I've already limited the ability for customers to create new DNS zones as i don't want them to be able to do so. If a new domain get's bought or transfered i need to create the zone myself anyways. However is there a way to limit the following two things? -> Customers should not be able to delete Zones; As our NS server is responsible for the domain, i don't want customers to have control over this. -> Customers should not be able to edit the Zonesettings; I don't see the need for a customer to change the defaults that i set. I couldn't figure out if this is possible or not. Any help is appriciated.