UltraDNS provides a very granular, role-based access control, via a Group(s) organizational flow. By default, there are 3 pre-configured groups that users can be assigned to, along with the system permissions configured per group.
- Administrative - Users in this group will have access to all account functions, including being able to change the Primary User for the account. The Primary User and Administrative users are the only users that can invite new users to the account.
- Reporting - Users in this group will have Read-only access for all account functions. Read-Only access means that users can view details and various features on the account, but they cannot edit any account level or domain level details.
- Technical - Users in this group will have access to all account functions, except for changing the primary user, as well as editing the Account Info (username and password).
Even though the Administrative Group Users and Primary User share the same permissions, there are a few key fundamental differences available only to the Primary User.
- Only the Primary User can set the Account Level Allowed IP Ranges that determines UltraDNS Portal Access.
- This function can be found in the Accounts -> Account Level Allowed IP Ranges section of the account.
- Only the Primary User can configure Zone Transfer and Service Notifications for the account.
- Simple Failover Pools are configured to send an email alert whenever the status of a monitored endpoint changes. The email notification is sent ONLY to the primary and secondary email addresses provided for the Primary User of the account.
- The Primary User of an account is the first point of contact for the UltraDNS Support Team.