John Howard has a 3-post series on his blog that explains the Hyper-V authorization model, and shows you how to achieve delegated VM administration with AzMan, the engine and toolset for making role based access checks and defining authorization policy that you use in Hyper-V.

If the Authorization Manager Team Blog had some amusing image of a super-hero (cue vo.o. “AZZZ-MANNNN!”), I’d use it here, for grins. They don’t. Instead, they share lots of good info about Hyper-V auth for Role Based Access Control (RBAC).

  1. Explaining the Hyper-V authorization model, part one
  2. Explaining the Hyper-V authorization model, part two
  3. Explaining the Hyper-V authorization model, part three

NOTE: If you manage your Hyper-V environment with SCVMM, see their documentation about authorization, because SCVMM replaces the default Hyper-V authorization store. See this post for the upshot.

For more info see: