This release adds enhanced support of the Oracle local user groups. In previous releases, when adding a database to a cluster group (role), if the operating system authentication was chosen for the authentication method, Oracle Fail Safe would create a local group named ORA_sid_DBA
on the other nodes in the cluster and it would add the Fail Safe server username to that group. If the ORA_sid_DBA
local group on the original owner node contained other member entries, those entries were not replicated to the other cluster nodes.
In this release of Oracle Fail Safe when a database is added to a cluster group, if the ORA_sid_DBA
local group exists, it is copied to the other cluster nodes. Similarly, the ORA_sid_OPER
group is replicated to other nodes. Fail Safe will not copy any group members that are specific to that node, such as a local user name. It will copy Windows built-in members. For example, the built-in Administrators member will be copied to other nodes.
During cluster validation, Oracle Fail Safe compares the Oracle local user groups on each node in the cluster to determine if they have the same member lists. The specific groups that are verified are:
ORA_DBA
ORA_OPER
ORA_homename_DBA
ORA_homename_OPER
ORA_homename_SYSBACKUP
ORA_homename_SYSDG
ORA_homename_SYSKM
ORA_sid_DBA
ORA_sid_OPER
If a local group does not have identical member lists on all nodes of the cluster, a warning message is issued. Oracle Fail Safe only examines the ORA_sid_DBA
and ORA_sid_OPER
local groups for databases that are cluster resources (members of a cluster role).