2.1.5 Verify Authorization

The following diagram shows the Authorization Manager architecture and its processes for verifying authorization.

Authorization Manager architecture

Figure 13: Authorization Manager architecture

The Authorization Manager centralized access policy database can be kept either on an Active Directory server, a file server, or a SQL server. The Authorization Manager (AzMan) Policy File Format [MS-AZMP] contains the XML schema definitions of Authorization Manager access control policies.

The following table shows the mapping of the policy server with the corresponding protocol(s) used.

Policy server

Protocols used

Active Directory

Lightweight Directory Access Protocol (v3) [MS-ADTS]

File server

File access protocols [MS-CIFS], [MS-SMB], and [MS-SMB2]

SQL Server

Tabular Data Stream Protocol [MS-TDS]

For more details on Authorization Manager, see [MSDN-AuthMgr].