Re: 2003 Server DNS security

From: "Todd J Heron" <todd_heron_no_spam@xxxxxxxxxxx>
Date: Sat, 17 Sep 2005 08:40:18 -0400

Remove his local admin rights and instead make him a member of the "DNS
Admins" group. That's what this group is for.

--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights

"MattG" <email@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23Ux%23vT3uFHA.128@xxxxxxxxxxxxxxxxxxxxxxx
I need to delegate permissions to enable a user to manage DNS on a member
server hosting non-AD integrated DNS zones.

Promoting the user to a local admin resolves the permission problem but also
gives them access to things they shouldn't have access to, therefore this
option is not viable.

TIA...

__
Matt

.

Follow-Ups:
- Re: 2003 Server DNS security
  - From: MattG

References:
- 2003 Server DNS security
  - From: MattG

Prev by Date: 2003 Server DNS security
Next by Date: Question about DNS
Previous by thread: 2003 Server DNS security
Next by thread: Re: 2003 Server DNS security
Index(es):
- Date
- Thread

Relevant Pages

Re: 2003 Server DNS security
... Thanks Todd, I have tried this, but it does not delegate permissions to ... non-AD zones on a member server... ... > Remove his local admin rights and instead make him a member of the "DNS ...
(microsoft.public.windows.server.dns)
Re: delegate admin rights to an OU
... - install programs that need local admin rights ... administrators group on every client (with indirect I mean, ... admina member of an AD group and configure that AD group to be a member ...
(microsoft.public.windows.group_policy)
Re: delegate admin rights to an user in an OU
... - install programs that need local admin rights ... administrators group on every client (with indirect I mean, ... admina member of an AD group and configure that AD group to be a member ...
(microsoft.public.windows.server.active_directory)
Re: Process to replace 2000 DCs with 2003.
... server's DNS entry in the TCp/ip DNS settings? ... that you need to change the IP Address of the member servers and, thus, make ... There should be no need to upgrade the WIN2000 Domain Controllers to ... FSMO Role of Schema Master. ...
(microsoft.public.windows.server.active_directory)
Re: Script to remove list of users from groups...
... I do have the DNs so I guess I just miss out that section. ... I don't like modifying the member and memberOf attributes directly, ... ' Bind to the user object. ... NameTranslate object to convert the NT names to Distinguished Names. ...
(microsoft.public.scripting.vbscript)