Welcome to MSDN Blogs Sign in | Join | Help

Custom Authentication with AzMan - (A note on SID datatype)

There are  multiple ways to implement custom authentication with AzMan but if you are using an approach with custom SIDs (security identifiers), you should be aware of the data type for a SID.

Each sub authority is of type ULONG (32 bit) numeric which means numbers less than 4294967295 and no hex characters. So the format recommended for a Custom SID is S-1-9-1-1 through S-1-9-4294967295-4294967295. There is no validation based on sub authority either e.g. S-1-5 isn’t evaluated in AzMan any different from any other but you run the risk of collision with well known SIDs or prod AD SIDs . ( Thanks Sudheer! )

 

Regards,

David

 

 

Published Wednesday, August 23, 2006 1:42 PM by dc995
Filed under:

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Custom Authentication with AzMan - (A note on SID datatype)

Thursday, September 06, 2007 11:18 AM by Craig

Hi, can you point me to the article on Custom Auth with Azman?

Here's my scenario - client has Membership (System.Web.Security.Membership) rolled out configured to use sql server to store the users instead of Active Directory.

Membership doesn't provide that granular control required for their application, so I'm investigating alternatives. I like the way AZMan gives you that control, is there any way I could merge the two technologies? i.e. Give them the ability to use Membership as is to manage authentication against a sql store, and then use the granular Auth capabilities of AzMan - or am I asking too much ;-)

Thanks!

Craig

# re: Custom Authentication with AzMan - (A note on SID datatype)

Wednesday, October 24, 2007 4:05 PM by dc995

Developing Applications Using Windows Authorization Manager

David Crawford, Dave McPherson

Contributors: Durga Prasad Sayana, Mei Wilson, Shawn Wu, Sudheer Mamidpaka, Sunil Gottumukala, Sunil Kadam, Chris Jackson, Eric Huebner

Microsoft Corporation

August 2006

http://msdn2.microsoft.com/en-us/library/aa480244.aspx

Leave a Comment

(required) 
required 
(required) 

  
Enter Code Here: Required
 
Page view tracker