Jul 21, 2009 at 1:17 AM

You have done a great job! I have a couple of questions hopefully you can answer.

Question # 1:

When I run MMC I can only see Items and Task. No icon for Operations is showing (both under the definitions and authorizations)

At first I thought maybe you have removed operations feature. So I went to netsqlazman_ItemsTable and entered a test operation with Item Type 2. After this in MMC I still cannot see a node for Operations. But looking at the hierarchy view, it shows my test operation. Any ideas?

Question # 2:

For our business, we have different roles with fixed tasks and then operations under tasks. For example: When a user registers with us, we assign him Members role. Member role comes with a Task (Claims) and (Claims) Task has one operation under it (View Self Claims).

So the tree is Members > Claims > View Self Claims (can only view own claims)

This works ok. However, we have cases where wife give permission to her husband to view her claims. For that I can create an Operation (View Spouse Claims). The problem is that I cannot assign the (View Spouse Claims) to the Claims Task because then the member role will automatically authorize every member to view the claims of their spouse.

So my question is: is it possible to declare an operation and without assigning it to any role or task, directly assign it to a username?

Jul 21, 2009 at 7:28 AM


Question # 1:

You are running MMC in Administrator mode … instead of Developer mode.

Administrator mode is designed for Analysts (they can see Roles and Tasks only).

In Developer mode you can see all (Roles, Tasks, Operations).

To switch …

· open NetSqlAzMan SnapIn

· right click on “.NET Sql Authorization Manager” node

· Options – Mode & Logging

· Choose “Developer Mode”

Question # 2:

No problem

When you have switched into the Developer Mode you can authorize a single User to a single Operation (Item Authorizations – Operation Authorization – Manage Authorizations).



