Reply

Windows administrative right for MS overlay

Member
Posts: 2
3469     0

Hi IB Expert,

 

We are managed service provider. We are offering managed Infoblox Grid Master service with Mircosoft overlay to provide pure IPAM function to customer managed windows DNS and DHCP server. Our customer is questioning what type/ privilege level of windows admin ID they need to create for us. They have security concern if giving us a full privilege windows administrative ID. What is the minimum priviledge level that IB needs to pull data from MS DNS/ DHCP servers? Where can I find an offiical documentation to support this?

 

Chan

Re: Windows administrative right for MS overlay

Adviser
Posts: 200
3470     0
For just data synchronization of DNS and DHCP data, the service account would need to be added to the Domain Admins or DHCP Admins group. This is documented in the Admin Guide.

If they want to restrict permissions further, they can do so but they’d have to create a new set of permissions but using the “Special Permissions” and select the “read all objects” at the DNS server level. Even if they do this, there may be instances where some zones (and some newer zones) may not properly inherit the permissions so those zones would need to be manually reapplied each time.

On your end, you would NOT configure service management…just data synchronization.

Re: Windows administrative right for MS overlay

Member
Posts: 2
3470     0

Where can I find the Admin Guide?

Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Businesses are investing heavily into securing company resources from cyber-attacks form cybercrimin