How to give every user in the domain read access to the SharePoint Intranet

1. Login to the SharePoint Central Administration.

2. Go to ‘Shared Services Administration: ssp1’.

3. Click on ‘User Profile and Properties’.

4. Click on ‘View import connections’.

5. Click on ‘Create New Connection’ and you will see the screen below.

6. Select the ‘Type’. In my case it was Active Directory. Enter the domain name and click on the ‘Auto Fill Root Search Base’. The string ‘DC=yourdomain,DC=com,DC=au’ will appear in the ‘Search Base’ text. Oviously you will use your domain name instead on ‘yourdomain’. Modify this string if required to point to the particular OU where all users and groups live. For example, ‘OU=Users,OU=User & Groups,DC=yourdomain,DC=com,DC=au‘.

7. Under ‘User filter’ textbox the default string is
(&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2)))
Remove this string and add the string below,
(|(objectCategory=group)(&(objectCategory=person)(objectClass=user))( !(userAccountControl:1.2.840.113556.1.4.803:=2))).

8. Once all the groups are imported add the ‘Domain Users’ group into the ‘Visitor’ group in SharePoint. Now all users in the domain will have read access to the SharePoint Intranet.


Diganta Kumar has architected and developed software for more than a decade for a wide range of industries and development platforms and over the years has filled many roles including program manager, founder, developer, architect, team lead, mentor and project manager. Diganta is founder of two online IT businesses. He is a certified AWS Solutions Architect, certified Professional Scrum Master (PSM I), certified Professional Scrum Developer (PSD I) and ITIL Certified. He has presented at Microsoft Tech.Ed, Microsoft AppFest and Ark Group Intranet conference. He attends AWS Seattle Official Events, Seattle AWS Architects-Engineers, and AWS Cloud Commerce user groups. He likes to help, mentor and manage software development teams to improve and produce great software. He currently work as a Senior Technical Program Manager for Amazon Web Services.

Posted in SharePoint

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s