<div>
Is the first link incorrect? It explains simple file sharing. I don't tink that has anything to do with allowing users to view event logs on DC's. I'm still a little lost. What about allowing users to log on locally to DC's with no rights except to view security logs? I think that would be more secure because they can view but not erase logs.
</div>


Is the first link incorrect? It explains simple file sharing. I don't tink that has anything to do with allowing users to view event logs on DC's. I'm still a little lost. What about allowing users to log on locally to DC's with no rights except to view security logs? I think that would be more secure because they can view but not erase logs.

<div>
<div class="content wysiwyg-content">
Im having a hard time finding out how to let a normal user (non domain admin) to view the event logs on domain controllers.<br />
<br />
I know there is a security and audit log in the secpol.msc local security policy but didn't do much testing. I know that will also allow install of patches aassuming they have local logon rights.<br />
<br />
What security group or local security policy would allow for non domain admins to view event logs on Domain Controllers?
</div>
</div>


Im having a hard time finding out how to let a normal user (non domain admin) to view the event logs on domain controllers.

I know there is a security and audit log in the secpol.msc local security policy but didn't do much testing. I know that will also allow install of patches aassuming they have local logon rights.

What security group or local security policy would allow for non domain admins to view event logs on Domain Controllers?

DC permissions for event log

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.