Index
A
- Access-denied assistance / Access-denied assistance
- Access Control Entries (ACE) / Defining expression-based Access policies
- Access Control Entry (ACE) / Understanding claims
- ACL / Access Control Lists
- ACS
- Forwarders / Extending the solution with System Center
- Collector / Extending the solution with System Center
- Database / Extending the solution with System Center
- ACS Collector / Extending the solution with System Center
- ACS Database / Extending the solution with System Center
- ACS Forwarders / Extending the solution with System Center
- Active Directory
- Active Directory Administrative Center (ADAC) / Infrastructure requirements
- Active Directory Federation Services (ADFS) / Windows 2012 AD RMS
- Active Directory trust / Active Directory trust
- ADfind
- administrative delegation
- about / Administrative delegation
- ADR
- about / Access Denied Remediation, Understanding the ADR process
- URL / Understanding the ADR process
- E-Mail model / Understanding the ADR process
- Web Service model / Understanding the ADR process
- implementing / ADR – a step-by-step guide
- AD RMS
- URL / Installing Rights Management Services
- in SAP environment / AD RMS in a SAP environment
- Advanced Security Editor
- Permissions tab entries / The order of entries in the Permissions tab
- Central Policy tab / The Central Policy tab
- Advanced troubleshooting
- domain function level / Domain function level
- Active Directory trust / Active Directory trust
- CTP / Claim Transformation Policy (CTP)
- Alternate Data Stream (ADS) / Using the Windows File Classification Infrastructure
- application, tag / Different types and methods for tagging and classifying information
- Audit Collection Service (ACS) / Extending the solution with System Center
- auditing
- configuring / Policy considerations
- auditing solution
- configuring / Configuring an effective auditing solution
- audit policy
- about / Policy considerations
- Authentication Service (AS) / Kerberos Armoring
- authoritative system
- automatic classification, tag / Different types and methods for tagging and classifying information
B
- Base Windows 2012 R2 Test Lab Guide
- BHOLD suite
- Bring Your Own Device (BYOD) / Business needs, purpose, and benefits
- business
- needs / Business needs, purpose, and benefits
- purpose of / Business needs, purpose, and benefits
- benefits / Business needs, purpose, and benefits
- mapping / Map the business and security requirements
- BYOD
- Dynamic Access Control, using / BYOD – using Dynamic Access Control
C
- Central Access Policy / Central Access and Audit policies, Central Access Policy
- deploying / Deploying Central Access Policies
- legal department information, protecting with / Protecting the legal department's information with Central Access Policies
- configuring / Configuring FCI and Central Access Policies
- applying / Applying Central Access Policies
- misconfiguration issues / Common misconfigurations
- Central Access Policy (CAP) / Business needs, purpose, and benefits
- Central Policy tab / The Central Policy tab
- claims
- about / Understanding claims
- Claims Transformation Policies (CTP) / Infrastructure requirements
- claim transformation
- Claim Transformation Policies (CTPs)
- claim type-based filtering / Using Claim Transformation and Filtering
- claim type-based transformation / Using Claim Transformation and Filtering
- classification
- designing / Designing and configuring classifications
- configuring / Designing and configuring classifications
- Classification-based encryption
- about / Classification-based encryption
- classification enhancements / Classification enhancements
- classification tool / Classification
- complete solution
- identifying / Identifying the complete solution
- Compound Authentication
- about / Compound Authentication
- conditional expressions
- auditing with / Auditing with conditional expressions
- containers
- permissions, delegating / How other Microsoft products can assist you
- conventions
- naming / Naming conventions
- CTP / Claim Transformation Policy (CTP)
D
- Dameware AD Management Tools
- Data Classification Toolkit
- Data Classification Toolkit 2012
- about / Data Classification Toolkit 2012
- Data Classification Toolkit Claims Wizard
- Data Classification Toolkit wizard
- data quality
- in Active Directory / Data quality of Active Directory attributes
- data validation
- DCT
