MZ@ !L!This program cannot be run in DOS mode. $Rؕ3}3}3}H̴3}H̱3}Rich3}PEL!  j@̱.rsrc@@p 0H`!en o8qPrhstuvwxyz({@|X~p0H`x  8Ph    ( @X p             0 @ P ` p             0 @ P ` p               0  @  P  ` x8("%`0*(X-X0H4789d<>BC ENpHbLNxR T0New Authorization StoreMS Shell DlgP-&Select the authorization store type: P &Active Directory or Active Directory Application Mode (ADAM) P1 &XML file PB< I&Microsoft SQLPU-_Select the a&uthorization store schema: Pd  ?Schema version &1.0 P @Schema version &2.0P-Store &name:PP2&Locations...P-&Description:DP-&P)2OKP)2CancelP" 'Requires Windows Server 2003 domain functional level.Ps A version 1.0 store may be upgraded to version 2.0. A version 1.0 store may be accessed by clients designed for version 2.0, but will not have access to some functionality.PA version 2.0 store may not be downgraded to version 1.0. A version 2.0 store may not be accessed by clients designed for version 1.0 but all functionality will be available to clients designed for version 2.0PAȀ New ApplicationMS Shell DlgP&Name:PP$&Description:DP.PK&Version information (optional):DPUPrNote: The application name specified here must be the name that the managed application uses when initializing the Authorization Manager.PKLink WindowMore about <A>Authorization Manager application</A>.P2OKP2CancelȀ New ScopeMS Shell DlgP&Name:PP$&Description:DP.PTNote: Scope names are not arbitrary. You must choose scope names that are meaningful to the application being managed.Pn#For example, file-based applications would typically have scope names based on file paths, whereas Web-based applications would typically have scope names based on URLs.PKLink WindowMore about <A>Authorization Manager scopes</A>.P2OKP2CancelȀ GeneralMS Shell DlgPP(&Name:P(P($&Description:DP(.P(K&Store type:P(UP(iStore schema &version:P(sP(dA&Upgrade Schema Version...P(BPF#DUpgrading the Authorization Manager Store is a one-way operation that can not be undone.Ȁ Open Authorization StoreMS Shell DlgP &Select the authorization store type: P &Active Directory or Active Directory Application Mode (ADAM) P &XML file P*< I&Microsoft SQLP< Store &name:PHPH2&Browse...P\ KLink WindowMore about <A>Authorization Manager stores</A>.Po2OKPo2CancelȀ New Application GroupMS Shell DlgP&Name:PP$&Description:DP.PNGroup type: PZ &Basic Application Group Ph &LDAP Query Application Group Pu 3Business &Rule Application GroupPCDP DEPKLink WindowMore about <A>Authorization Manager application groups</A>.P2OKP2CancelȀ New Task DefinitionMS Shell DlgP&Name:PP$&Description:DP.PM&The operations and lower-level tasks that define this task: PWPSysListView32PF&Add...PQL^&RemovePd2Authorization R&ule...PKLink WindowMore about <A>Authorization Manager task definition</A>.P2OKP2CancelȀ"TasksMS Shell DlgP&Select the task definitions to add:PSysListView32Ȁ"OperationsMS Shell DlgP&Select the operation definitions to add:PSysListView32Ȁ New Operation DefinitionMS Shell DlgP&Name:PP$&Description:DP.PK&Operation number: PUDPiKLink WindowMore about <A>Authorization Manager operation</A>.Pz2OKPz2CancelȀGeneralMS Shell DlgPP(&Name:P(P($&Description:DP(.P(K&Version information (optional):DP(UP(t$Note: The application name specified here must be the name that the managed application uses when initializing the Authorization Manager.PAȀGeneralMS Shell DlgPP(&Name:P(P($&Description:DP(.P(TNote: Scope names are not arbitrary. You must choose scope names that are meaningful to the application being managed.P(n#For example, file-based applications would typically have scope names based on file paths, whereas Web-based applications would typically have scope names based on URLs.PAȀGeneralMS Shell DlgPP(&Name:P(P($&Description:DP(.ȀGeneralMS Shell DlgPP(&Name:P(P(#&Description:DP(-P(I&Operation number: P(SDȀ GeneralMS Shell DlgP(&Name:P(P($&Description:DP(.P(N&Group type:P(X@.@/@(mQ4Business Rule &Script...@(~5@>C6This business rule application group does not have a script loaded. Please load a script that defines the members of this group.@0PAȀLimitsMS Shell DlgP)Authorization rules: P +&Disable P *Enable with &no timeout value P+ ,Enable with specified &timeout valueP?Aut&horization rule timeout: PJHPWL(milliseconds)P\&Maximum number of cached authorization rules: PhHPx&LDAP query timeout: PHPW(milliseconds)PZ&Use Default ValuesPLLink WindowMore about <A>Authorization Manager store limits</A>.PAȀDefinitionMS Shell DlgP&The operations and lower-level tasks that define this task: PSysListView32PFA&dd...PQF^&RemovePd2A&uthorization Rule...