Learning Microsoft Windows Server 2012 Dynamic Access Control -- Table of Contents -- Learning Microsoft Windows Server 2012 Dynamic Access Control -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Support files, eBooks, discount offers and more -- Why Subscribe? -- Free Access for Packt account holders -- Instant Updates on New Packt Books -- Preface -- What this book covers -- What you need for this book -- Who this book is for -- Conventions -- Reader feedback -- Customer support -- Errata -- Piracy -- Questions -- 1. Getting in Touch with Dynamic Access Control -- Business needs, purpose, and benefits -- Inside the architecture of DAC -- Building blocks -- Infrastructure requirements -- User and device claims -- Expression-based access rules -- Classification enhancements -- Central Access and Audit policies -- Access-denied assistance -- Building your smart test lab -- Configuring Dynamic Access Control -- Summary -- 2. Understanding the Claims-based Access Model -- Understanding claims -- Claims support in Windows 8/2012 and newer -- Kerberos authentication enhancements -- Kerberos Armoring and Compound Authentication -- Kerberos Armoring -- Compound Authentication -- Managing Claims and Resource properties -- Naming conventions -- Authoritative system and data validation -- Administrative delegation -- Resource properties -- Using Claim Transformation and Filtering -- Groups or DAC, let's extend our first solution -- Summary -- 3. Classification and the File Classification Infrastructure -- Map the business and security requirements -- Different types and methods for tagging and classifying information -- Manual Classification -- Using the Windows File Classification Infrastructure -- Data Classification Toolkit 2012 -- The Data Classification Toolkit wizard -- The Data Classification Toolkit Claims wizard.

Designing and configuring classifications -- Summary -- 4. Access Control in Action -- Defining expression-based Access policies -- Deploying Central Access Policies -- Protecting the legal department's information with Central Access Policies -- Identifying a Group Policy and registry settings -- Configuring FCI and Central Access Policies -- Building a staging environment using proposed permissions -- Applying Central Access Policies -- Access Denied Remediation -- Understanding the ADR process -- ADR - a step-by-step guide -- Summary -- 5. Auditing a DAC Solution -- Auditing with conditional expressions -- Claims-based Global Object Access Auditing -- Monitoring your Dynamic Access Control scenarios -- Configuring an effective auditing solution -- Policy considerations -- Extending the solution with System Center -- Summary -- 6. Integrating Rights Management Protection -- Windows 2012 AD RMS -- Installing Rights Management Services -- Rights Protected Folder -- Classification-based encryption -- Protecting your information with a combination -- The rights management template -- Encryption rule -- Information access -- Building the RPF example in your environment -- File retention -- AD RMS in a SAP environment -- Summary -- 7. Extending the DAC Base Solution -- Keeping Active Directory attributes up-to-date -- Third-party tools for Dynamic Access Control -- Classification -- Central Access Policy -- RMS Protection -- Auditing -- Using DAC in SharePoint -- BYOD - using Dynamic Access Control -- Summary -- 8. Automating the Solution -- Identifying the complete solution -- How other Microsoft products can assist you -- Advanced architectures for Information Protection -- Summary -- 9. Troubleshooting -- Common misconfigurations -- General troubleshooting -- Domain Controller count -- Data quality of Active Directory attributes.

Checking the user and device claims -- Domain connectivity -- Advanced Security Editor -- The order of entries in the Permissions tab -- The Central Policy tab -- FCI - resource conditions and resource properties -- Access Control Lists -- Advanced troubleshooting -- Domain function level -- Active Directory trust -- Claim Transformation Policy (CTP) -- Summary -- Index.