- Department attribute / Understanding claims
- device claims / User and device claims
- checking / Checking the user and device claims
- Device claims / Understanding claims
- domain connectivity / Domain connectivity
- Domain Controller count / Domain Controller count
- Domain Functional Level (DFL)
- domain function level / Domain function level
- Dynamic Access Control
- components / Building blocks
- infrastructure requirements / Infrastructure requirements
- user claims / User and device claims
- device claims / User and device claims
- expression-based access control / Expression-based access rules
- classification enhancements / Classification enhancements
- Central Access Policy / Central Access and Audit policies, Central Access Policy
- Access-denied assistance / Access-denied assistance
- configuring / Configuring Dynamic Access Control
- monitoring / Monitoring your Dynamic Access Control scenarios
- third party tools / Third-party tools for Dynamic Access Control
- classification tool / Classification
- RMS Protection / RMS Protection
- auditing / Auditing
- using, in SharePoint / Using DAC in SharePoint
- used, for BYOD / BYOD – using Dynamic Access Control
E
- encryption rule
- creating / Encryption rule
- expression-based access control / Expression-based access rules
- expression-based access policy
- defining / Defining expression-based Access policies
F
- FCI
- configuring / Configuring FCI and Central Access Policies
- file-based management agent
- File Classification Infrastructure (FCI)
- about / Resource properties
- URL / Rights Protected Folder
- File Management Task (FMT) / Rights Protected Folder
- file retention
- about / File retention
- File Server Classification Infrastructure (FCI) / Infrastructure requirements
- File Server Resource Manager (FSRM) / Infrastructure requirements, Configuring FCI and Central Access Policies, File retention
- filtering
- using / Using Claim Transformation and Filtering
- value-based filtering / Using Claim Transformation and Filtering
- claim type-based filtering / Using Claim Transformation and Filtering
- claim type-based transformation / Using Claim Transformation and Filtering
- FIM
- FIM 2010 R2 Synchronization Service
- installing, URL / How other Microsoft products can assist you
- FIM QuickStart Tool
- Finance Data Classification Rule / Configuring FCI and Central Access Policies
- Finance Data Sensitive Data Classification Rule / Configuring FCI and Central Access Policies
- Flexible Authentication Secure Tunneling (FAST) / Kerberos Armoring
G
- Global Object Access Auditing
- about / Claims-based Global Object Access Auditing
- Dynamic Access Control, monitoring / Monitoring your Dynamic Access Control scenarios
- global object access policy
- configuring / Configuring an effective auditing solution
- group policy
- identifying / Identifying a Group Policy and registry settings
- group policy settings
- requisites / Identifying a Group Policy and registry settings
H
- Halocore
- High Business Impact (HBI) / Map the business and security requirements
I
- IFilters
- information access
- testing / Information access
- information classification
- manual classification / Manual Classification
- Information Protection
- architecture / Advanced architectures for Information Protection
- Information Worker (IW) / Different types and methods for tagging and classifying information
- infrastructure requirements / Infrastructure requirements
- Internet Information Services (IIS) / Windows 2012 AD RMS
J
- JiJi AuditReporter
- about / Auditing
K
- KDC AS (KDC Authentication Service) / Kerberos authentication enhancements
- Kerberos
- URL / Compound Authentication
- Kerberos Armoring
- about / Kerberos Armoring
- Kerberos authentication enhancements
- about / Kerberos authentication enhancements
- Kerberos Security Support Provider / Kerberos authentication enhancements
- Key Distribution Center (KDC) / Kerberos authentication enhancements
- Privilege Attribute Certificate (PAC) / Kerberos authentication enhancements
- NT Token sections / Kerberos authentication enhancements
- Kerberos Distribution Center (KDC) / Understanding claims
- Kerberos Security Support Provider / Kerberos authentication enhancements
- Key Distribution Center (KDC) / Kerberos authentication enhancements
- klist command / Advanced Security Editor
L
- LDAP Administrator commercial
- Left-hand-side (LHS) Conditional Expression / Defining expression-based Access policies