Ȁ New Role DefinitionMS Shell DlgP&Name:PP$&Description:DP.PM&The tasks and lower-level roles that define this role: PWPSysListView32PF&Add...PQF^&RemovePd2A&uthorization Rule...PKLink WindowMore about <A>Authorization Manager role definition</A>.P2OKP2CancelȀMembersMS Shell DlgP&Users and groups that are members of this group: PSysListView32PE^&RemoveP;Select additional &members from:!P*9P):&Select...Ȁ"Add GroupsMS Shell DlgP&Select the groups to add:PuSysListView32P2OKP2CancelȀExclusionsMS Shell DlgP&Users and groups that are excluded from this group: PSysListView32PE^&RemoveP>Select additional &exclusions from:!P*9P):&Select...ȀQueryMS Shell DlgP The &LDAP query that defines the members of this group:DP@F Define &Query...@ZF%&Check SyntaxPAȀSecurityMS Shell DlgPAu&thorization Manager user role:!P P#&Users and groups that are assigned to this role: P-oSysListView32P2 A&dd...P=2^&RemovePMLink WindowMore about <A>Authorization Manager security</A>.PAȀ"Roles MS Shell DlgP&Select the role definitions to add:PSysListView32ȀDefinitionMS Shell DlgP&The tasks and lower-level roles that define this role: PSysListView32PFA&dd...PQF^&RemovePd2A&uthorization Rule...ȀAuditingMS Shell DlgPEnable:P &Runtime application initialization auditingP! &Authorization store change auditingP-(P90Link WindowMore about <A>Authorization Manager auditing</A>.PAȀ Authorization RuleMS Shell DlgPn&Script path:PxPx2&Browse...PScript type: P &VBScript P &JScriptPa&Reload Rule into StorePla&Clear Rule from StoreP2OKP2CancelPScri&pt source code:PXȀOptionsMS Shell DlgP "Authorization Manager &mode: P &Developer mode P: !&Administrator modePIn developer mode, users can create, deploy, and maintain applications. Users have unrestricted access to all features.PF #In administrator mode, users can deploy and maintain applications. Users have access to all features except they cannot create new applications and define operations.Pu2OKPu2CancelȀGeneralMS Shell DlgPP(&Name:P(P($&Description:DP(.P(QN$&Show DefinitionȀ"Add RoleMS Shell DlgP&Select the role definitions to add: PuSysListView32P2OKP2CancelȀRole DefinitionMS Shell DlgP2OKP2CancelP&The operations and tasks that define this role: P&SysListView32PF &Add...PQF^&RemovePAȀOpen Authorization StoreMS Shell DlgP2OKP2CancelP&Select Authorization store to open: PSysListView32ȀGeneralMS Shell DlgPP(&Name:P(P($&Description:DP(.Authorization ManagerrThe Authorization Manager allows you to set role-based permissions for Authorization Manager-enabled applications.K&Open Authorization Store... Opens an existing Authorization Manager store.F&New Authorization Store... Creates a new Authorization Manager store.NameType Description No Authorization Stores Selected4The Authorization Manager snap-in allows you to set role-based permissions for applications that have been Authorization Manager enabled. To use the Authorization Manager, you must first create an authorization store (if you are an application developer) or open an existing authorization store (if you are an administrator). To open an existing authorization store, on the Action menu, click Open Authorization Store. To create a new authorization store, on the Action menu, click New Authorization Store while in developer mode. For more information, press F1.K&New Application... Creates a new Authorization Manager application object.Business Rule Application Group)&New Scope... Creates a new scope object. %s PropertiesPAGeneralActive DirectoryXML fileAuthorization Store ApplicationBasic Application GroupLDAP Query Application GroupRole AssignmentTask ContainerScopeApplication GroupGroups ContainerApplication groupsP&New Application Group... Creates a new Authorization Manager application group.PATask Definitions ContainerCTasks are a set of operations needed to perform a basic user actionRole Assignments Container"Users and groups assigned to rolesRole Definition...