On 06.02.2016 17:34, Kägi Adrian wrote:
We're looking for a web based Admin Tool, to manage our zone files on two Bind DNS (Master, slave) Servers. If any possible, this tool should support zone based admin rights for external customers.
I do this the following way - haven't found anything better yet:
- Webmin - Add the Slaves into the Webmin Master within "Other Servers" - This way, we have single sign on
Step 2: Go to bind settings Webmin>Servers>Bind>Cluster slave Servers Add the other Slaves (3 in my case) Create secundary on slave: yes create all existing master zones on slave: yes name for NS record: show the ns2.yourname.ch
make sure to not have a trailing . or it might double .. on the end in the zone
now put virtualmin over it (don't get fooled into having to use the commercial cloudmin)
now you have delegated access. you still see all zones as sudo user ;) Perfect imho.
I created a package (Service definition) that only allowed dns changes) I then use whmcs to manage my client- my clients can order their own free DNS management via a "free package" on WHMCS which then provisions on these dns.
Do not let a provisioning system auto-accept orders. Otherwise, someone will create gmail.com on your dns and hijack all the emails of the people which use your dns to resolve (that's one reason one should keep resolvers and authoritative DNS Split)
I hope that was some input, it took me quite some time to figure out the best solution.
ps: Tested even to have clients order reverse v6 zones. it worked! The client might be even on this ML ;)
Silvan