Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
Creating a failover cluseter: "cannot reach a writable domain controller" Why?

Answered Creating a failover cluseter: "cannot reach a writable domain controller" Why?

  • Thursday, January 17, 2013 7:46 AM
     
     
    Sign In to Vote
    0

    Hi I am creating a failover cluster and in the test all things passed just this fails:

    Validate active directory configuration

    Node(s) xxx.y.z cannot reach a writable
    domain controller. Please check connectivity of these nodes to the domain
    controllers.

    I don't know what is exactly going on, first  I just performed the tests!

    What to do?

    Thanks in advance

     

All Replies

  • Thursday, January 17, 2013 7:48 AM
     
     
    Sign In to Vote
    0

    AFAIK, for creating the cluster you need domain admin previllage in 2008(By default).

    Below ports should be opened in all the DCs for AD/DNS.

    Service

    Port/protocol

    RPC endpoint mapper

    135/tcp, 135/udp

    Network basic input/output system (NetBIOS) name service

    137/tcp, 137/udp

    NetBIOS datagram service

    138/udp

    NetBIOS session service

    139/tcp

    RPC dynamic assignment

    Win 2k/2003:1024-65535/tcp
      Win 2008+:49152-65535/tcp

    Server message block (SMB) over IP (Microsoft-DS)

    445/tcp, 445/udp

    Lightweight Directory Access Protocol (LDAP)

    389/tcp

    LDAP ping

    389/udp

    LDAP over SSL

    636/tcp

    Global catalog LDAP

    3268/tcp

    Global catalog LDAP over SSL

    3269/tcp

    Kerberos

    88/tcp, 88/udp

    Domain Name Service (DNS)

    53/tcp1, 53/udp
     

    See the below link as weel.

    tp://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

    _________________________________

    Best regards Biswajit Biswas Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, MCTS, Enterprise Admin, MCC, Technet Wiki Ninja



    • Edited by i.biswajith Thursday, January 17, 2013 7:48 AM
    • Edited by i.biswajith Thursday, January 17, 2013 7:50 AM
    •  
     
  • Thursday, January 17, 2013 9:06 AM
     
     Answered
    Sign In to Vote
    1

    Hello,

    Is one or both your nodes Domain Controller?

    If yes, It is not recommend. Please read this links:

    How to use Windows Server cluster nodes as domain controllers (KB281662)

    Domain Controllers as Cluster Nodes - Bad Idea

    Regards

     
  • Thursday, January 17, 2013 10:48 AM
     
     
    Sign In to Vote
    0
    Thanks but how to make the domain writable?
     
  • Thursday, January 17, 2013 5:56 PM
     
     Answered
    Sign In to Vote
    0

    Hello,

    You can use 3x machine. 1x DC & DNS, 2x member servers for Cluster node.

    If you have Windows Server 2012, read this link:

    Windows Server 2012 Failover Cluster – Enhanced Integration with Active Directory (AD)

    Regards