Start Authorization Manager

Applies To: Windows Server 2008


Authorization Manager is available for use in the following versions of Windows: Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows XP, Windows Vista, Windows 7, and Windows 8. It is deprecated as of Windows Server 2012 R2 and may be removed in subsequent versions.

Authorization Manager can be run as a stand-alone console or as a snap-in added to a Microsoft Management Console (MMC). You can start Authorization Manager using the Windows interface or from a command line.

Administrators is the minimum group membership required to complete this procedure. Review the details in "Additional considerations" in this topic.

To start Authorization Manager by using the Windows interface

  1. Click Start, click All Programs, then click Accessories, then click Run.

  2. In the Open text box, type azman.msc, and then press Enter.

  3. If a Windows Security prompt appears, provide the requested permission or credentials.

To start Authorization Manager by using a command line:

  • At a command prompt, type azman.msc and press Enter.

Additional considerations

  • Authorization Manager opens without a default authorization store. To use Authorization Manager, you need to create or open an authorization store.

  • You can configure your own Microsoft Management Console (MMC) that includes Authorization Manager as part of that console. For more information, refer to "Additional references" in this topic.

  • Authorization Manager opens with the same configuration as at the time you closed the console.

  • Depending on the configuration of your computer, the User Account Control prompt may or may not appear. It will not appear if you are logged in with the built-in Administrator account (the local Administrator account is disabled by default in this version of Windows).

  • By default, members of the local group Administrators, have sufficient rights and privileges to complete this task. In your environment, security may be managed such that non-administrators have additional rights.

  • If User Account Control is enabled, it can be configured to allow non-administrators to enter the credentials of an administrator to complete administrative tasks without being a member of the Administrators group.

Additional references