RE: os accounts on windows servers

• From: "Taylor, Chris David" <ChrisDavid.Taylor@xxxxxxxxxxxxxxx>
• To: "'cicciuxdba@xxxxxxxxx'" <cicciuxdba@xxxxxxxxx>, "'niall.litchfield@xxxxxxxxx'" <niall.litchfield@xxxxxxxxx>
• Date: Thu, 10 Feb 2011 09:07:56 -0600

Oh boy, really?  Did we just go here?

Most of the issues you mention have little or nothing to do with Oracle on 
Windows - but on Windows server management and how the "server guys" manage 
their operations.

I started out managing databases on Solaris 6 (I believe it was) and then onto 
RHEL 3 & 4, and now I'm in a Windows shop but I still keep up my Linux skills 
and when you manage your processes and operations right (applying patches etc), 
managing systems on Windows can be a great experience.

And for what it's worth, we run 9 Oracle instances on our Windows 
Active/Passive cluster with 64GB of RAM & 8 CPUs and the performance is 
fantastic.

The reasons for choosing 1 OS over another has little or nothing to do with the 
OS but with the processes and requirements of the shop in which it is 
configured.

Can the shop tolerate downtime for patches?  Is the shop required to maintain a 
99.999% availability SLA?  All those other questions decide (or should decide) 
the OS choice that meets all (or most) of the business requirements!



Chris Taylor
Sr. Oracle DBA
Ingram Barge Company
Nashville, TN 37205
Office: 615-517-3355
Cell: 615-663-1673
Email: chris.taylor@xxxxxxxxxxxxxxx<mailto:chris.taylor@xxxxxxxxxxxxxxx>

CONFIDENTIALITY NOTICE: This e-mail and any attachments are confidential and 
may also be privileged. If you are not the named recipient, please notify the 
sender immediately and delete the contents of this message without disclosing 
the contents to anyone, using them for any purpose, or storing or copying the 
information on any medium.

From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Guillermo Alan Bort
Sent: Thursday, February 10, 2011 8:15 AM
To: niall.litchfield@xxxxxxxxx
Cc: adar666@xxxxxxxxxxxx; ORACLE-L
Subject: Re: os accounts on windows servers

Something I'd keep in mind when installing oracle using an AD account is 
password security (expiration of the domain password) and to make sure that the 
software is set to run as LOCAL SYSTEM and not the DA account. That being said, 
I've performed the installation using an AD account several times and (at least 
the 11g installer) creates ORA_DBA group and the services are created to run 
with Local System... of course, you need to be part of the Local Administrator 
group, which is a good idea for the DBA to be and administrator in a DB server 
anyway  (in windows, and windows only)

With all that being said, I feel it is my duty to recommend you to avoid using 
windows as a server when at all possible. I've working in fairly large 
environments with a lot of diversity, and it is my experience that everything 
is more diffucult on windows than on unix, starting with the damned 
SQLNET.AUTHENTICATION_SERVICES parameter in sqlnet.ora... Also, just as a 
thought, Oracle's development platform is Linux...

Oh, and when you have to do maintenance on a DB on a Windows server and the IT 
Security department tells you NOT to log in to ANY server using your AD account 
because there's a virus in the network and we need to contain it... and when 
they have to reboot a production DB server to apply a hotfix (which happens a 
lot more often than unix patches) or when they need to reboot the DB server 
because it's been up more than 90 days straight... well, that's when you know 
the platform you've chosen is probably not the wisest choice.

I am sorry, I do not want this to turn into an OS Flame war... but it's just as 
easy to install linux and far easier to manage in the long run...

hth
Alan.-

On Thu, Feb 10, 2011 at 7:56 AM, Niall Litchfield 
<niall.litchfield@xxxxxxxxx<mailto:niall.litchfield@xxxxxxxxx>> wrote:
The installer will create the ORA_DBA group and add the installing user to it 
if it doesn't exist - and last time I looked would add the installing user if 
the group existed but the user wasn't a member. I feel a blog article coming on 
- especially as you might not actually want the installing user to become 
sysdba on all databases on the server.

On Thu, Feb 10, 2011 at 10:17 AM, Yechiel Adar 
<adar666@xxxxxxxxxxxx<mailto:adar666@xxxxxxxxxxxx>> wrote:
No problem. All our installs are performed with domain accounts.

The account need to a member of local administrators and also a member of 
ORA_DBA group on the oracle server.

Yechiel


On 09/02/2011 00:07, Joe Smith wrote:
Where is there a document on setting up oracle users to administrator the 
database on Windows servers?

Our admin wants to use domain accounts with Active Directory , but that does 
not sound right to me.

I have looked on metalink and the install docs but have not found anything yet.

Can somebody point to a document?



--
Niall Litchfield
Oracle DBA
http://www.orawin.info

• References:
  • os accounts on windows servers
    • From: Joe Smith
  • Re: os accounts on windows servers
    • From: Yechiel Adar
  • Re: os accounts on windows servers
    • From: Niall Litchfield
  • Re: os accounts on windows servers
    • From: Guillermo Alan Bort

Other related posts:

• » os accounts on windows servers- Joe Smith
• » RE: os accounts on windows servers- Allen, Brandon
• » RE: os accounts on windows servers- TJ Kiernan
• » Re: os accounts on windows servers- Yechiel Adar
• » Re: os accounts on windows servers- Niall Litchfield
• » Re: os accounts on windows servers- Paul Drake
• » Re: os accounts on windows servers- Guillermo Alan Bort
• » Re: os accounts on windows servers- Subodh Deshpande
• » RE: os accounts on windows servers - Taylor, Chris David
• » Re: os accounts on windows servers- Martin Bach
• » Re: os accounts on windows servers- Mostafa Eletriby

1. Home
2. oracle-l
3. Archive
4. 02-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---