How to add users or groups to authorization roles

Current version: 8.2

You use the Authorization Manager to add individual users or user groups to a role.

Various roles exist for the Commerce Server business management features. You can simplify management of the roles by giving appropriate permissions to Windows groups and adding individual users to those groups. For a list of the groups needed to use the Commerce Server business management features, see What Are the Accounts and Groups to Create?

The following procedure describes how to add business users or groups to the authorization policy roles. Perform this procedure on computers where the Commerce Server Web services are run.

To add users to the authorization roles

  1. Click Start, click Run, type azman.msc, and then click OK.

  2. In the Authorization Manager screen, right-click Authorization Manager, and then click Open Authorization Store.

  3. In the Open Authorization Store dialog box, verify that the XML file option is selected, and then click Browse to locate the authorization policy for the Web service. For example, the catalog authorization policy XML file is located at <drive:>\Inetpub\Wwwroot\CatalogWebService.

  4. Select <authorization policy name>.xml, and then click Open.

  5. In the Open Authorization Store dialog box, click OK.

  6. Expand the authorization policy to \<authorization policy name>.xml\<System name>\Role Assignments\<Role name>. For example, \CatalogAuthorizationStore.xml\CatalogandInventorySystem\Role Assignments\CatalogAdministrator.

  7. Right-click <Role name>, and then click Assign Windows Users and Groups.

  8. In the Select Users, Computers, or Groups dialog box, in the Enter the object names to select box, type the name of the catalog administrator Windows group that you defined in What Are the Accounts and Groups to Create? For example, CatalogAdminGroup. Alternatively, you can type the name of an individual business user account. Click OK.

  9. Repeat steps 2 through 8 for each authorization policy role in each Web service authorization store.

What are the required accounts and groups to create?

Do you have some feedback for us?

If you have suggestions for improving this article,