Grant DNS admin start / stop service rights

  • Section(s): DHCP and DNS
  • Published on Apr 20, 2004.
  • Last Modified on Apr 20, 2004.
  • Last Modified by Wayne Maples.
  • Rated 2.8 out of 5 based on 6 votes.
On news groups I see lots of discussion centering around granting admin access to DNS services. This is usually couched in an arguement about whether unix admins should or should not have admin access to the DNS service. If you do that, you give them admin access to everything. What you can do is give the DNS admins the right to start / stop the DNS services through Group Policy objects. Open the GPO for the server's container:
  • Computer Configuration
  • Windows Settings
  • Security Settings
  • System Services
  • DNS Server
  • check Define this policy setting
  • click the Edit Security button.
There you can set security for the service, specifically which group or users have the right to start/stop/pause the service. Delegation of authority is the fundamental advance W2K has over NT.

About Wayne Maples

Share this article


Article not looking right or info is missing? Let us know so that we can fix it: .


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowsNetworking.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowsNetworking.com member!

Discuss your network issues with thousands of other network administrators. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred Network Inventory solution?