Read Only Access

Best way to provide a users read only access for below
AD Groups
DNS entries
DHCP scopes
Certificates
Ali-Raza111Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hello ThereSystem AdministratorCommented:
Users that are part of the DHCP Users group in AD have read only console access to the DHCP settings. That is exactly what you want from a permissions perspective. User need just to set up custom MMC.
0
Hello ThereSystem AdministratorCommented:
To see other users and groups: Open Windows Explorer -> Network -> click on Search Active Directory button.
0
Hello ThereSystem AdministratorCommented:
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Naveen SharmaCommented:
Please refer to this earlier discussion: https://social.technet.microsoft.com/Forums/ie/en-US/b0670982-d42c-4641-9c04-2069f09276a9/grant-user-read-access-to-dns-server?forum=winserverDS

Follow the above blog regarding to grant access to DNS Management MMC to a non-admin step by step.

You can create new security group & give explicit read only permission to that group. Try to add this group to specific DC where you want only the user get access.

Managing DHCP Server Access:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd183645(v=ws.10)

You may also get help from active directory auditing solution, in order to view permission and track every permission change in active directory.
0
Hello ThereSystem AdministratorCommented:
Thanks for repeating what I already posted.
0
Ali-Raza111Author Commented:
@Hello There,

Can you please put some more spotlight on AD Groups and Certificates view Only access?
0
Hello ThereSystem AdministratorCommented:
Certificates -> MMC -> Add Certificates
AD Groups-> MMC -> open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
0
Ali-Raza111Author Commented:
@Hello There,

AD Groups-> MMC -> open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.

Can you clarify where can I find Active Directory Button > I think i'm almost done with this request. Thanks for the help
0
Hello ThereSystem AdministratorCommented:
Sorry, my previous comment about AD groups was completely wrong.
Open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
4062.Image-7_thumb_77382208.jpg
If you cannot see it, this function is disabled by GPO, I guess.
0
Ali-Raza111Author Commented:
Thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DHCP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.