=&New Task Definition... Creates a new task definition object. Operation Operation Definitions Container+Definitions of roles, tasks, and operationsG&New Operation Definition... Creates a new operation definition object. Container>Operations are individual functions defined by the applicationPAOperation DefinitionsQAn authorization store with the name %1 already exists. Specify a different name.OAn authorization store name cannot contain any of the following characters: %1.IAn application with the name %1 already exists. Specify a different name.GAn application name cannot contain any of the following characters: %1.CAn scope with the name %1 already exists. Specify a different name.3A scope name can contain only printable characters.BA group with the name %1 already exists. Specify a different name.@A group name cannot contain any of the following characters: %1.AA task with the name %1 already exists. Specify a different name.?A task name cannot contain any of the following characters: %1.AA role with the name %1 already exists. Specify a different name.?A role name cannot contain any of the following characters: %1. Business RuleAssign Users and Groups.<The Business Rule Application Group option is unavailable because the current Authorization Manager Store is a v1.0 store and does not support this kind of Application Group. To Upgrade the store, select the store node in the navigation tree, select the Action > Properties menu item and click the Upgrade button.[This action can not be undone because a store that uses the version 2.0 schema can not be downgraded to version 1.0. Clients designed for the version 1.0 schema can not access stores that use the version 2.0 schema, however the version 2.0 schema is required for access to functionality that depend on the schema changes. Do you want to continue?Microsoft SQL Server database+Active Directory in Application Mode (ADAM)GAn operation with the name %1 already exists. Specify a different name.EAn operation name cannot contain any of the following characters: %1.:Cannot create a new %2. The following problem occurred: %1hCannot find %1. Enter a different store name or click Browse to view the available authorization stores.GCannot open the authorization store. The following problem occurred: %1There are no operations defined. To define a new operation, right-click on the Operation Definitions container, and click the New Operation Definition command.There are no tasks defined. To define a new task, right-click on the Task Definitions container, and click the New Task Definition command.-No name is given. Enter a name and try again.IAn operation number is required. Enter an operation number and try again.SAn LDAP query timeout is required. Enter an LDAP query timeout value and try again.cAn authorization rule timeout is required. Enter an authorization rule timeout value and try again.A maximum number of cached authorization rules value is required. Enter a maximum number of cached authorization rules value and try again.The input value %1!u! is less than the minimum value of %2!u! for the authorization rule timeout. Enter a higher value and try again.Role Definitions Container>Roles are a set of tasks needed to perform a user job functionPA=&New Role Definition... Creates a new role definition object.1Cannot add %2. The following problem occurred: %1Role DefinitionAccount deleted (%1)Account unknown (%1)%1(%2)Account invalid (%1) AdministratorReaderThere are no roles defined. To define a new role, right-click on a Role Definitions container, and click the New Role Definition command.wThere are no groups defined. To define a new group, right-click on a Groups container, and click the New Group command. Where DefinedaAn operation with the number %1 already exists. Enter a different operation number and try again.KSystem could not perform this operation. The following problem occurred: %14New &Role Assignment... Selects the roles to assign.ACannot create the role object. The following problem occurred: %18From &Authorization Manager& From Authorization Manager.FFrom &Windows and Active Directory& From Windows and Active Directory.