IT tutorials
 
Windows
 

Windows Server 2012 : Deploying Dynamic Access Control (part 1) - Preparing Claims

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
4/20/2014 9:36:01 PM

There is a basic workflow in deploying DAC. The key component of DAC is a central access policy. The workflow for creating a central access policy begins with configuring claims; as mentioned previously, these are properties used to compare user accounts and files to determine if a user has the requirements needed to access a file. These properties, or claims, are added to a resource property list.

The next steps involve the actual creation of the central access policy. The resource property list is applied to this policy. The policy is then published throughout the domain.

We can then deploy DAC to file servers, and the central access policy is pushed out to folder shares.

The last step is to validate DAC. The process is summed up in the chart in Figure 1.

Preparing Claims

When configuring claim types for users, you are adding existing Active Directory attributes to the list of attributes used to evaluate who gets access to what.

In this example deployment, we’ll use the Payroll user department as part of the calculation to determine whether a user has access to files in the Payroll folder share.

From Server Manager, open Tools and then Active Directory Administrative Center, and click Dynamic Access Control. Click Claim TypeNewClaim Type.

Under Source Attribute in the resulting window, scroll to look for Department; then, click that attribute and make Value Type equal String. Here, we are basing the existing Department attribute on the new claim type we will create.

Under Display Name, type Department and click OK. (See Figure 2.)

DAC basic deployment workflow
Figure 1. DAC basic deployment workflow

In the Active Directory Administrative Center, you will now see a new claim type.

Note

In Figure 2, you can see the option “Protect from accidental deletion.” This protection is enabled by default for objects created in DAC. If you want to delete an object, you must uncheck this option.

 
Others
 
- Windows Server 2012 : Managing Users and Data with Dynamic Access Control - The Building Blocks of DAC , Requirements and Predeployment Pointers
- Windows 7 : Using BitLocker Drive Encryption
- Windows 7 : Using System Protection (part 3) - Using previous versions
- Windows 7 : Using System Protection (part 2) - Creating a restore point, Returning to a Previous Restore Point, Undoing a System Restore
- Windows 7 : Using System Protection (part 1) - Turning System Protection on or off
- Windows 8 for Business : Disk Encryption - EFS, BitLocker and BitLocker To Go
- Windows 8 for Business : Domain Join and Group Policy
- Windows 8 : Customizing the Start Screen (part 5) - Adding Shutdown and Restart Tiles to the Start Screen, Customizing the Start Screen Background
- Windows 8 : Customizing the Start Screen (part 4) - Pinning a Website to the Start Screen,Displaying the Administrative Tools on the Start Screen
- Windows 8 : Customizing the Start Screen (part 3) - Turning Off a Live Tile, Pinning a Program to the Start Screen
 
25 Inspiring Game of Thrones Quotes
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
programming4us programming4us
 
Popular tags
 
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS