Connect to an SQL-based Authorization Store

  • Article

Applies To: Windows Server 2008

Important

Authorization Manager is available for use in the following versions of Windows: Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows XP, Windows Vista, Windows 7, and Windows 8. It is deprecated as of Windows Server 2012 R2 and may be removed in subsequent versions.

You can use a Microsoft SQL Server database as the repository for your authorization store. In order to connect to a SQL server store, use the following procedure.

You must be a member of the Authorization Manager Administrator role to complete this procedure. By default, Administrators is the Windows group membership required to do so. Review the details in "Additional considerations" in this topic.

Connecting to an SQL-based authorization store

When creating or opening an authorization store, type a URL beginning with the protocol prefix MSSQL://.

The syntax for the URL is:

mssql://<connection string>/<database name>/<policy store name>

where:

  • <connection string> is any valid SQL Server connection string,

  • <database name> is the name of the database where the store will be saved, and

  • <policy store name> is the name of the particular store.

Examples

mssql://dsn=MyTestDataSource;/AzManDB/MyTestStore

mssql://Driver={SQL Server};Server={server1-test};/AzManDB/MyTestStore

Note

Connections to a SQL store are not encrypted unless you explicitly set up SQL encryption for the connection or set up encryption of the network traffic that uses IP Protocol Security (IPsec). For information about these encryption options, see help topics about encrypting a SQL connection or configuring IPsec.

Additional considerations

  • If the SQL server instance doesn’t have the named Authorization Manager database, Authorization Manager will create a new database of this name. Otherwise, the new store will be created within the same named database.

  • The database administrator responsible for the SQL Server must configure security on the SQL Server to allow the Authorization Manager database to be created and maintained.

  • If you are not familiar with connection string syntax, see the documentation provided with Microsoft SQL Server 2000 or Microsoft SQL Server 2005, or visit the Microsoft Web site and see Connection Strings (https://go.microsoft.com/fwlink/?LinkId=69663).

Additional references