- legal department information
- protecting, with Central Access Policy / Protecting the legal department's information with Central Access Policies
- Location-based, tag / Different types and methods for tagging and classifying information
- Low Business Impact (LBI) / Map the business and security requirements
M
- Manual, tag / Different types and methods for tagging and classifying information
- manual classification / Manual Classification
- Microsoft SharePoint / Using DAC in SharePoint
- Moderate Business Impact (MBI) / Map the business and security requirements
N
- National Institute of Standards and Technology (NIST) / Data Classification Toolkit 2012
- NT Token sections / Kerberos authentication enhancements
O
- OK button / Deploying Central Access Policies
P
- Payment Card Industry Data Security Standard (PCI-DSS) / Data Classification Toolkit 2012
- performance monitoring counters
- about / Domain Controller count
- permissions
- URL / Windows 2012 AD RMS
- Permissions tab entries / The order of entries in the Permissions tab
- Personally Identifiable Information (PII) / Using the Windows File Classification Infrastructure
- Personally Identifiable Information property / Using the Windows File Classification Infrastructure
- Power Shell native
- Privilege Attribute Certificate (PAC) / Kerberos authentication enhancements
- proposed permissions
- used, for building staging environment / Building a staging environment using proposed permissions
Q
- Quest PowerGui
R
- Reference Resource Property object
- about / Resource properties
- Regex Buddy
- registry settings
- identifying / Identifying a Group Policy and registry settings
- Remote Server Administration Tools (RSAT) / Infrastructure requirements
- resource properties
- about / Resource properties
- Resource Property object
- about / Resource properties
- Right-hand-side (RHS) Conditional Expression / Defining expression-based Access policies
- Rights Management Services
- installing / Installing Rights Management Services
- rights management template
- creating / The rights management template
- Rights Protected Folder Explorer
- RMS Protection / RMS Protection
- RPF
- about / Rights Protected Folder
- building / Building the RPF example in your environment
S
- Security Compliance Manager
- Security Identifier (SID) / Infrastructure requirements, Understanding claims
- security requirements
- Service Principal Name (SPN) / Advanced Security Editor
- SharePoint
- Dynamic Access Control, using / Using DAC in SharePoint
- smart test lab
- building / Building your smart test lab
- Solarwinds AD admin tools
- solution
- extending, with System Center / Extending the solution with System Center
- staging environment
- building, proposed permissions used / Building a staging environment using proposed permissions
- Supported file types
- syntax
- for claims, URL / Naming conventions
- for resource properties, URL / Naming conventions
- System Center
- solution, extending with / Extending the solution with System Center
T
- tags
- Location-based / Different types and methods for tagging and classifying information
- Manual / Different types and methods for tagging and classifying information
- automatic classification / Different types and methods for tagging and classifying information
- application / Different types and methods for tagging and classifying information
- TechNet article
- Ticket Granting Service (TGS) / Kerberos Armoring
- TITUS / Using DAC in SharePoint
- Transformation claims / Understanding claims
- troubleshooting
- Domain Controller count / Domain Controller count
- data quality, in Active Directory / Data quality of Active Directory attributes
- user claims, checking / Checking the user and device claims
- device claims, checking / Checking the user and device claims
- domain connectivity / Domain connectivity
- Advanced Security Editor / Advanced Security Editor
- FCI / FCI - resource conditions and resource properties
- ACL / Access Control Lists
U
- user claims / User and device claims
- checking / Checking the user and device claims
- User claims / Understanding claims
V
- value-based filtering / Using Claim Transformation and Filtering
W
- Web Service model / Understanding the ADR process
- Windows 2012 AD RMS
- about / Windows 2012 AD RMS
- Windows File Classification Infrastructure
- Windows Server 2008 R2
- Windows Sysinternals suite
- Work Folders