the specified account name from the list of principals that act as delegated policy users. (IAzAuthorizationStore.DeleteDelegatedPolicyUserName) |
| IAzAuthorizationStore::DeletePolicyAdministrator Removes the specified security identifier (SID) in text form from the list of principals that act as policy administrators. |
| IAzAuthorizationStore::DeletePolicyAdministratorName Removes the specified account name from the list of principals that act as policy administrators. (IAzAuthorizationStore.DeletePolicyAdministratorName) |
| IAzAuthorizationStore::DeletePolicyReader Removes the specified security identifier (SID) in text form from the list of principals that act as policy readers. |
| IAzAuthorizationStore::DeletePolicyReaderName Removes the specified account name from the list of principals that act as policy readers. (IAzAuthorizationStore.DeletePolicyReaderName) |
| IAzAuthorizationStore::DeletePropertyItem Removes the specified principal from the specified list of principals. (IAzAuthorizationStore.DeletePropertyItem) |
| IAzAuthorizationStore::get_ApplicationData Sets or retrieves an opaque field that can be used by the application to store information. (IAzAuthorizationStore.get_ApplicationData) |
| IAzAuthorizationStore::get_ApplicationGroups Retrieves an IAzApplicationGroups object that is used to enumerate IAzApplicationGroup objects from the policy data. (IAzAuthorizationStore.get_ApplicationGroups) |
| IAzAuthorizationStore::get_Applications Retrieves an IAzApplications object that is used to enumerate IAzApplication objects from the policy store. |
| IAzAuthorizationStore::get_ApplyStoreSacl Sets or retrieves a value that indicates whether policy audits should be generated when the authorization store is modified. (IAzAuthorizationStore.get_ApplyStoreSacl) |
| IAzAuthorizationStore::get_DelegatedPolicyUsers Retrieves the security identifiers (SIDs) of principals that act as delegated policy users in text form. |
| IAzAuthorizationStore::get_DelegatedPolicyUsersName Retrieves the account names of principals that act as delegated policy users. |
| IAzAuthorizationStore::get_Description Sets or retrieves a comment that describes the operation. (Get) |
| IAzAuthorizationStore::get_DomainTimeout Sets or retrieves the time in milliseconds after which a domain is determined to be unreachable. (Get) |
| IAzAuthorizationStore::get_GenerateAudits Sets or retrieves a value that indicates whether run-time audits should be generated. (Get) |
| IAzAuthorizationStore::get_MaxScriptEngines Sets or retrieves the maximum number of Business Rule (BizRule) script engines that will be cached. (Get) |
| IAzAuthorizationStore::get_PolicyAdministrators Retrieves the security identifiers (SIDs) of principals that act as policy administrators in text form. |
| IAzAuthorizationStore::get_PolicyAdministratorsName Retrieves the account names of principals that act as policy administrators. (IAzAuthorizationStore.get_PolicyAdministratorsName) |
| IAzAuthorizationStore::get_PolicyReaders Retrieves the security identifiers (SIDs) of principals that act as policy readers in text form. |
| IAzAuthorizationStore::get_PolicyReadersName Retrieves the account names of principals that act as policy readers. (IAzAuthorizationStore.get_PolicyReadersName) |
| IAzAuthorizationStore::get_ScriptEngineTimeout Sets or retrieves the time in milliseconds that the IAzClientContext::AccessCheck method will wait for a Business Rule (BizRule) to complete execution before canceling it. (Get) |
| IAzAuthorizationStore::get_TargetMachine Retrieves the name of the computer on which account resolution should occur. |
| IAzAuthorizationStore::get_Writable Retrieves a value that indicates whether the object can be modified by the user context that called the Initialize method. |
| IAzAuthorizationStore::GetProperty Returns the AzAuthorizationStore object property with the specified property ID. |
| IAzAuthorizationStore::Initialize Initializes the authorization manager. |
| IAzAuthorizationStore::OpenApplication Opens the IAzApplication object with the specified name. |
| IAzAuthorizationStore::OpenApplicationGroup Opens an IAzApplicationGroup object by specifying its name. (IAzAuthorizationStore.OpenApplicationGroup) |
| IAzAuthorizationStore::put_ApplicationData Sets or retrieves an opaque field that can be used by the application to store information. (IAzAuthorizationStore.put_ApplicationData) |
| IAzAuthorizationStore::put_ApplyStoreSacl Sets or retrieves a value that indicates whether policy audits should be generated when the authorization store is modified. (IAzAuthorizationStore.put_ApplyStoreSacl) |
| IAzAuthorizationStore::put_Description Sets or retrieves a comment that describes the operation. (Put) |
| IAzAuthorizationStore::put_DomainTimeout Sets or retrieves the time in milliseconds after which a domain is determined to be unreachable. (Put) |
| IAzAuthorizationStore::put_GenerateAudits Sets or retrieves a value that indicates whether run-time audits should be generated. (Put) |
| IAzAuthorizationStore::put_MaxScriptEngines Sets or retrieves the maximum number of Business Rule (BizRule) script engines that will be cached. (Put) |
| IAzAuthorizationStore::put_ScriptEngineTimeout Sets or retrieves the time in milliseconds that the IAzClientContext::AccessCheck method will wait for a Business Rule (BizRule) to complete execution before canceling it. (Put) |
| IAzAuthorizationStore::SetProperty Sets the specified value to the AzAuthorizationStore object property with the specified property ID. |
| IAzAuthorizationStore::Submit Persists changes made to the AzAuthorizationStore object. |
| IAzAuthorizationStore::UpdateCache Updates the cache of objects and object attributes to match the underlying policy store. |
Remarks
The AzAuthorizationStore object is named according to the URL passed to the Initialize method. The object has no name within the policy store.
The application must ensure that the user context from which the Initialize method is called is used for all future access to the AzAuthorizationStore object, except for the IAzApplication::InitializeClientContextFromToken method.
Note If an XML store is used over a network, the traffic is not automatically encrypted. IPsec can be used to encrypt the authorization information in transit.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista [desktop apps only] |
| Minimum supported server | Windows Server 2003 [desktop apps only] |
| Target Platform | Windows |
| Header | azroles.h |
| Redistributable | Windows Server 2003 Administration Tools Pack on Windows XP |