An operation is a particular action or access that needs to be controlled or restricted by Authorization Manager. Operations are defined at the application level. Operations are combined into tasks at either the application or scope level.
You must be assigned to the Authorization Manager Administrator user role to complete this procedure. By default, Administrators is the minimum Windows group membership assigned to this role. Review the details in "Additional considerations" in this topic.
|Define an operation in Authorization Manager|
If necessary, open Authorization Manager.
If necessary, open or create an authorization store that contains an application.
In the console tree, expand the application, and then expand Definitions.
Right-click Operation Definitions, and click New Operation Definition.
Define the operation by providing a name, description, and operation number. The name and description are for your convenience. The operation number must be used by the calling program. The operation number is called an OperationID in the application programming interface (API). The number must be a positive integer, greater than zero (0). For more information, see "Additional references" in this topic.
- To perform this procedure, you need to have
access to an authorization store. By default, members of the
Administrators group have the required access, but
Authorization Manager allows you to delegate responsibility. For
more information, see Allow Other Users to
Administer an Authorization Store.
- To define an operation by using the
Authorization Manager console, you must use developer mode.