09-23-2015 08:47 PM
This is my first thread, i am the part of a big IB (infoblox) setup. I have a question and puting here because this is the right place to discuss it.
Is there any possibility to apply a restriction not to create more than 1 host record for 1 IP, could be apply anywhere like user/domain/IP/subnet/DNS view.
Any help would be appreciated.
Thanks in advance.
09-23-2015 11:56 PM
Unfortunately our permissions system cannot disallow someone from creating another host record for the same IP.
Keep in mind if you need this level of control, you could enable workflows, which means that a submitter cannot make changes go live until an approver approves it. This way you can control the creation of those host records/IP via the workflow feature.
To enable workflows try going to - Administration > Workflow > Approval Workflows and create an approval workflow to test the scenario.
Hope this helps.
09-24-2015 06:01 AM
That's quite an interesting requirement, another one I came across recently was the customer wanted the ability to only allow people to create DNS records, not delete or edit them once they had been created. The idea being that the risk of adding something has quite a low probability of effecting something else, whereas changing/editing or deleting something has a higher risk associated with it.
So they were looking for more granularity in the Infoblox permissions - unfortunately when you grant read/write access, you give permission for the user to delete/edit as well as create.
We have suggested writing a custom front end for this customer that will only allow their operators to add records. If something needs to be changed or deleted, a different team will do that using the native Infoblox GUI.
Maybe you have a team of developers that can write a custom GUI for you?
PCN (UK) Ltd
All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE