Using Dynamic Access Control and Rights Management for Information Protection

Play Using Dynamic Access Control and Rights Management for Information Protection


You’ve heard about DAC, but wondered exactly what it is and how it works? Heard the term claims-based access but not sure what that means? In this demo-oriented session we answer these questions and more! Windows Server 2012 provides an incredibly powerful information protection solution for users and devices. Come along and see how you can leverage it!



The Discussion

  • User profile image

    One of my favourite features !

  • User profile image

    Haven't used this, would like to learn how it can help me in my environment.

  • User profile image

    I'm worried about the impact on the domain controllers and if they can handle the requests from thousands of users where AD data elements that have not been preloaded into groups are being used to evaluate data access.  How do we provide this feature and not also impact the entire organization with performance issues?

  • User profile image

    @NeilD: AFAIK, only the elements (and policies) are defined in AD, the actual values are stored in NTFS on the file server. So the cost of enforcement is spread across the file servers, using the file attributes from NTFS and the user claims from the PAC in their Kerberos ticket.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.