You can use a Microsoft SQL Server database as the repository for your authorization store. In order to connect to a SQL Server store, use the following procedure.
You must be a member of the Authorization Manager Administrator role to complete this procedure. By default, Administrators is the Windows group membership required to do so. Review the details in "Additional considerations" in this topic.
Connecting to an SQL-based authorization store
When creating or opening an authorization store, type a URL beginning with the protocol prefix MSSQL://.
The syntax for the URL is:
mssql://<connection string>/<database name>/<policy store name>
- <connection string> is any valid
SQL Server connection string,
- <database name> is the name of
the database where the store will be saved, and
- <policy store name> is the name
of the particular store.
Connections to a SQL store are not encrypted unless you explicitly set up SQL encryption for the connection or set up encryption of the network traffic that uses Internet Protocol security (IPsec). For information about configuring SQL encryption or configuring IPsec, see SQL Server product documentation (http://go.microsoft.com/fwlink/?LinkId=131607).
- If the instance of SQL Server doesn't have
the named Authorization Manager database, Authorization Manager
will create a new database of this name. Otherwise, the new store
will be created within the same named database.
- The database administrator responsible for
the computer running SQL Server must configure security on the
computer to allow the Authorization Manager database to be created
- If you are not familiar with connection
string syntax, see the documentation provided with
Microsoft SQL Server 2008 or
Microsoft SQL Server 2005, or visit the Microsoft
Web site and see Connection String Syntax