JanuszU

Yes, this is exactly what I mean

a simple solution: 1. in ../vinyldns/docker/portal/application.conf in section "LDAP", add a new config parameter `groupDN = "CN=vinyl_admins,OU=ourDept,DC=company,DC=com,DC=pl"` 2. in ../vinyldns/modules/portal/app/controllers/Settings.scala add a line: `val ldapGroupDN: String = config.get[String]("LDAP.groupDN")` 3. in...

in the current version the "super user" is build in and pays a huge role; but I can see no way to assign a super user so at least a...

@pauljamescleary The functionality I need is a group of admins-approvers and a group of users that may apply for a change or a new record. All their applications need an...

@pauljamescleary thanks for putting the access rights clear. Currently the access is "zone centric". I think the good idea is to move step by step towards RBAC. To fine grade...

@pauljamescleary Your 3 step solution sounds very good. If I could assign such ACL to a group would be delicious.

@pauljamescleary I think it goes clear from Your 3 points. ACL applies to a particular ZONE. every zone has its AdminGroup an ACL may be set by a zone Admins...

@pauljamescleary I am just describing my scenario. We are a mid size business, having about a 200 zones. The only usage of two-zone batch request in my situation is an...

@pauljamescleary "A" record is crucial o course, if it helps coding make it just for the forward zones