Dns permissions for windows 2003 sp2 or later, Assigning the user to the server operator group – HP Storage Mirroring Software User Manual
Page 648
646 of 739
7. Select the Security tab.
8. Double-click on Root to expand the tree.
9. Select MicrosoftDNS, then click the Security button.
10. Verify that the user is in the ACL list with the following permissions. If the
permissions are not assigned, proceed to the next step.
●
Execute Methods
●
Full Write
●
Partial Write
●
Provider Write
●
Enable Account
●
Remote Enable
●
Read Security
11. Click Add, then enter the login name for the user account that the DFO.exe
command line will be using. If a different account is used to run DFO.exe from the
target server, that account must have similar permissions.
12. Click OK to close all open dialog boxes.
13. Restart the Windows Management Instrumentation service.
DNS permissions for Windows 2003 SP2 or later
Verify that the user has permissions to update DNS. The user must be:
●
The user must be a member of the DnsAdmins domain local group. For details,
see
Assigning the user to the DnsAdmins group
.
●
The user must be a member of the Server Operator, at the very least, to Deny the
source access to the records. The resource record security can be set through the
record properties within the DNSMgmt console. For details, see
.
●
The user must be one of the following:
●
A member of the Domain Admins group, or
●
Granted Full Control on each of the individual DNS records that are
associated to the source IP and to be updated by the DNS Failover utility
(DFO.exe). For details, see
.
Assigning the user to the Server Operator group
Follow these steps to add a user to the servers Server Operator group.
1. Select Start, Programs, Administrative Tools (Common), Active Directory
Users and Computers.
2. Click on Builtin.