Re: Oracle on Windows with Active Directory

From: Bill Ferguson <wbfergus_at_gmail.com>
Date: Thu, 30 Oct 2008 07:22:43 -0600
Message-ID: <4025610e0810300622x2984dca7ud8b0705dbf73664f@mail.gmail.com>

As I remember, I was authenticated against AD. The 'problem' server is up in Spokane and I'm in Denver, and the only way I could login remotely (while it was in AD), was to authenticate against AD. Because of this, Oracle insisted on grabbing all the information it could from AD, and not allowing me to specify anything different. In the workgroup configuration I didn't have the problem.

Our AD was designed by the folks at DOI, who I have never been impressed with yet in 18 years for any kind of technical decision, so there are quite a few flaws in the system. This was just the one that caused me the most grief until I moved it out of AD, and I've been so busy since I haven't bothered to investigate further since at least now it's working. One of these days though I imagine somebody will eventually force me to place these three servers back in AD, and knowing some of the pitfalls I'll encounter and how to address them would be handy. It may also allow me to either keep them in a workgroup, or at least force some changes in our AD implementation if this arrangement is less than ideal, instead of waiting until the last minute to try and get changes made.

One of biggest gripes/fears with our AD implementation (and why I prefer to keep the machines in a workgroup), is that any Domain Admin from any of the other agencies could fairly easily write a group policy to add themselves as an administrator on my machines and then force the policy out, and I am unable to prevent inheritance of group policies. It may be a groundless fear, but it still a possibility that I am dead-set against. I've only been lucky so far in that we are so big and dispersed, my machines have escaped detection so far.

If this configuration is problemmatic, that would be good to know when they finally catch up with me.

Thanks.

-- 
-- Bill Ferguson


On Thu, Oct 30, 2008 at 6:48 AM, Paul Drake <bdbafh_at_gmail.com> wrote:


>

>

>

> Bill,

>

> Were you logged on locally, or authenticated against the active directory

> when you were installing the software?

>

> I typically use a local OS account when installing the oracle software and

> have a local account own the oracle services.

>

> thanks,

>

> Paul

>

>

>

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Oct 30 2008 - 08:22:43 CDT

This message: [ Message body ]
Next message: Ravi Madabhushanam: "how to troubleshoot enq: WL - contention?"
Previous message: Freeman, Donald: "RE: Toad"
Maybe in reply to: Bill Ferguson: "Oracle on Windows with Active Directory"
Next in thread: M Rafiq: "RE: Oracle on Windows with Active Directory"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message