Dynamic Access Control integrates the claims-based access control (CBAC) model with the Windows OS and AD.
Claims are statements about users or devices (e.g., "My account name is Jan DC," "I am a member of the sales department") and are issued by a trusted authority.
Administrators can also define flexible access control and auditing settings on files and folders, in addition to or independent of the centrally defined CAPs.
so i opened command prompt as administrator and run command "/syncall".
Microsoft has positioned its most recent server OS, Windows Server 2012, as a fundamental building block for private cloud environments.
In addition, Server 2012 AD includes some smaller but no less important security-related changes.
Dynamic Access Control is probably the most fundamental security change that Microsoft incorporates in Server 2012.