Dynamic Access Control 演習編
-
Upload
junichi-anno -
Category
Technology
-
view
1.774 -
download
0
Transcript of Dynamic Access Control 演習編
![Page 1: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/1.jpg)
Active Directory Domain Service(AD DS) Management
• Dynamic Access Control(ダイナミック アクセス制御)
2012年12月17日 版
![Page 2: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/2.jpg)
WS2012VMDC Server1
WS2012Labs-CorpNet (プライベート)
演習環境 Hyper-V 仮想マシン
Hyper-V 仮想スイッチ
192.168.10.1 192.168.10.21
WS2012:Full WS2012:Full
• AD DS• DNS• ファイルサービスおよび記憶域サービス
• ファイルサービスおよび記憶域サービス
Hyper-V ホスト:ITCAMP-PCxx(xx はPC番号)
DHCP
![Page 3: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/3.jpg)
演習の全体像
Country
Department
R_Country
R_Department
Active Directory
集約型アクセス規則
集約型アクセスポリシー
GPO
![Page 4: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/4.jpg)
演習22 ユーザーを作成
![Page 5: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/5.jpg)
![Page 6: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/6.jpg)
![Page 7: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/7.jpg)
演習23 Claim Types(クレームタイプ、要求の種類)の作成
![Page 8: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/8.jpg)
つづき
![Page 9: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/9.jpg)
演習24 Resource Properties(リソースプロパティ)の作成
![Page 10: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/10.jpg)
つづき
![Page 11: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/11.jpg)
演習25 リソースプロパティリストにリソースプロパティを登録
![Page 12: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/12.jpg)
演習26 Central Access Rules(集約型アクセス規則)の作成
![Page 13: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/13.jpg)
つづき
![Page 14: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/14.jpg)
つづき
![Page 15: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/15.jpg)
演習27 「集約型アクセスポリシー」の作成
![Page 16: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/16.jpg)
演習28 集約型アクセスポリシーをグループポリシーを使用して展開する
![Page 17: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/17.jpg)
つづき
![Page 18: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/18.jpg)
つづき
![Page 19: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/19.jpg)
つづき
![Page 20: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/20.jpg)
つづき
![Page 21: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/21.jpg)
演習29 KDC がチケットに属性を組み込んで送信できるようにポリシーを変更
![Page 22: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/22.jpg)
つづき
![Page 23: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/23.jpg)
演習30 ファイルサーバー リソースマネージャーのインストール
![Page 24: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/24.jpg)
![Page 25: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/25.jpg)
演習31 Server1 を再起動
![Page 26: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/26.jpg)
演習32 共有フォルダを作成してアクセス権を設定する
![Page 27: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/27.jpg)
演習33 ファイルシステム(NTFS)のアクセス権を確認する
![Page 28: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/28.jpg)
演習34 ファイルサーバーの分類属性を設定する
![Page 29: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/29.jpg)
演習35 アクセス権の評価 1 ~ Ben(米国、営業部)
![Page 30: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/30.jpg)
演習36 集約型ポリシーの適用とアクセス権の再評価
![Page 31: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/31.jpg)
つづき
![Page 32: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/32.jpg)
演習37 アクセス権の評価 2 ~ Alice(カナダ、経理部)
![Page 33: Dynamic Access Control 演習編](https://reader033.fdocuments.net/reader033/viewer/2022052601/559222b51a28abb1068b4638/html5/thumbnails/33.jpg)
演習38 属性を変更してアクセス権を再評価