Book Image

Learning Microsoft Windows Server 2012 Dynamic Access Control

By : Jochen Nickel
Book Image

Learning Microsoft Windows Server 2012 Dynamic Access Control

By: Jochen Nickel

Overview of this book

Identifying and classifying information inside a company is one of the most important prerequisites for securing the sensitive information of various business units. Windows Server 2012 Dynamic Access Control helps you not only to classify information, but it also gives you the opportunity and the functionality to provide a safe-net policy across your file servers, showing you some helpful ways of auditing and access denied assistance to improve usability. Understanding the architecture, the design, and implementing the solution, to troubleshooting will be covered in a practical and easy-to-read manner. This book is packed with project-based examples with plenty of information about the architecture, functionality, and extensions of Dynamic Access Control to help you excel in real-life projects. The book guides you through all the stages of a successful implementation of Dynamic Access Control. Microsoft Windows Server 2012 Dynamic Access Control will teach you everything you need to know to create your own projects, and is an essential resource for reviewing or extending already existing implementations. The book initially takes you through the task of understanding all of the functionality and extensions with ideas and overviews to help guide you in the decision process. The whole architecture will be explained in the main building blocks of Dynamic Access control. You will have a strong foundation and understanding of the claims model and Kerberos. Classifying information, the hardest part of the prerequisites to fulfil, is also covered in depth. You will also spend time understanding conditional expressions, and the method used to deploy them across your file server infrastructure. A special chapter is included for handling the data quality and the integration in other systems and strategies. Last, but not least, to get your solution up and running you will learn how to troubleshoot a Dynamic Access Control solution.
Table of Contents (16 chapters)
Learning Microsoft Windows Server 2012 Dynamic Access Control
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Access Denied Remediation


For Access Denied Remediation (ADR), also known as Access-Denied Assistance, we need to extend our basic lab deployment with an Exchange Server. For saving resources, we will install the mail server on top of the file server. If you are not familiar with installing Exchange 2013, you can follow the Microsoft Test Lab Guide at http://social.technet.microsoft.com/wiki/contents/articles/15392.test-lab-guide-install-exchange-server-2013.aspx.

Understanding the ADR process

Create a File Server Administrator account called fisadmin" and provide a mailbox with the E-Mail address, for example, [email protected].

Before we go further with ADR, we need to understand how the access checks are working if Dynamic Access Control is involved. The following figure illustrates the process:

For more information about the access checks, see the following information/documents:

ADR is...