Book Image

Learning Microsoft Windows Server 2012 Dynamic Access Control

By : Jochen Nickel
Book Image

Learning Microsoft Windows Server 2012 Dynamic Access Control

By: Jochen Nickel

Overview of this book

Identifying and classifying information inside a company is one of the most important prerequisites for securing the sensitive information of various business units. Windows Server 2012 Dynamic Access Control helps you not only to classify information, but it also gives you the opportunity and the functionality to provide a safe-net policy across your file servers, showing you some helpful ways of auditing and access denied assistance to improve usability. Understanding the architecture, the design, and implementing the solution, to troubleshooting will be covered in a practical and easy-to-read manner. This book is packed with project-based examples with plenty of information about the architecture, functionality, and extensions of Dynamic Access Control to help you excel in real-life projects. The book guides you through all the stages of a successful implementation of Dynamic Access Control. Microsoft Windows Server 2012 Dynamic Access Control will teach you everything you need to know to create your own projects, and is an essential resource for reviewing or extending already existing implementations. The book initially takes you through the task of understanding all of the functionality and extensions with ideas and overviews to help guide you in the decision process. The whole architecture will be explained in the main building blocks of Dynamic Access control. You will have a strong foundation and understanding of the claims model and Kerberos. Classifying information, the hardest part of the prerequisites to fulfil, is also covered in depth. You will also spend time understanding conditional expressions, and the method used to deploy them across your file server infrastructure. A special chapter is included for handling the data quality and the integration in other systems and strategies. Last, but not least, to get your solution up and running you will learn how to troubleshoot a Dynamic Access Control solution.
Table of Contents (16 chapters)
Learning Microsoft Windows Server 2012 Dynamic Access Control
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

Identifying the complete solution


DAC is not only a single feature to protect information from unauthorized access, but also a part of a complete information-protection strategy from Microsoft. The perfect thing is that Microsoft now provides not just a product like in the times of Windows Server 2003, but a complete solution that every product mostly integrates with, along with the availability of a management platform as well.

So let's first start with an easy way to implement an example to automate the Active Directory attributes by filling and updating the process from an HR export file you receive from the HR system in the comma-separated value (CSV) format:

  1. Double-check and sanitize the export file you received.

  2. Build up a PowerShell solution as follows:

    Import-Module ActiveDirectory
    $UserImport = Import-CSV c:\staging\users.csv
    $UserImport | Foreach{
    Get-ADUser -filter {name -eq $_.name}|Set-ADUSer -TelephoneNumber $_.TelephoneNumber $_.TelephoneNumber -MobilePhone $_.MobilePhone -StreetAddress...