Lab 6 turn in - MOAC 70-412 Configuring Advanced Windows Server 2012 R2 Services LAB 6 IMPLEMENTING DYNAMIC ACCESS CONTROL THIS LAB CONTAINS THE

Lab 6 turn in - MOAC 70-412 Configuring Advanced Windows...

This preview shows page 1 - 4 out of 17 pages.

MOAC 70-412: Configuring Advanced Windows Server 2012 R2 Services L AB 6 IMPLEMENTING DYNAMIC ACCESS CONTROL THIS LAB CONTAINS THE FOLLOWING EXERCISES AND ACTIVITIES: Exercise 6.1 Using Dynamic Access Control (DAC) Exercise 6.2 Implementing a Central Access Policy Lab Challenge Performing Access-Denied Remediation BEFORE YOU BEGIN The lab environment consists of student workstations connected to a local area network, along with a server that functions as the domain controller for a domain called contoso.com. The computers required for this lab are listed in Table 6-1.
MOAC 70-412: Configuring Advanced Windows Server 2012 R2 Services Table 6-1 Computers required for Lab 6 Computer Operating System Computer Name Server (VM 1) Windows Server 2012 R2 RWDC01 Server (VM 2) Windows Server 2012 R2 Server01 In addition to the computers, you will also require the software listed in Table 6-2 to complete Lab 6. Table 6-2 Software required for Lab 6 Software Location Lab 6 student worksheet Lab06_worksheet.docx (provided by instructor) Working with Lab Worksheets Each lab in this manual requires that you answer questions, shoot screen shots, and perform other activities that you will document in a worksheet named for the lab, such as Lab06_worksheet.docx. You will find these worksheets on the book companion site. It is recommended that you use a USB flash drive to store your worksheets, so you can submit them to your instructor for review. As you perform the exercises in each lab, open the appropriate worksheet file, fill in the required information, and save the file to your flash drive. After completing this lab, you will be able to: Enable and configure DAC Create and implement a Central Access Policy Enable Access-Denied Assistant Estimated lab time: 90 minutes Exercise 6.1 Using Dynamic Access Control (DAC) Overview In this exercise, you will configure Dynamic Access Control by enabling KDC support for claims and creating a resource property and resource rule. Mindset How does Dynamic Access Control allow you to secure files for an organization? Completion time 40 minutes
MOAC 70-412: Configuring Advanced Windows Server 2012 R2 Services 1. Log in to RWDC01 as contoso\administrator with the password of Pa$$w0rd . 2. In Server Manager, click Tools > Group Policy Management . 3. In the Group Policy Management console, expand Forest: contoso.com \Domains \ contoso.com and then expand Domain Controllers . Then right-click Default Domain Controllers Policy and choose Edit. 4. In the Group Policy Management Editor, navigate to Computer Configuration\Policies\Administrative Templates\System\KDC and double-click KDC support for claims, compound authentication, and Kerberos Armoring . 5. Click Enabled . Under Options, Supported is already selected. 6. Take a screen shot of the KDC support for claims, compound authentication and Kerberos Armoring dialog box by pressing Alt+Prt Scr and then paste it into your Lab 6 worksheet file in the page provided by pressing Ctrl+V.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture