Обсуждение: WINDOWS INSTALLATION TIPS
we installed postgres on our windows 2000 server yesterday and faced a few problems (related to initdb ). We found that a few initial steps will make things easy for all. These are not listed out in the forums or postgres docs. if it is ok you can post these in the postgres windows faq. we have written below a few lines which may help others. this applies to win2k and also apply to win2003 a) if your server is hosted in a dataceneter for installation on windows 2000 you cannot use terminal service. you need a remote desktop service. you can install realvnc (http://www.realvnc.com) install it (you can uninstall it later) so that you get access to your server similar to a console. Ifyou are using win2003 use remote desktop for installation. b) postgres database server will not install as an user with administrator rights. So before starting installation create some random user : "my_postgres" under computer management > users , and remember the password. By default this user which you create will belong to the member of "users" group which has limited permissions. c) create a folder say c:\postgres. It is assumed that the windows users "system" and "adminstrator" already have full rights over entire c: drive d) now select the folder c:\postgres > properties > security > add user "my_postgres " and user "everyone". both users should be given full permissions to ready / write / modify etc to the c:\postgres directory location. After installation you SHOULD remove user "everyone" but retain "user_postgres" user which selective permissions as per posgres documentation. e) go to c: drive properties > quotas > make sure you give user_postgres unlimited quota or atleast around 200 mb. if you dont do this then installation may stop midway with errors. f) now you can start your installation and give path c:\postgres during installation instead of c:\program files, and use the above user : my_postgres . remember that after installation postgres service under windows service will run as "my_postgres" for security purpose. Now remove user "everyone" from c:\postfix Adjust the user_postgres permissions as per postgres document. Restart "postgres" service and check. If the permissions on the c:\postgres directory is not correct then the service will not start correctly. hope this helps many new people
INDIANNIC-HOSTING wrote: > > we have written below a few lines which may help others. this applies to > win2k and also apply to win2003 Always good to have someone take the time to document their experiences. > a) if your server is hosted in a dataceneter > for installation on windows 2000 you cannot use terminal service. Hmm - this *should* be documented somewhere. I don't really use Windows and I know about it somehow. > b) postgres database server will not install as an user with administrator > rights. Indeed not. Or rather, it won't run as an administrator. I think you should be able to run the installer as Administrator and tell it to do the next step for you. I'm sure someone will correct me if I'm wrong. > So before starting installation create some random user : > "my_postgres" under computer management > users , and remember the > password. Yes, but it's probably better to call the user "postgres" unless you have a reason not to. Traditionally that's the default user-name. One other point that can catch people out is that internal database users aren't the same as O.S. users, although if you try and connect via psql and don't give it a user-name it will default to using the current O.S. user. Thanks for documenting your experience. Remember to always keep up-to-date with minor version-number updates. -- Richard Huxton Archonet Ltd
On Feb 12, 2008 8:19 AM, Richard Huxton <dev@archonet.com> wrote: > > a) if your server is hosted in a dataceneter > > for installation on windows 2000 you cannot use terminal service. > > Hmm - this *should* be documented somewhere. I don't really use Windows > and I know about it somehow. It is indeed documented: http://www.postgresql.org/docs/faqs.FAQ_windows.html#3.5 It will run on a TS enabled machine - you just cannot run the server or initdb from a TS session. You can overcome this by runing the installation directly on the console, or on the console via VNC, or using the terminal services client in console mode (eg. mstsc /console ) > > b) postgres database server will not install as an user with administrator > > rights. > > Indeed not. Or rather, it won't run as an administrator. I think you > should be able to run the installer as Administrator and tell it to do > the next step for you. I'm sure someone will correct me if I'm wrong. Actually 8.2 and above will (quite safely) on Windows: http://www.postgresql.org/docs/faqs.FAQ_windows.html#2.3 For the technically minded it does so by creating a restricted security token from which all administrative group memberships are removed and then re-execs itself using that token. The child process doesn't have the privileges to re-elevate itself which is what makes it safe. -- Dave Page EnterpriseDB UK: http://www.enterprisedb.com The Oracle-compatible database company
Dave Page wrote: > On Feb 12, 2008 8:19 AM, Richard Huxton <dev@archonet.com> wrote: >>> b) postgres database server will not install as an user with administrator >>> rights. >> Indeed not. Or rather, it won't run as an administrator. I think you >> should be able to run the installer as Administrator and tell it to do >> the next step for you. I'm sure someone will correct me if I'm wrong. > > Actually 8.2 and above will (quite safely) on Windows: > http://www.postgresql.org/docs/faqs.FAQ_windows.html#2.3 > > For the technically minded it does so by creating a restricted > security token from which all administrative group memberships are > removed and then re-execs itself using that token. The child process > doesn't have the privileges to re-elevate itself which is what makes > it safe. So it still appears in process lists as belonging to e.g. "Adminstrator" but has restricted perms? Ingenious, but a bit fiddly for a server daemon for my tastes. Fortunately, I can safe safely on the *nix side of the fence most of the time nowadays. -- Richard Huxton Archonet Ltd
Hi,
Richard Huxton wrote:
> INDIANNIC-HOSTING wrote:
>
>> a) if your server is hosted in a dataceneter
>> for installation on windows 2000 you cannot use terminal service.
>
> Hmm - this *should* be documented somewhere. I don't really use Windows
> and I know about it somehow.
Can't you use "change user /install" inside a terminal session to make
this work? Open a CMD prompt, and type "change user /install"...
http://support.microsoft.com/kb/320185
Maarten
Maarten Boekhold wrote: > Hi, > > Richard Huxton wrote: >> INDIANNIC-HOSTING wrote: >> >>> a) if your server is hosted in a dataceneter >>> for installation on windows 2000 you cannot use terminal service. >> >> Hmm - this *should* be documented somewhere. I don't really use >> Windows and I know about it somehow. > > Can't you use "change user /install" inside a terminal session to make > this work? Open a CMD prompt, and type "change user /install"... > > http://support.microsoft.com/kb/320185 No, that's not the problem in this case. It's the launching of initdb that doesn't work. Also, it "change user /install" has no effect if you're using windows 2000 in administrative terminal servics mode, only in application mode. But if yo do use it in application mode (which you probably aren't doing on your pg servers, but it's certainly possible), then you should *also* do the change user trick - like with all ts apps. //Magnus