Questions about DAC ? Difference between Claim Types and Resource Properties
-
Saturday, January 12, 2013 8:20 PM
Hi,
I am trying to understand DAC.
In some tutorials, they speak about Claim Types to configure the Department attribute (for example); and in another tuto they speak about configuring Resource Properties.
I dont really understand when we use one, when the other ? Do we use both at the same time in some situations ?
Another question.
How can we configure CompoundID ?
I understood that it will permit to restrict the access to a shared folder from a specific computer only (win8).
Thank you
All Replies
-
Monday, January 14, 2013 6:11 AMModerator Hi,
Thanks for posting in Microsoft TechNet forums.
This article can help us understanding Claims:
Claims in Dynamic Access Control
http://social.technet.microsoft.com/wiki/contents/articles/14270.claims-in-dynamic-access-control.aspx
Resource Properties are defined in AD and used as a template to stamp additional metadata on a file or folder that can be used during an authorization decision. That information is stored in an alternate data stream on the file or folder. This would replicate with the file, the same as the security descriptor.
Another link which might be useful to you:
Dynamic Access Control: Scenario Overview
http://technet.microsoft.com/en-us/library/hh831717.aspx
Regards
Kevin- Marked As Answer by K_evin ZhuMicrosoft Contingent Staff, Moderator Friday, February 01, 2013 7:00 AM
.png)
