Intriguing Points From Windows Server 2022 Book (Early Release!!!) Part9.

Active Directory Administrative Center or Centre (American vs British)…

The ADAC has much more streamlined interface that looks and feels like the newer Server Manager that we are all becoming more comfortable with.
In addition to teaching old dogs new tricks, Active Directory Administrative Center also brings some new functionality to the table that is not available anywhere in the classic tools.

Dynamic Access Control (DAC) is all about the security and governance of your files and the company data that you need to hold onto tightly, making sure it doesn’t fall into the wrong hands.

DAC gives you the ability to tag files, thereby classifying them for particular groups or users. Then you can create access control policies that define who has access to these particular tagged files. Another powerful feature of DAC is the reporting functionality. Once DAC is established and running in your environment, you can do reporting and forensics on your files, such as finding a list of the people who have recently accessed a classified document.

DAC can also be used to modify users’ permissions bases on what kind of device they are currently using. If our user Susie logs in with her company desktop on the network, she should have access to those sensitive HR files. On the other hand, if she brings her personal laptop into the office and connects it to the network, we might not want to allows access to these same files, even when providing her domain user credentials, simply because we do not control the security on that laptop. These kinds of distinctions can be made using the Dynamic Access Control Policies.

to be continued…


Posted

in

by

Tags: