Re: AzMan Still the way to go?

From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 25 Aug 2006 11:59:14 -0500

Stefan is the man. He was one of the key guys on membership.

Your approach sounds reasonable. If provisioning the roles in SQL becoms a
problem due to the need to keep AD and SQL in sync in order to associate
users with roles, you might also consider using AD group membership for
roles. You can also just use Windows authentication in IIS instead of the
AD membership provider if you don't need forms-based authentication for your
application. That depends a lot on what the deployment model is, whether
you can use IWA to get SSO, the look and feel you want, etc. If you can
avoid using forms auth and the membership provider, I would.

Best of luck!

Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"John Graham" <jdgraham2@xxxxxxxx> wrote in message
news:1156517381.523277.148060@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Thank you all very much for the dialog. I already have Azman up and
running on my test box, but given the discussion and my novice skill
level, I think I'm going to take a step back from AzMan and use the SQL
Role provider, and AD for the authentication.

I just got Stefan Schackow's .net 2.0 Security, membership and Role
Management Book and I'm going to dive into that also for some best
practices.

Follow-Ups:
- Re: AzMan Still the way to go?
  - From: John Graham
- Re: AzMan Still the way to go?
  - From: Dominick Baier

References:
- Re: AzMan Still the way to go?
  - From: Joe Kaplan
- Re: AzMan Still the way to go?
  - From: Dominick Baier
- Re: AzMan Still the way to go?
  - From: John Graham

Prev by Date: Re: AzMan Still the way to go?
Next by Date: Re: AzMan Still the way to go?
Previous by thread: Re: AzMan Still the way to go?
Next by thread: Re: AzMan Still the way to go?
Index(es):
- Date
- Thread

Relevant Pages

Re: loop and recordset
... those members whose membership lapsed. ... Use the SQL language to return only the set of required ... This table obviously needs some constraints. ... ALTER TABLE enrollment_2 ADD ...
(microsoft.public.access.modulesdaovba)
Re: Replacing VS .NETs SQL Server Express Edition Integration
... As you said you already have an existing database that contains the ... membership structure, ... Replacing VS .NET's SQL Server Express Edition Integration ...
(microsoft.public.dotnet.framework.aspnet)
Re: DataAdapters and Parameters
... server goes down and we need to check a customer's membership. ... using SQL Server and ASP.NET via our intranet. ... I guess I could go with a synchronized SQL database?... ... >> downtime backup, that is why I am currently working with Access. ...
(microsoft.public.dotnet.framework.adonet)
Re: Bastion Host running SQL server 2000
... The local admin on the server does not have an SQL login individually ... > "I guess the lookup of group membership is somehow disabled. ...
(microsoft.public.sqlserver.security)
Re: What is the best approach?
... if you store your users in SQL and keep your ... If you were using Windows authentication, then the role membership would ...
(microsoft.public.dotnet.framework.aspnet.security)