http://technet.microsoft.com/en-us/library/dd378897(WS.10).aspx
Authentication Mechanism Assurance for AD DS in Windows Server 2008 R2
This guide demonstrates how to enable authentication mechanism assurance in Active Directory® Domain Services (AD DS) in the Windows Server® 2008 R2 operating system. Authentication mechanism assurance is an added capability in Windows Server 2008 R2 AD DS that you can use when the domain functional level is set to Windows Server 2008 R2. When it is enabled, authentication mechanism assurance adds an administrator-designated global group membership to a user’s Kerberos token when the user’s credentials are authenticated during logon using a certificate-based logon method. This makes it possible for network resource administrators to control access to resources, such as files, folders, and printers, based on whether the user logs on using a certificate-based logon method, in addition to the type of certificate used. For example, when a user logs on using a smart card, the user’s access to resources on the network can be specified as different from what the access is when the user does not use a smart card (that is, when the user logs on by entering a user name and password).
The major sections in this document are:
Authentication Mechanism Assurance for AD DS in Windows Server 2008 R2
This guide demonstrates how to enable authentication mechanism assurance in Active Directory® Domain Services (AD DS) in the Windows Server® 2008 R2 operating system. Authentication mechanism assurance is an added capability in Windows Server 2008 R2 AD DS that you can use when the domain functional level is set to Windows Server 2008 R2. When it is enabled, authentication mechanism assurance adds an administrator-designated global group membership to a user’s Kerberos token when the user’s credentials are authenticated during logon using a certificate-based logon method. This makes it possible for network resource administrators to control access to resources, such as files, folders, and printers, based on whether the user logs on using a certificate-based logon method, in addition to the type of certificate used. For example, when a user logs on using a smart card, the user’s access to resources on the network can be specified as different from what the access is when the user does not use a smart card (that is, when the user logs on by entering a user name and password).
The major sections in this document are:
I am very enjoyed for this blog. Its an informative topic. It help me very much to solve some problems. Its opportunity are so fantastic and working style so speedy. I think it may be help all of you. Thanks a lot for enjoying this beauty blog with me. I am appreciating it very much! Looking forward to another great blog. Good luck to the author! all the best!
ReplyDeletedomain service
Hello there
ReplyDeleteYou are welcome
Michael
Adem gives a high
ReplyDeletefree online movies five to Ben and Jonathan after which systems us and walks beside us along the pavement.
As soon because the bone disappeared from sight, Download Best Videos Jonek felt peace in his heart, as if a first-rate weight had been lifted for the first time in a long time.
ReplyDelete