How to give every user in the domain read access to the SharePoint Intranet

1. Login to the SharePoint Central Administration.

2. Go to ‘Shared Services Administration: ssp1’.

3. Click on ‘User Profile and Properties’.

4. Click on ‘View import connections’.

5. Click on ‘Create New Connection’ and you will see the screen below.

6. Select the ‘Type’. In my case it was Active Directory. Enter the domain name and click on the ‘Auto Fill Root Search Base’. The string ‘DC=yourdomain,DC=com,DC=au’ will appear in the ‘Search Base’ text. Oviously you will use your domain name instead on ‘yourdomain’. Modify this string if required to point to the particular OU where all users and groups live. For example, ‘OU=Users,OU=User & Groups,DC=yourdomain,DC=com,DC=au‘.

7. Under ‘User filter’ textbox the default string is
(&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2)))
Remove this string and add the string below,
(|(objectCategory=group)(&(objectCategory=person)(objectClass=user))( !(userAccountControl:1.2.840.113556.1.4.803:=2))).

8. Once all the groups are imported add the ‘Domain Users’ group into the ‘Visitor’ group in SharePoint. Now all users in the domain will have read access to the SharePoint Intranet.


Diganta is an experienced Technical Program Manager with a passion for technology. He has architected and developed software for more than a decade for a broad range of industries. Diganta is a founder of two online IT businesses. He is a certified AWS Solutions Architect, AWS Certified Developer, Professional Scrum Master (PSM I), Professional Scrum Developer (PSD I) and ITIL Certified. He has presented at Microsoft Tech.Ed, Microsoft AppFest and Ark Group Intranet conference in the past. He attends AWS Seattle Official Events and Seattle AWS Architects-Engineers. He likes to help, mentor, and manage software development teams to improve and produce great software.

Posted in SharePoint

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.