Active Directory: configuring dynamic access control – DAC

Windows Server 2012R2 Windows Server 2016 Windows Server 2019

Configure a centralized access policy on a folder

Now that we have configured properties, rules and policies for Dynamic Access Control (DAC), we will move on to its configuration (use) on folder in order to configure permissions.

As a reminder :
Dynamic access control (DAC) complements NTFS rights and does not replace them.

Go to the desired folder, right click on it 1 and click on Properties 2.

Go to the Security 1 tab and click on the Advanced 2 button.

In the advanced security settings, go to the Centralized Policy 1 tab and click on Edit 2.

Choose a centralized access policy from the 1 drop-down list.

Once the policy has been selected, it is possible to configure its application 1 and to have an overview 2 of the rules of the central access policy by clicking on its name.

On the screenshot below, we can see the rule, once configured click on Apply 1.

Close the advanced settings by clicking on OK 1 and if the NTFS rights are correct also close the folder properties window.