FPCSecurityRoles Collection
The FPCSecurityRoles collection contains a set of individual FPCSecurityRole objects. Each FPCSecurityRole object defines a security role, or administrative role. An administrative role defines a set of rights, which authorize Windows users and groups to perform specific actions, such as administrative tasks.
Forefront TMG implements access control to all components of the configuration and monitoring information through the Windows security descriptors of the applicable objects. The discretionary access control list (DACL) in the security descriptor of each object defines the types of access, or permissions, that can be granted to users and groups and specifies the users and groups that have been granted each of the permissions defined.
When an administrative role is assigned to a user or group, Forefront TMG configures the DACL in the security descriptor of the corresponding objects to grant the permissions needed to perform the actions allowed by the role to the user or group. Forefront TMG also reconfigures the DACLs in the applicable security descriptors whenever the assignments of the administrative roles are modified or the Microsoft Forefront TMG Control service (isactrl) is restarted.
The FPCSecurityRoles collection for an array configuration includes three predefined administrative roles.
- Forefront TMG Array Monitoring Auditor.
- Forefront TMG Array Auditor.
- Forefront TMG Array Administrator.
When an enterprise with central array management is deployed, the FPCSecurityRoles collection for the enterprise configuration or an enterprise policy has two predefined administrative roles.
- Forefront TMG Enterprise Auditor.
- Forefront TMG Enterprise Administrator.
For more information about the specific permissions associated with each role, see the product documentation.
The FPCSecurityRoles collection is accessed through the SecurityRoles property of the FPCAdminSecurity object.
.png "Dd436540.bkbutton(en-us,MSDN.10).png")
Click here to see the Forefront TMG object hierarchy.
Inheritance
This collection inherits from the FPCPersist object, which contains methods and properties related to the persistent storage of an object's data. They include methods for exporting the object's data to and importing it from an XML document.
Methods
The FPCSecurityRoles collection defines the following method.
| Method | Description |
|---|---|
Returns the requested FPCSecurityRole object from the collection. |
Properties
The FPCSecurityRoles collection defines the following properties.
| Property | Description |
|---|---|
Gets an enumerator object for the collection. |
|
Gets the number of FPCSecurityRole objects in the collection. |
Methods Inherited from FPCPersist
| Name | Description |
|---|---|
| CancelWaitForChanges | Cancels the registration established by the WaitForChanges method (for use in C and C++ programming only). |
| CanImport | Returns a Boolean value that indicates whether the properties of the collection and its elements can be imported from the specified XML document. |
| Export | Writes the stored values of all the properties of the collection and its elements to the specified XML document. |
| ExportToFile | Writes the stored values of all the properties of the collection and its elements to the specified XML file. |
| GetServiceRestartMask | Retrieves a 32-bit bitmask of the FpcServices enumerated type that specifies which services need to be restarted for currently unsaved changes to take effect. |
| Import | Copies the values of all the properties of the collection and its elements from the specified XML document to persistent storage. |
| ImportFromFile | Copies the values of all the properties of the collection and its elements from the specified XML file to persistent storage. |
| LoadDocProperties | Provides the XML document's properties so that you can know what information can be imported from the document. |
| Refresh | Reads the values of all the properties of the collection and its elements from persistent storage, overwriting any changes that have not been saved. |
| Save | Writes the current values of all the properties of the collection and its elements to persistent storage. |
| WaitForChanges | Registers to wait for an event indicating that the contents of the object have changed (for use in C and C++ programming only). |
Properties Inherited from FPCPersist
| Name | Description |
|---|---|
| PersistentName | Gets the persistent name of the collection. The persistent name of an object is a name that is unique for the object at the respective level of the COM object hierarchy. |
| VendorParameterSets | Gets an FPCVendorParametersSets collection that can hold sets of custom data for extending the collection. |
Interfaces for C++ Programming
This collection implements the IFPCSecurityRoles interface.
Requirements
| Client | Requires Windows 7 or Windows Vista. |
| Server | Requires Windows Server 2008 R2 or Windows Server 2008 x64 Edition with SP2. |
| Version | Requires Forefront Threat Management Gateway (TMG) 2010. |
| IDL | Declared in Msfpccom.idl. |
See Also
Send comments about this topic to Microsoft
Build date: 6/30/2010