Microsoft

So far we’ve covered: Initial Setup of Dynamic Access Control Claims In this post we’ll look at Resource Properties. Resource Properties A resource property is a claim that describes the characteristics of an object in the file system. A claim is a descriptor of a user or a device whereas a resource property is a characteristic of a file or folder. As an example, we have a folder with HIPPA related information in it. A description can be added to this folder to indicate that it has Protected Health Information (PHI) contained in that folder. This PHI description is a resource property. ...

We’ve discussed Initial configuration steps, Claims, and Resource Properties and we’re starting to see the power of Microsoft’s Dynamic Access Control, but we need a better way to manage these and that’s why we’ve come to “Rules and Policies”. A Central Access Rule can be used to take claims such as users in a department and match them up with permissions on a filefolder with specific resource properties. This is where the real power comes into play because now we don’t have to go through and map these for each individual file. We’re setting a general policy for the entire organization all at once. ...

In the first four parts of the Dynamic Access Control Series we covered Initial Configurations, Claims, Resource Properties and Rules Policies. These are working great in our environment but we still have to go through and manage the classification tags. Wouldn’t it be easier to have some files automatically tagged with a certain resource classification? Enter File Server Resource Manager to the rescue! Classification Rules From within File Server Resource Manager (FSRM) go to Classification Rules and choose to “Create Classification Rule…” ...

If you have an MCITP or similar certification from Microsoft on Server 2008 and want to keep your certifications up to date, chances are you will need to take the 70-417 exam. I recently sat this test and wanted to share some of my experiences with you. My certification background in Information Systems started with my journey to become an MCSE 2003 so Microsoft is kind of my first love when it comes to certs. I deal a little bit less with the day to day configuration and maintenance of Windows, but Windows Server will always have a certain place in my heart and I try to keep up to date with my credentials. ...

Microsoft IPAM (IP Address Management) is a feature that was released in Windows Server 2012 to help administrators manage decentralized DHCP and DNS Servers. Previously administrators may have needed to use spreadsheets to keep track of DHCP Scopes, IP Addresses DNS Names etc but with IPAM installed, a single server can refresh all of this data and put it in a single, always up to date place. Deployment Guidelines There are a few things you should know before installing IPAM. ...

Mobility is no longer a challenge to traditional IT environments, it’s the standard. Users work from home to save office space, need to be connected during sales trips and are consistently not in the corporate office connected to the local area network (LAN). Combine this demand for a mobile workforce with the ever increasing security requirements put forth such as HIPPA and PCI-DSS etc make this a significant hurdle for IT departments. Microsoft Direct Access may be a solution that eases this hardship. ...

These days, companies are dealing more with mobility, than ever before. IT infrastructure is now spread out in the cloud, and users may be working from the road, remote offices or from home. This is making it more difficult to manage a secure IT Infrastructure. Microsoft is taking steps to allow IT Administrators to start controlling machines even when they aren’t connected to a corporate infrastructure. Microsoft Offline Domain Join was released as a new feature with Windows Server 2008 R2. This feature allows a machine that is not directly connected to a network with Active Directory, to be joined anyway. ...

Microsoft has a new file system designed to increase data integrity, scalability and availability called the Resilient File System (ReFS). This file system has leveraged many of the NTFS file system goodies and expanded them to make it more scalable and prevent corruptions. ReFS was released with Server 2012 and at the moment is designed for use with file shares. It cannot be used as a boot volume at the present time, but this file system seems poised to replace NTFS down the road. ...

Microsoft Storage Spaces feature used to handle data redundancy, scalability and performance. Storage Spaces takes a set of Just a Bunch of Disks (JBOD) and pairs them together to allow for; either failures of a disk, gaining the performance of multiple spindles, or gaining the space of multiple disks. Traditionally this has all been handled by creating a Redundant Array of Independent Disks (RAID) group. Some examples of RAID would be: Striping (RAID 0) Mirroring (RAID 1) Parity (RAID 5 or 6) Storage Spaces create a similar type of RAID Group but then throw a virtual disk on top of them so that multiple types of stripes can be used on the same disks. For example, three physical disks can be put into a storage space. From there, three separate types of VDISKs can be created, Mirrored, Spanned and Parity can then be placed on the same set of disks with no issue. The diagram below shows an example. ...

Active Directory (AD) is the base of most enterprise level infrastructures and has been for some time. We have become accustomed to seeing this structure and depending on it. But AD has been a thorn in our side since virtualization has become popular due to the inability to take snapshots. This is no longer the case if your shop is running Windows Server 2012 with Active Directory. With the release of Active Directory 2012, Microsoft has added a new object called the VM GenerationID that allows us to snapshot AD Servers. ...