Hi,
We currently have a 2008 R2 domain with two AD servers running DNS. I want to grant permission to a regular user to be able to create/modify records on the DNS server for the primary domain (company.com).
I have done some reading but everything keeps pointing to a zone delegation, which sounds overly complex and I am not sure it is what I want to do (I don't want a sub-domain).
I think the DNSAdmins group will give them too much control over the server (change forwarders, etc..).
I somehow managed to do this on a 2003 server DNS setup, but when I look at the security tabs for both the domain and the server, I cannot find any mention of the user who is able to create records, so I am not sure what I did to get this working.
Can someone please clarify how I might be able to go about accomplishing this task.
Thanks in advance!