How would I limit access to DNS only on a Windows2003 DC

26/07/2006, 21h15

I would like to restrict access for the group responsible for
administering DNS in a domain to only those functions related to DNS.
DNS is installed on the domain controller. Would assigning them to the
DNSadmin group do the trick or would they need more permissions than
that provides? Does anyone know a good template for a group policy for
this purpose?

27/07/2006, 11h04

Hi

InLine

>I would like to restrict access for the group responsible for
> administering DNS in a domain to only those functions related to DNS.
> DNS is installed on the domain controller. Would assigning them to the
> DNSadmin group do the trick or would they need more permissions than
> that provides?

Yep. By default the DNS Admins group has full control of all zones and
records in a Windows 2000 domain in which it is specified. However if you
want to have more granular control over it you can check this:
http://support.microsoft.com/?kbid=256643

> Does anyone know a good template for a group policy for
> this purpose?

Not sure what do you mean? Just Add the users to the DNS Admins group
install the AdminTools console on their computers and they can manage the
DNS from that console

--
I hope that the information above s you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Retrograde" <Jeffk67@yahoo.com> wrote in message
news:1153944956.732302.75760@b28g2000cwb.googlegro ups.com...
>I would like to restrict access for the group responsible for
> administering DNS in a domain to only those functions related to DNS.
> DNS is installed on the domain controller. Would assigning them to the
> DNSadmin group do the trick or would they need more permissions than
> that provides? Does anyone know a good template for a group policy for
> this purpose?
>

26/07/2006, 21h15	#1 (permalink)
Retrograde Messages: n/a Hébergeur:	How would I limit access to DNS only on a Windows2003 DC I would like to restrict access for the group responsible for administering DNS in a domain to only those functions related to DNS. DNS is installed on the domain controller. Would assigning them to the DNSadmin group do the trick or would they need more permissions than that provides? Does anyone know a good template for a group policy for this purpose?

27/07/2006, 11h04	#2 (permalink)
Jorge Silva Messages: n/a Hébergeur:	Re: How would I limit access to DNS only on a Windows2003 DC Hi InLine >I would like to restrict access for the group responsible for > administering DNS in a domain to only those functions related to DNS. > DNS is installed on the domain controller. Would assigning them to the > DNSadmin group do the trick or would they need more permissions than > that provides? Yep. By default the DNS Admins group has full control of all zones and records in a Windows 2000 domain in which it is specified. However if you want to have more granular control over it you can check this: http://support.microsoft.com/?kbid=256643 > Does anyone know a good template for a group policy for > this purpose? Not sure what do you mean? Just Add the users to the DNS Admins group install the AdminTools console on their computers and they can manage the DNS from that console -- I hope that the information above s you Good Luck Jorge Silva MCSA Systems Administrator "Retrograde" <Jeffk67@yahoo.com> wrote in message news:1153944956.732302.75760@b28g2000cwb.googlegro ups.com... >I would like to restrict access for the group responsible for > administering DNS in a domain to only those functions related to DNS. > DNS is installed on the domain controller. Would assigning them to the > DNSadmin group do the trick or would they need more permissions than > that provides? Does anyone know a good template for a group policy for > this purpose? >

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email