Managing users access to the right files is a pain on any OS, the best that’s going ot happen is that no one will complain about not having access to a file while none of your sensitive company data gets into the wrong hands. In a traditional hierarchical business life was pretty easy you had a group called finance, a folder with their finance documents in you set up permissions form one to the other and you were done. However in a virtual taming, outsourcing home working organisation all sort of rules are needed to keep third parties at arms length from confidential data and allow users to have different roles on different teams. Also very few of us are good at filing, for example how many of properly tag our holiday photos so that we can track down our friends in all the photos we have?
Windows Server 2012 has several components in it to make this work, but key to this is Dynamic Access Control (DAC) which itself plugs into Active Directory (AD) , Group Policy and File Server Resource Manager (FSRM). The Dynamic in DAC refers to the fact that whenever a user tries to access a file their claim to do so is evaluate at the time of access. There are several parts to DAC to make this work and in my screencast you can see this in action..