I have a tech group that needs read-only access to all Windows servers, but I'm unsure how to implement this without giving them full user accounts. Unlike Linux systems, I can't find a way to grant access without making them users on each server. They need a level of visibility that approaches admin privileges. What options do I have to grant this access without making them domain admins?
4 Answers
You really need to specify what they want to access. If it's everything, including domain controllers, you might have to create them as domain admins, which is risky. But if it’s more selective, consider assigning permissions as needed on a case-by-case basis.
Absolutely agree, you must define what they need read access to. Do they need to use Remote Desktop Protocol (RDP) or just read shares? Without knowing that, it's tough to give the right advice.
First, it's essential to clarify what you mean by read-only access. It varies widely based on the tasks they'll need to accomplish. Are they accessing specific applications or centralized data?
Right? If you don’t specify what type of access or resources they need, it makes it tough to find a proper solution!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures