cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Dynamic Access Control intro on Windows Server blog
By
Ned Pyle
Published Apr 04 2019 07:21 PM 565 Views
Ned Pyle
Microsoft
‎Apr 04 2019 07:21 PM

Dynamic Access Control intro on Windows Server blog

‎Apr 04 2019 07:21 PM
First published on TechNet on May 22, 2012
Hey all, Ned here with a quick “xerox” post: the Dynamic Access Control developers have released a good intro on their octo-feature through the Windows Server Blog:
Introduction to Windows Server 2012 Dynamic Access Control

It’s written by Nir Ben-Zvi, a Program Manager on the Windows Server development team. If you’re unfamiliar with DAC, this is a great first read. Here’s a quote:

These focus areas were then translated to a set of Windows capabilities that enable data compliance in partner and Windows-based solutions.

  • Add the ability to configure Central Access and Audit Policies in Active Directory. These policies are based on conditional expressions that take into account the following so that organizations can translate business requirements to efficient policy enforcement and considerably reduce the number of security groups needed for access control:

    • Who the user is

    • What device they are using, and

    • What data is being accessed



  • Integrate claims into Windows authentication (Kerberos) so that users and devices can be described not only by the security groups they belong to, but also by claims such as: “User is from the Finance department” and “User’s security clearance is High”

  • Enhance the File Classification Infrastructure to allow business owners and users to identify (tag) their data so that IT administrators are able to target policies based on this tagging. This ability works in parallel with the ability of the File Classification Infrastructure to automatically classify files based on content or any other characteristics

  • Integrate Rights Management Services to automatically protect (encrypt) sensitive information on servers so that even when the information leaves the server, it is still protected.


Click to the read the rest .

If you are looking for more depth and “how it works”, check out our very own Mike Stephens’ downloadable whitepaper:
Understand and Troubleshoot Dynamic Access Control in Windows Server "8" Beta

Until next time,

Ned “10 cent copies” Pyle
0 Likes
Like
Version history
Last update:
‎Apr 04 2019 07:21 PM
Updated by:
Labels