Multi-Server Setup (MSS): check subdomain owner Lets assume you have box A (126.96.36.199) and box B (188.8.131.52) B has a domain b.com A has the "Domain Check" enabled for the IP of B in the MSS. ----- a User on A tries to create b.com. This correctly fails with "Domain already exists on 184.108.40.206" However, if a User on A tries to create sub.b.com with the "Subdomain owner check" enabled on A, then this is incorrectly allowed. Bug fix is such that the zone check from A to B will now add: check_for_parent_domain=true making the full check be: CMD_API_DNS_ADMIN?action=exists&domain=sub.b.com&check_for_parent_domain=true where, DA on B will first check all zones normally for sub.b.com. But when check_for_parent_domain=true is passed (which it will be now, from A to B), then a secondary check is done in the /etc/virtual/domainowners file. if b.com exists in the domainowners file, then the result of the above CMD_API_DNS_ADMIN check will return exists=2 (instead of exists=1), meaning the match was a parent domain of sub.b.com. Usernames have *no* effect on this check. Any existence of a parent domain in the domainowners will trigger exists=2. As with the local subdomain owner check, any "Admin" account will not have the subdomain owner checked at all. Neither locally, nor remotely. ============ NOTE: For stand-alone DA boxes as DNS servers: Say you have User boxes: u1.host.com u2.host.com and both of them are pushing zones to 2 stand-alone DA DNS servers, with Multi-Server Setup (MSS) ns1.host.com ns2.host.com For u1/u2, you'd usually have both ns1/ns2 listed in each with: Zone Transfer Domain Check enabled, so zones from u1/us2 are pushed to both ns1/ns2. However, with regards to the setting: check_subdomain_owner=1 because the owner of domain.com does not actually exist on ns1/ns2.. only the zone, the "owner" of the domain cannot be done (that domain does not exist in the domainowners file) So for this scenario, you'll also want to have u1 and u2 see each other, but not do a zone transfer. So on u1 MSS, add another host: u2.host.com with checkboxes for: Domain Check User Check and similiarly, on u2 MSS, add: u1.host.com with checkboxes for: Domain Check User Check This ensures that: 1) u1 and u2 will not have an overlapping Usernames, so the "owner" is unique per server. This ensure that if you have "fred" on u1, and a different human/domain on u2 with User "fred", that u2:fred cannot create a subdomain for u1:fred's domain names. 2) Domain Check, the subdomain owner check actually works, since the domainowners file exists on both boxes with proper domain/owner info, so the subdomain owner check actually works.