Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Wednesday, July 27, 2016 9:56 AM
Hi,
We want to install SQL Server 2012 Active/Passive cluster on Windows Server 2012.
Node1 and Node2 are in domain with SAN
While Validating/ Creating windows cluster logging on Node1
- Validate / Create Cluster
- Browser search for 2 nodes
- Next (Only current node is displayed) and
Message displayed
'You do not have administrative privileges on Node2'
Vice Versa with Node2
'You do not have administrative privileges on Node1'
Objects are manually created in AD because domain id 'clusadmin' does not have administrative rights
domain id 'clusadmin' is also in domain. It does not have domain administrative rights due to policy. We have added this id in local administrator group
Are there any specific delegation/ permission that we can give to domain id 'clusadmin' instead of giving administration privileges for creating cluster
Regard,
Nikhil Desai
All replies (1)
Friday, July 29, 2016 6:44 AM ✅Answered
Hi Nikhil,
The person who installs the cluster must use an account with the following characteristics:
The account must be a domain account. It does not have to be a domain administrator account. It can be a domain user account if it meets the other requirements in this list:
o The account must have administrative permissions on the servers that will become cluster nodes. The simplest way to provide this is to create a domain user account, and then add that account to the local Administrators group on each of the servers that will become cluster nodes.
o The account (or the group that the account is a member of) must be given the Create Computer objects and Read All Properties permissions in the container that is used for computer accounts in the domain.
o If your organization chooses to prestage the cluster name account (a computer account with the same name as the cluster), the prestaged cluster name account must give “Full Control” permission to the account of the person who installs the cluster.
o Please see details from:
Failover Cluster Step-by-Step Guide: Configuring Accounts in Active Directory
https://technet.microsoft.com/en-us/library/cc731002(v=ws.10).aspx#BKMK_steps_installer
Regards,
Wendy
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected].