This afternoon I received an email from Microsoft providing me the beta of a tool named “Data Classification Toolkit for Windows Server 2012 Beta”. First, I think they forgot to change the name of the tool since the official name of the next release of Windows Server is “Server 2012” and not “Server 8”. But that’s a detail, on to the juicy stuff…
The Data Classification Toolkit for Windows Server 2012 Beta is designed to help you identify, classify, and protect data on your file servers from a centralized management system. There are some handy built-in classifications and rules which makes implementing the tool very easy, which you can base you access policies on. And now for the juicy part: It has PowerShell cmdlets!!!
| Name | Clear-FileClassificationContent |
| Description | Clears classification content from a single or multiple servers. By default all data is cleared. The user may selectively clear properties, rules, tasks or reports by using the appropriate parameters. |
| Example 1 |
Clear-FileClassificationContent |
| Explanation 1 | Clears all properties, rules, reports, and tasks from the local server. |
| Example 2 |
Clear-FileClassificationContent -Rules -Tasks -Reports |
| Explanation 2 | Clears only rules tasks, and reports from the local server. |
| Name | Compare-FileClassificationPackage |
| Description | Compares a given File Classification Package against the file classification settings on remote machines. |
| Example 1 |
Compare-FileClassificationPackage -ComputerName "RemoteServer1" -Path "BaselinePackage.xml" |
| Explanation 1 | Outputs a list of comparison results between the given “BaselinePackage.xml” file and the FCI configuration on “RemoteServer1″. |
| Example 2 |
Compare-FileClassificationPackage -ComputerName RemoteServerWinSrvr2012 -Path "BaselinePackage.xml" -Downlevel Always |
| Explanation 2 | First it downgrades the given “BaselinePackage.xml” baseline to Windows Server 2008 R2 level before comparing it against RemoteServerWinSrvr2012 server. (This “Downlevel” option should only be used against the Windows Server 2012 File Server with AD DS runnning at Windows Server 2008 R2 functional level.) Then it generates comparison result between the downgraded baseline and the FCI configuration on RemoteServerWinSrvr2012 server. |
| Name | Export-FileClassificationPackage |
| Description | Exports classification Properties, Rules, Reports, and Tasks from a server with the File Services Role and File Classification Infrastructure installed. |
| Example 1 |
Export-FileClassificationPackage -Path C:\output.xml |
| Explanation 1 | Creates the C:\output.xml file that will contain a serialized version of all classification properties, rules, reports, and tasks on the local server. |
| Example 2 |
Export-FileClassificationPackage -Path C:\output.xml -ComputerName RemoteServer1 |
| Explanation 2 | Creates the C:\output.xml file that will contain a serialized version of all classification properties, rules, reports, and tasks on the RemoteServer1 server. |
| Name | Compare-FileClassificationPackage |
| Description | Compares a given File Classification Package against the file classification settings on remote machines. |
| Example |
Compare-FileClassificationPackage -ComputerName "RemoteServer1" ` -Path "BaselinePackage.xml" |
| Explanation | Outputs a list of comparison results between the given “BaselinePackage.xml” file and the FCI configuration on “RemoteServer1″. |
| Name | Get-CentralAccessPolicy |
| Description | Gets all of the Central Access Policies in the current domain. |
| Example |
Get-CentralAccessPolicy |
| Explanation | Gets all of the Central Access Policies from the user’s current domain. For example, if the user credentials running this command is “Contoso\dave”, this command will retrieve all policies from the “Contoso” domain. In this example, the “Contoso” domain has two policies: PolicyName1, and PolicyName2. |
| Name | Import-FileClassificationPackage |
| Description | Imports a collection of classification properties, rules, tasks, and reports into a single or multiple servers. |
| Example 1 |
Import-FileClassificationPackage -Path C:\package.xml -Scope Explicit |
| Explanation 1 | Imports all classification properties, rules, tasks, and reports in the specified input file into the local server. Scopes that are explicitly defined in the input file will be used when importing. Since Downgrade parameter is not specified, the downgrading of specified baseline in the input file to Windows Server 2008 R2 level will be done automatically if it was crerated at the Windows Server 2012 level, and the localhost is on Windows Server 2008 R2. |
| Example 2 |
Import-FileClassificationPackage -Path C:\package.xml -Scope AllShares |
| Explanation 2 | Imports all classification properties, rules, tasks, and reports in the specified input file into the local server. Scopes of the imported items will include all non-hidden user shares on the target machine. |
| Name | New-FileClassificationDatabase |
| Description | Creates a new instance of the reporting database for the Data Classification Toolkit. |
| Example |
New-FileClassificationDatabase -DatabaseName "ReportingDatabase" ` -ConnectionString "Data Source=(local);Integrated Security=SSPI;" |
| Explanation | Creates a new instance of the database on the local server named “Reporting Database”. |
| Name | New-FileClassificationReportTemplate |
| Description | Creates a report template (xlsx) file for Microsoft Excel that allows the user to view reporting information about file classification data. |
| Example |
New-FileClassificationReportTemplate -ConnectionString "Provider=SQLOLEDB.1; Data Source=(local);Initial Catalog=DataClassificationToolkitDatabase; Integrated Security=SSPI;" -Path "MyTemplate.xlsx" |
| Explanation | Creates a DCT Reporting template called “MyTemplate.xlsx” that uses the provided connection string. |
| Name | Publish-FileClassificationReportData |
| Description | Publishes file classification report data from remote file servers to a centralized data warehouse. |
| Example |
Publish-FileClassificationReportData -ComputerName "File-Server" -ConnectionString "Data Source=(local); Initial Catalog=ReportingDatabase;Integrated Security=SSPI;" |
| Explanation | Publishes report data from “File-Server” into the “ReportingDatabase” on the local machine. |
| Name | Remove-DefaultCentralAccessPolicy |
| Description | Removes the default Central Access Policy (CAP) for all visible shares on the target file server(s). If no policy name is specified, then all polices are removed. |
| Example 1 |
Remove-DefaultCentralAccessPolicy -PolicyName CorpPolicy |
| Explanation 1 | This example removes the default CAP named “CorpPolicy” on all visible shares on the localhost. |
| Example 2 |
Remove-DefaultCentralAccessPolicy -ComputerName Server01 -PolicyName CorpPolicy |
| Explanation 2 | This example removes the default CAP named “CorpPolicy” on all visible shares on the Server01. |
| Name | Search-FileClassificationServer |
| Description | Scans the Operations Manager server identified by ServerName for managed servers running the FCI role. The name of each server is written to the pipeline for use in other cmdlets that use ComputerName as an input. |
| Example |
Search-FileClassificationServer -ScomServerName ops-server |
| Explanation | Connects to ops-server and outputs each FCI server to the pipeline. |
| Name | Set-DefaultCentralAccessPolicy |
| Description | Sets or replaces the default Central Access Policy (CAP) on all visible file shares against a single or multiple target server(s). Only the “PolicyName” parameter is required to specify which policy to set to. If neither “Overwrite” nor “ReplacePolicyName” parameters given, it would set the CAP on those shares that does not currently have this policy set. Policy name with “Overwrite” parameter will force the policy to be applied to all shares regardless if this policy was previously set or not. “ReplacePolicyName” parameter specifies the current policy to be replaced with the given “PolicyName”. |
| Example 1 |
Set-DefaultCentralAccessPolicy -PolicyName CorpPolicy |
| Explanation 1 | This example sets the “CorpPolicy” CAP on all shares on the localhost that does not have any policy set. |
| Example 2 |
Set-DefaultCentralAccessPolicy -ComputerName Server01,Server02 -PolicyName CorpPolicy |
| Explanation 2 | This example sets the “CorpPolicy” CAP on all shares on the Server01 and Server02 that does not have any policy set. |
