Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Failsafe & Active Directory
"Holger Baer" <holger.baer_at_science-computing.de> wrote in message
news:d71c9g$svo$1_at_news.BelWue.DE...
> William wrote:
>> Hi,
>>
>> I would like to know the minimum permissions required to use failsafe in
>> an Active Directory environment.
>>
>> Is there any documentation available describing how Failsafe is reliant
>> on security or other mechanisms e.g. DNS in Active Directory?
>>
>>
>> Thanks,
>>
>> William
>
> I always found the installation manual sufficient that comes with the
> software. ;-)
>
> You need
> a) an AD User that is administrator on all nodes in the cluster that are
> going
> to host oracle
> b) the same or another user running the Oracleservices for MSCS wich is
> given the
> right to run as a service.
>
> Nothing fancy, really.
>
> Are you facing any specific problems? You might also want to know this:
>
> http://groups.google.de/group/comp.databases.oracle.server/browse_thread/thread/e8a1ec0e6d15de4c/a286cb1558a6886c?q=Failsafe+Search&rnum=2&hl=de#a286cb1558a6886c
>
> HTH
> Holger
Thanks for your reply Holger, in the end I managed to find some documentation on the Oracle website and it would appear that your response was correct with this document.
From Oracle document:
"In the Oracle Services for MSCS Account/Password dialog box, enter the
domain, user name, and password of a user account that has Administrator
privileges. This is the account that Oracle Services for MSCS will be using
to access this cluster. Oracle Services for MSCS runs as a Windows service
(called OracleMSCSServices) under a user account that must be a domain user
account (not the system account) that has Administrator privileges on all
nodes of this cluster. The account must be the same on all nodes of this
cluster, or you will receive an error message when you attempt to connect to
a cluster using Oracle Fail Safe Manager. You enter the information in the
form Domain\Username, as shown in Figure 2-9, or if you are using Windows
2000, you can enter a user principal name in the form Username_at_DnsDomainName
in the Domain\Username box. "
So it would appear there is no reliance on Active Directory although a
Domain User account is required. The acccount should have local
administrator access on all nodes, this will in turn allow the
Oracleservices for MSCS the right to run as a service.
Thanks,
William Received on Wed May 25 2005 - 05:19:15 CDT