PacktLib: Learning Microsoft Windows Server 2012 Dynamic Access Control

Learning Microsoft Windows Server 2012 Dynamic Access Control


About the Author

About the Reviewers


Getting in Touch with Dynamic Access Control

Business needs, purpose, and benefits

Inside the architecture of DAC

Building your smart test lab

Configuring Dynamic Access Control


Understanding the Claims-based Access Model

Understanding claims

Claims support in Windows 8/2012 and newer

Kerberos Armoring and Compound Authentication

Managing Claims and Resource properties

Using Claim Transformation and Filtering

Groups or DAC, let's extend our first solution


Classification and the File Classification Infrastructure

Map the business and security requirements

Different types and methods for tagging and classifying information

Manual Classification

Using the Windows File Classification Infrastructure

Data Classification Toolkit 2012

The Data Classification Toolkit wizard

Designing and configuring classifications


Access Control in Action

Defining expression-based Access policies

Deploying Central Access Policies

Identifying a Group Policy and registry settings

Configuring FCI and Central Access Policies

Building a staging environment using proposed permissions

Applying Central Access Policies

Access Denied Remediation


Auditing a DAC Solution

Auditing with conditional expressions

Claims-based Global Object Access Auditing

Configuring an effective auditing solution

Policy considerations

Extending the solution with System Center


Integrating Rights Management Protection

Windows 2012 AD RMS

Installing Rights Management Services

Rights Protected Folder

Classification-based encryption

Protecting your information with a combination


Extending the DAC Base Solution

Keeping Active Directory attributes up-to-date

Third-party tools for Dynamic Access Control

BYOD – using Dynamic Access Control


Automating the Solution

Identifying the complete solution

How other Microsoft products can assist you

Advanced architectures for Information Protection



Common misconfigurations

General troubleshooting

Advanced troubleshooting