SQL Server with Mr. Denny

Jan 13 2016   7:00PM GMT

Creating a cluster without Domain Admin permissions

Denny Cherry Denny Cherry Profile: Denny Cherry

Cluster management
Clustering/High availability
SQL Server
SQL Server availability

If you’ve ever watched a presentation when someone sets up a cluster you’ve probably noticed that it goes pretty smoothly. The reason for this is because the account which the presenter uses is a domain administrator.

But what about the real world?

In the real world unless you are a systems administrator you probably won’t be a Domain Admin when creating your cluster. There’s a couple of ways to get the cluster setup.

The first way is to be created the permission to create objects within the domain. This is the easiest option. If this isn’t an option then you have the second option available to you.

Pre-staging the objects is option #2. This option requires that a member of the systems administration team create the computer objects for the cluster (and any clustered resources like Availability Groups and Failover Clustered Instances). You also need to have the Domain Admin disable the accounts. This step is critical because if the computer accounts are enabled the Failover Cluster Manager won’t be able to use the computer account, and neither with the cluster when it comes to creating the computer objects for the FCI and/or the AGs.

You’ll also need to configure the computer objects for the actual cluster to be managed by the user who is configuring the cluster. For the other computer accounts (for the FCIs and the AGs) you need to setup the computer account for the cluster to be able to manage these other computer accounts.


5  Comments on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • ManeeshArora
    perplex over "You also need to have the Domain Admin disable the accounts. " What account you are referring to 
    10 pointsBadges:
  • Denny Cherry
    They need to disable the computer accounts which are prestaged.
    69,125 pointsBadges:
  • DJJC509
    Whn those computer account are created. Do they need to be assigned IP addresses
    10 pointsBadges:
  • Denny Cherry
    No, you don't assigned IP addresses in AD. You'll need the IPs to create the cluster, but you don't need them to create the accounts.
    69,125 pointsBadges:
  • ceejay2
    After configuring the cluster with domain admin privilege, will the clustered db work perfectly if the account is stripped of the domain admin privilege?
    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: