We're running a Windows DNS (Server 2008, Active Directory) on our network. I have created domains under our zone for each of our web developers, and configured an A record under that domain.
While I can easily add CNAME records for sub-domains under a developer domain, I'd like the developers to be able to configure those for themselves – that way, they can generate new CNAMEs for new projects when they need to without bothering me.
For example:
Zone
- company.supernet.net.au
Developer domain
- frank.company.supernet.net.au
Developer subdomain (entered as CNAME for developer domain)
- redesign.frank.company.supernet.net.au
- project.frank.company.supernet.net.au
Is there an easy way to allow this? I tried searching, but all I get is instructions on how to create a CNAME from the DNS administration directly. I don't want to give all of our developers full access to the server if it can be avoided.
Best Answer
How do you store your zone data? Is it active directory integrated, zone files?
If it's AD int, try this:
Launch ADSIEdit.msc
Right click the ADSIEdit node in the tree, select "connect to"
Connection point Select or type a Distinguished Name or Naming Context: DC=DomainDnsZones,DC=company,DC=supernet,DC=net,DC=au
Expand the tree until you see the Frank zone
Right click Frank, select properties
Click Security tab
Grant Frank's account full control
Frank will still use the DNS MMC, but will only be able to make changes in his zone.