Setting Up Permissions

Stephen Grant Brown stephengrantbrown at
Thu Oct 20 06:38:36 UTC 2011

Hi Kevin,
Thank you for your speedy reply.
Unforetuneately I believe the problem runs deeper than that, but correct me 
because if I am wrong.

Hi Kevin and All,
Under Windows Vista, home edition, I went into control panel - Add or remove 
user accounts.
I did not see a named account.
I tried to add a new user account. I entered named as account name and it 
said I had illegal charactors in the name.
The previous paragra[h in the document quoted below reaads
As of release 9.3.0, BINDInstall requires that you install it under
a account with restricted privileges. The installer will prompt
you for an account name, the default is "named", and a password for
that account. It will also check for the existence of that account.
If it does not exist is will create it with only the privileges
required to run BIND. If the account does exist it will check that
it has only the one privilege required: "Log on as a service". If
it has too many privileges it will prompt you if you want to continue.
Do I see accounts with privilege "Log on as a service"?
How do I set the privillege required?
What have I stuffed up?
Yours Sincerely Stephen Grant Brown

----- Original Message ----- 
From: "Kevin Oberman" <kob6558 at>
To: "Stephen Grant Brown" <stephengrantbrown at>
Cc: <bind-users at>
Sent: Thursday, October 20, 2011 4:50 PM
Subject: Re: Setting Up Permissions

> On Wed, Oct 19, 2011 at 9:47 PM, Stephen Grant Brown
> <stephengrantbrown at> wrote:
>> Hi All,
>> In the readme1st.txt files that comes with Bind 9.8.1 for Windows I read
>> ------------------------------------------------------------------------------------------------------------------------
>> With BIND running under an account name it is necessary for all
>> files and directories that BIND uses to have permissions set up for
>> the named account if the files are on an NTFS disk. BIND requires
>> that the account have read and write access to the directory for
>> the pid file, any files that are maintained either for slave zones
>> or for master zones supporting dynamic updates. The account will
>> also need read access to the named.conf and any other file that it
>> needs to read.
>> --------------------------------------------------------------------------------------------------------------------------------
>> I have looked for the named account but cannot find it.
>> Can someone explain this in more detail please? Or at least point me to a
>> more informative explanation?
> You need to create a named account on the system and set the ownership
> and protections of the files as stated. named should be able to read
> the named.conf file, but should not own it or have write access to it.
> named must have read access to all zone files as well as both read and
> write to the directory where they are located.
> -- 
> R. Kevin Oberman, Network Engineer
> E-mail: kob6558 at

More information about the bind-users mailing list