&Are you sure you want to delete %1 %2?The selected users and groups were assigned this role from a higher level object. They can be removed only from the object where they were assigned.One or more of the selected users and groups were assigned this role at higher level object. They can be removed only from the object where they were assigned. Do you want to remove other selected entries?Open Authorization Store&New Authorization StoreSelect Authorization RuleMThe authorization rule is longer than the maximum length of %1!u! characters.Cannot open file %1.4Cannot read file. The following problem occurred: %14Cannot delete %2. The following problem occurred: %1\%1 or one of its children has property sheets open. Close the property sheets and try again.BCannot enumerate child objects. The following problem occurred: %1CCannot save one or more changes. The following problem occurred: %11Cannot add %2. The following problem occurred: %1PA4&Select a container for the new authorization store.nCannot save %1 because it contains a syntax error. Launch the rule editor, correct the problem, and try again.LA role definition with the name %1 already exists. Specify a different name.2&Assign Users and Groups Assigns Users and Groups.3O&ptions... Displays Authorization Manager options.GroupUserUnknownComputerAdd Definition^The input value %1 is greater than the maximum value of %2. Enter a lower value and try again.}The input value %1!u! is less than the minimum value of %2!u! for the LDAP query timeout. Enter a higher value and try again.Cannot display properties for %1. This object may have been deleted. To refresh the current selection, on the Action menu, click Refresh.DCannot display properties for %2. The following problem occurred: %15Are you sure you want to delete the selected objects?MCannot delete %2. The following problem occurred: %1 Do you want to continue?PApAn Active Directory store name must be in the following format: CN=myStore,CN=Program Data,DN=nwTraders,DN=com.Operation Failed.CThere are no Active Directory Authorization Manager stores defined.}The input store location does not exist. Enter a different store location or click Locations to view the available locations.Delegated UserLA file or folder with the name %1 already exists. Specify a different name. %s Definition PropertiesGThe input store name has an incorrect format. Specify a different name.Cannot access Active Directory.C(already enabled at the authorization store and application levels)2(already enabled at the authorization store level)*(already enabled at the application level)/&Close Closes the selected authorization store.sCannot create a new authorization store. The domain controller must be in Windows Server 2003 functionality level.XCannot find %1. Enter a different rule name or click Browse to view the available rules.qThe file %1 is empty. Enter a different authorization rule file name or click Browse to view the available rules.PACannot read file %1.1&Runtime client context and access check auditing no timeout%1 cannot be delegated because it has roles and tasks defined with authorization rules. To delegate this scope, you must remove the authorization rules from all role and task definitions in this scope.`Delegating %1 prohibits role and task definitions in this scope from having authorization rules.xSince the %1 scope has been delegated, you cannot set authorization rules on role or task definitions within this scope.Windows and Active DirectoryAuthorization ManageroAll rules (*.vbs; *.js)|*.vbs;*.js|VBScript files (*.vbs)|*.vbs|JScript files (*.js)|*.js|All files (*.*)|*.*||The specified authorization store does not have a valid format. The valid formats are msxml://filepath or msldap://CN=myStore,CN=Program Data,DN=nwTraders,DN=com.Cannot find authorization store %1. To open an existing authorization store, on the Action menu, click Open Authorization Store.1Rel&oad Reloads the selected authorization store.CTo generate audits, the computer running the Authorization Manager application must have the Audit Object Access audit policy enabled. Also, the account the Authorization Manger application runs as must have the Generate Security Audits privilege. For additional information, click the Authorization Manager Auditing link.DAn object with the name %1 already exists. Specify a different name.?A role name cannot contain any of the following characters: %1.New Authorization Store#The folder you picked is not valid.PA From %1 ...Microsoft Corporation4VS_VERSION_INFO@%@%?StringFileInfo040904B0LCompanyNameMicrosoft CorporationTFileDescriptionAuthorization Managerr)FileVersion6.3.9600.16384 (winblue_rtm.130821-1623)0InternalNameAuthMan.LegalCopyright Microsoft Corporation. All rights reserved.JOriginalFilenameazroleui.dll.muij%ProductNameMicrosoft Windows Operating SystemBProductVersion6.3.9600.16384DVarFileInfo$Translation PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADD