SharePoint “NT AUTHORITY\Authenticated Users” – FAQs

Who are AUTHORITY\Authenticated Users in SharePoint?
Any user account that can log on to your network! So, If you want all of your AD users to access a SharePoint site, Grant access to “NT AUTHORITY\Authenticated Users” to the relevant SharePoint group. ‘NT Authority\Authenticated Users’ can also be used to grant access to users from multiple domains of your network.

Adding NT Authority\Authenticated Users to SharePoint

In SharePoint 2007, There was an easy way to add “NT AUTHORITY\Authenticated Users” by clicking the “Add All Authenticated Users” link. But it’s removed in SharePoint 2010.

SharePoint 2010 “NT Authority\Authenticated Users” Missing
SharePoint 2010 “NT Authority\Authenticated Users” is not available from Address Book.

SharePoint 2010 "NT Authority\Authenticated Users" Missing

In SharePoint 2010, Microsoft Removed the NT AUTHORITY\Authenticated Users from the Global Address book, so you will not find it there. But you have to type it MANUALLY into the names box and then hit the resolve icon next to it. To add all users to the SharePoint site:

  • Click Site Actions >>  Site Permissions.
  • Click Grant Permissions.
  • In Select Users, enter “NT AUTHORITY\Authenticated Users”
  • Select the relevant SharePoint group and Click “OK”

Its also possible to Add under Web Application Policy with permission levels like Full control, contribute, Read, etc.

Add NT Authority\Authenticated Users to SharePoint

Remove “NT Authority\Authenticated Users” from SharePoint
Like any other user account, you can delete “NT Authority\Authenticated Users” from SharePoint.

  • Go to Site Actions 
  • Site Settings 
  • Click on “More…” from Quick Launch 
  • Select the “NT AUTHORITY\authenticated users” user 
  • Click on “Delete User from Site Collection” to disable “NT Authority\Authenticated Users” from SharePoint site collection.

Add “NT Authority\Authenticated Users” programmatically in SharePoint:
How to add programmatically “every user” group to a SharePoint Site

//Get the Reader Permission Level
SPRoleDefinition readerRole = web.RoleDefinitions.GetByType(SPRoleType.Reader);

SPUser allusers = web.EnsureUser("NT AUTHORITY\\Authenticated Users");

SPRoleAssignment spRoleAssignment = new SPRoleAssignment(allUsers);
spRoleAssignment.RoleDefinitionBindings.Add(readerRole);

web.RoleAssignments.Add(roleAssignment); 
web.Update();

Salaudeen Rajack

Information Technology Professional with Two decades of SharePoint Experience.

Leave a Reply