Infoblox Exchange Cybersecurity Roadshow 2020 – Join us!
North America | Europe | Middle East/Africa | Asia-Pacific



ALL USERS - Write permissions to reverse zones (PTR Records)

Posts: 1
1258     0

Hi Everyone,

We currently use Infoblox to manage a complex DNS system with administration delegated to many different groups and administrators. We are increasingly having issues whereby write permssions have been given to the forward lookup zone ie  -, but permissions to the reverse lookup zone have not been assigned. This reverse zone is not always a 1 to 1 mapping so auditing this is difficult.

I was considering whether it is sensible to give hte ALL USERS group write access to PTR records, such that forward lookup zones are restricted, but reverse zones are not. This would greatly simplify our permissions management, but i am concerned of the security implications. Does anyone have any thoughts on this?? Know of obvious security problems with doing this?? Any ideas would be greatly appreciated.



Showing results for 
Search instead for 
Do you mean 

Recommended for You