Active Directory Federation Services (AD FS)
Rights Management Services (AD RMS).
A second Windows Server 2008 role is Active Directory Rights Management Services (AD RMS). This service provides the means to attach usage rights to the data on your server. The rights to that data remain persistent no matter where someone moves it. You would use this feature to provide security for sensitive documents, such as financial reports.
The combination of ADFS and ADRMS form the Federated Rights Management feature. The use of these two server roles together provides a package of persistent, secure data management.
Improved failover clustering
Windows Server 2008 includes a number of new roles, one of which is Active Directory Federation Services (AD FS). This feature lets an administrator define an access identity across a network even if the access occurs over the Internet. In addition, this feature relies on the role-based security built into the .NET Framework.
Consequently, when someone logs in to the system, they have the rights defined by their role. A manager may have only manager rights when logging in from a local system — they may actually appear in the user role logging in from the Internet.
The AD FS role works across platforms, so it no longer matters if your network contains a mix of Windows, Linux, and Macintoshes. The administrator can also provide role-based authorization to Windows Share Point Services (WSS) and Rights Management Services (RMS) for a federated partner. A new Group Policy feature lets the administrator limit federation service deployment. It’s also possible to check on certificates by using the certificate-revocation checking settings.
Consequently, when someone logs in to the system, they have the rights defined by their role. A manager may have only manager rights when logging in from a local system — they may actually appear in the user role logging in from the Internet.
The AD FS role works across platforms, so it no longer matters if your network contains a mix of Windows, Linux, and Macintoshes. The administrator can also provide role-based authorization to Windows Share Point Services (WSS) and Rights Management Services (RMS) for a federated partner. A new Group Policy feature lets the administrator limit federation service deployment. It’s also possible to check on certificates by using the certificate-revocation checking settings.
Rights Management Services (AD RMS).
A second Windows Server 2008 role is Active Directory Rights Management Services (AD RMS). This service provides the means to attach usage rights to the data on your server. The rights to that data remain persistent no matter where someone moves it. You would use this feature to provide security for sensitive documents, such as financial reports.
The combination of ADFS and ADRMS form the Federated Rights Management feature. The use of these two server roles together provides a package of persistent, secure data management.
Improved failover clustering
Failover clustering is an important feature for a multi server network, where one server can take over for another when a failure occurs. Of course, you have to have the right hardware and software to create a clustered network, which means having knowledge of precisely what Windows is looking for in a cluster. Unfortunately, it was very difficult to make this determination in the past.
Microsoft has fixed this problem in Windows Server 2008 by providing validation tests you can use to ensure that your setup will work as a cluster. You now have access to node, network, and storage tests that determine whether a cluster will work and provide you with tips on resolving any potential issues.
After you determine that your hardware will work, you need to perform the setup. The new cluster software performs a configuration validation before it attempts to install the cluster. When the validation passes, the administrator can use a single-step setup process to install the cluster.
Microsoft has fixed this problem in Windows Server 2008 by providing validation tests you can use to ensure that your setup will work as a cluster. You now have access to node, network, and storage tests that determine whether a cluster will work and provide you with tips on resolving any potential issues.
After you determine that your hardware will work, you need to perform the setup. The new cluster software performs a configuration validation before it attempts to install the cluster. When the validation passes, the administrator can use a single-step setup process to install the cluster.
Daily maintenance is a requirement for any clustered setup. The new software provides easy methods for adding and removing clustered resources as needed. It’s also possible to perform management tasks from the command line (using standard cluster utilities) or with Windows Management Instrumentation (WMI). In fact, you can combine the two and use the command line WMIC tool to work with WMI at the command line.
The biggest improvement in failover cluster management is the way in which you can interact with hard drives. For example, you can now add a hard drive resource while the cluster is serving applications. The actual hard drive interactions are also improved. Microsoft has made changes that improve performance, such as not relying on SCSI hard drive resets. In addition, the software no longer leaves the hard drives in an unprotected state, which reduces the risk of corruption. You can even use a GUID Partition Table (GPT), as contrasted with the standard master boot record (MBT) partition, for increased hard drive space and reliability
The biggest improvement in failover cluster management is the way in which you can interact with hard drives. For example, you can now add a hard drive resource while the cluster is serving applications. The actual hard drive interactions are also improved. Microsoft has made changes that improve performance, such as not relying on SCSI hard drive resets. In addition, the software no longer leaves the hard drives in an unprotected state, which reduces the risk of corruption. You can even use a GUID Partition Table (GPT), as contrasted with the standard master boot record (MBT) partition, for increased hard drive space and reliability
0 comments on Federated rights management :
Post a Comment