Re: More SQL Clustering Fun

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

On Jul 23, 6:10 pm, Ryan McCauley
<RyanMcCau...@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
There are two accounts involved - in your case, they might be one AD account
that does both things, but in ours, it's two different accounts.

On one of the cluster nodes, in the "Services" admin tool, check to see
which account "Cluster Service" is running as. This is the account that will
need rights to add a computer to the domain.

If you check the account "SQL Server (YourInstanceName)" is running as,
that's the SQL Service account. It doesn't need rights to add a computer to
AD (and it shouldn't, since best practices says this account should be least
privileged), but it won't hurt anything if it does.

It's the first account I'm asking about - can that account join a computer
to the domain?


We're using a Windows 2008 Failover Cluster configuration and the
Cluster Service has to run as the local system account or it won't
start properly. That appears to be a best practice for the Windows
2008 Failover Clustering according to some of the posts I've come
across in the Windows 2008 clustering forums. I tried to change the
account the Cluster Service runs as from the local system to a domain
account and it gives the following error:

Error 1297: A privilege that the service requires to function properly
does not exist in the service account configuration. You may use the
Services Microsoft Management Console (MMC) snap-in (services.msc) and
the Local Security Settings MMC snap-in (secpol.msc) to view the
service configuration and the account configuration.

I've been trying to follow the SQL Server 2008 Failover Clustering
white paper that was published June 2009. I found it at this link:

http://blogs.msdn.com/petersad/archive/2009/07/11/sql-server-2008-failover-clustering-whitepaper-has-been-published.aspx

It doesn't indicate as a pre-requisite that I can find of altering
the Cluster Service to run as a domain account. Perhaps there is
something incorrect in the white paper. The computer account does
appear in AD and the permissions on it appear to inherit that of the
parent OU, which seems proper.
Thanks so much for continuing to help me out. I've done clusters
with Windows 2003 Server and SQL 2005 without incident. I'm having a
difficult time addressing all the differences.

Drew Flint
Plex Systems
.

Relevant Pages

  • Re: 0x8007005 Access is Denied adding new host to Active/Active Cluste
    ... Also ensure that this account is an Administrator ... to create the first node in a cluster or add additional nodes. ... specify the domain user account under which the Cluster service runs. ... Professional, or to administer a cluster locally from a node, you must use ...
    (microsoft.public.windows.server.clustering)
  • Re: Clstr Servce wont start after changing logon account
    ... By any chance did you enable cluster logging? ... try changing the cluster service account to ... You said "Server1 runs as domain controller unless something goes wrong at ... What advantage does that have over having 2 separate DCs? ...
    (microsoft.public.windows.server.clustering)
  • Re: Exchange install failed
    ... Cluster Common Failure Exception: The group or resource is not in the ... trying to install Exchange again. ... I had removed the computer account, but didn't realize it had gotten ...
    (microsoft.public.exchange.setup)
  • Re: Exchange install failed
    ... Cluster Common Failure Exception: The group or resource is not in the ... trying to install Exchange again. ...  I had removed the computer account, but didn't realize it had gotten ... as a computer account in AD) an admin on both cluster nodes? ...
    (microsoft.public.exchange.setup)
  • Re: Error 42d during Fail Over SQL 2000 Enterprise in a Server 2003 Ent. Cluster
    ... a valid login that you add back the service account that operates the ... Cluster service. ... Microsoft SQL Server MVP ... Administrator account, have re-entered the username and password 3+ ...
    (microsoft.public.sqlserver.clustering)