I have an app that's using the AuthorizationStoreRoleProvider to authorize against a primary domain. We now have a secondary trusted domain from which users will access the app. Just wondering if it's possible to configurate an azman policy to authorize users against both domains? Azman is configured as an XML policy store (not in AD or ADAM).
1
votes
1 Answers
0
votes
Yes, it's possible. AzMan uses SIDs regardless of whether it is in AD or XML or SQL. SIDs are unique across domains. Since the secondary domain is trusted, your administrators should be able to easily select them from the Windows Object Picker for group assignments. If not, then you can add users to group assignments using the same technique you might use if you were using AD-LDS (ADAM) instead.
