I have tried to install Oracle 12c Enterprise Edition on a computer also running as AD Server. Including the October 2015 patch. Operation system is Windows Server 2012 R2
A managed service account is used as user when installing the server. (and 32 bit client)
Everything looks perfect, until I reboot the computer. Then the computer starts to act as a zombie.
Usually, the oradim command does not respond at all, it just hangs.
This configuration, running both Oracle and AD server on the same computer is to save virtual machines in our vCloud test configuration.
When Oracle and AD is not installed on the same computer, it works like a charm.
Does anyone have a clue what's wrong, or if it is a known limitation?
Best Answer
Once you run dcpromo to create an AD domain controller, this server differs significant from a common Windows Server as you are used to work with. In your case the most critical point is that a domain controller does not know local users and groups because it does not have a local context. But what Oracle requires, when you create a database via the Oracle Installer or oradim on Windows, is to create several local groups like ORA_DBA, ORA_OPER, etc. and also adding users to these groups. Otherwise you can not do stuff like e.g. "sqlplus / as sysdba". Knowing about what is going on in the background during Oracle database installation makes it easy to understand why you can not run Oracle on an AD domain controller because the installer can not create the local groups resulting from the fact that an AD server does not have a local context. Please find a list of the required local groups here under section 4.1.4: https://docs.oracle.com/database/121/NTDBI/user_grps.htm#NTDBI260
In case your oradim command created and started a database successfully, you resulted in a database using the LocalSystem Account (NT AUTHORITY\System) to start the database which Oracle does not recommend since Oracle 12c. It was the default until Oracle 11g but Oracle introduced the new Oracle Homer User for security reasons as requested from Oracle customers. You can still use the LocalSystem Account and in your case this has been done. In addition you have no local Oracle groups as listed under section 4.1.4 and in case you request support I have serious doubt that Oracle Support will accept your installation.
The above topics are the basic reasons why all customers who asked me in the past how to install Oracle on a domain controller finally have decided not to do so. I must add that I can not predict what kind of errors and failures might result from an installation which actually misses the required local Oracle groups.
Hope that helps.