Does anyone have any more information about how to create or even use the AzMan authentication store in an Active Directory context? The only way I've managed to get vCAC installed is to use a single VM option for my PoC installation, putting all the roles on the same server and using a file-based authentication store. Whenever I tried to import the security.xml file, all kinds of errors resulted (frankly too many to post here - all spurious involving line exceptions in the import) - it simply didn't work as detailed in the Installation Guide pdf.
Also, I found fundemental things missing from the installation guide - either assumed or presumed by the writers - especially about the authentication store part and the database creation / linking part. Thinks like does the AzMan need to be done on a member server or a DC? What credentials are needed for the msldap string (if any)? If no credentials are supplied, how can the AzMan import be authorised as someone able to make schema changes? Do the new objects in AD need to be containers (CN) or organisational units (OU)? Do these need to be pre-created before running the tool? If so, what permissions do they need?
In this case, Google hasn't been my friend, and provides only circumstantial support for the issues / questions described above.
Does anyone have a proven work-through of this part of the process? I'm happy to write it up into a blog post to assemble bits of information if any are forthcoming - anything to help me get a multi-VM vCAC installation deployed.
Many thanks. 