Read Only Access
Best way to provide a users read only access for below
AD Groups
DNS entries
DHCP scopes
Certificates
AD Groups
DNS entries
DHCP scopes
Certificates
Users that are part of the DHCP Users group in AD have read only console access to the DHCP settings. That is exactly what you want from a permissions perspective. User need just to set up custom MMC.
To see other users and groups: Open Windows Explorer -> Network -> click on Search Active Directory button.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Please refer to this earlier discussion: https://social.technet.microsoft.com/Forums/ie/en-US/b0670982-d42c-4641-9c04-2069f09276a9/grant-user-read-access-to-dns-server?forum=winserverDS
Follow the above blog regarding to grant access to DNS Management MMC to a non-admin step by step.
You can create new security group & give explicit read only permission to that group. Try to add this group to specific DC where you want only the user get access.
Managing DHCP Server Access:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd183645(v=ws.10)
You may also get help from active directory auditing solution, in order to view permission and track every permission change in active directory.
Follow the above blog regarding to grant access to DNS Management MMC to a non-admin step by step.
You can create new security group & give explicit read only permission to that group. Try to add this group to specific DC where you want only the user get access.
Managing DHCP Server Access:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd183645(v=ws.10)
You may also get help from active directory auditing solution, in order to view permission and track every permission change in active directory.
Thanks for repeating what I already posted.
ASKER
@Hello There,
Can you please put some more spotlight on AD Groups and Certificates view Only access?
Can you please put some more spotlight on AD Groups and Certificates view Only access?
Certificates -> MMC -> Add Certificates
AD Groups-> MMC -> open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
AD Groups-> MMC -> open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
ASKER
@Hello There,
AD Groups-> MMC -> open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
Can you clarify where can I find Active Directory Button > I think i'm almost done with this request. Thanks for the help
AD Groups-> MMC -> open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
Can you clarify where can I find Active Directory Button > I think i'm almost done with this request. Thanks for the help
Sorry, my previous comment about AD groups was completely wrong.
Open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
If you cannot see it, this function is disabled by GPO, I guess.
Open Windows Explorer -> Network -> click on Search Active Directory button -> You can see AD groups and members of these groups.
If you cannot see it, this function is disabled by GPO, I guess.
ASKER
Thanks