Francois Beaussier & Aymeric Gaurat Apelli

Monday

AzMan utility project

I have recently worked with the Authorization Manager. The easiest way to interact with AzMan is to use azman.msc, the mmc snapin.

The provided UI is a good starting point but it's missing a lot of features that would be really useful when working on reasonably sized project.

Excel can help by providing a read only view of some of the AzMan store data, but nothing really great.

Fortunately, there is an API that is available. I actually spent most of my time writing my own little tools to do most of the work.

I have just started to compile a list of the features that I would have liked. I will start to write an application that will hopefully help azman users :)

○ Ability to copy store from one place to another
○ Auto assign operation ID
○ Warn when operation ID are identical
○ Provide easy reverse lookup like all users that can access this operation, etc…
○ Identify unreferenced items (e.g. this operation is not used)
○ Copy from one store to another (i.e. xml -> AD). Use filters (only operations, roles, ...)
○ Search in store. Add filters (only operations, tasks, roles, ...)
○ Diff between 2 stores
○ Merge 2 stores
○ Support for custom principals
○ Dump text / html version of the store
○ Display graphical view of the store, or launch azman.msc
○ Generate enums/code for operation/task/roles (c# & vb)
○ Generate script that creates the store
○ Generate Excel matrix (tasks vs. operations, roles vs. tasks, users vs. roles)

Well, I guess that I will have to start by prioritizing theses features :)