Re: AzMan Still the way to go?

AzMan us seriously over built (tasks, operations) for just ASP.NET
roles but it works well for them none the less.

I think the xml option is for developers to use in dev before they are
let into AD in a live domain.

For an intranet site, NT auth and a seamless login is a nice feature,
having already authenticated users have to re-key credentials is
annoying.

You can always, later on, put up a form based auth site that issues an
auth ticket, using the same machine key, validated against some other
membership store, and redirect to the formally intranet only site if
you want to let non domain users in. You can also do this in reverse to
let domain users into an internet site, that is an NT auth site issuing
a ticket to get into a forms auth site.

And yes, you can use the SqlRoleProvider instead and that is the
default for the toolset and should work fine. But if your shop standard
is to keep it all in AD you use AzMan for application defined roles or
the WindowsTokenRoleProvider to use NT groups.

.