locked
Admin privileges issue for creating windows cluster RRS feed

  • Question

  • Hi,

    We want to install SQL Server 2012 Active/Passive cluster on Windows Server 2012.
    Node1 and Node2 are in domain with SAN 

    While Validating/ Creating windows cluster logging on Node1

    1. Validate / Create Cluster
    2. Browser search for 2 nodes
    3. Next (Only current node is displayed) and 

    Message displayed

    'You do not have administrative privileges on Node2' 

    Vice Versa with Node2

    'You do not have administrative privileges on Node1'

    Objects are manually created in AD because domain id 'clusadmin' does not have administrative rights

     domain id 'clusadmin' is also in domain. It does not have domain administrative rights due to policy. We have added this id in local administrator group

    Are there any specific delegation/ permission that we can give to domain id 'clusadmin' instead of giving administration privileges for creating cluster

    Regard,

    Nikhil Desai




    Wednesday, July 27, 2016 9:56 AM

Answers

  • Hi Nikhil,
    The person who installs the cluster must use an account with the following characteristics:
    The account must be a domain account. It does not have to be a domain administrator account. It can be a domain user account if it meets the other requirements in this list:
    o The account must have administrative permissions on the servers that will become cluster nodes. The simplest way to provide this is to create a domain user account, and then add that account to the local Administrators group on each of the servers that will become cluster nodes.
    o The account (or the group that the account is a member of) must be given the Create Computer objects and Read All Properties permissions in the container that is used for computer accounts in the domain.
    o If your organization chooses to prestage the cluster name account (a computer account with the same name as the cluster), the prestaged cluster name account must give “Full Control” permission to the account of the person who installs the cluster.
    o Please see details from:
    Failover Cluster Step-by-Step Guide: Configuring Accounts in Active Directory
    https://technet.microsoft.com/en-us/library/cc731002(v=ws.10).aspx#BKMK_steps_installer
    Regards,
    Wendy

    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Vincent Boots Friday, July 29, 2016 6:46 AM
    • Marked as answer by Wendy Jiang Monday, August 1, 2016 8:49 AM
    Friday, July 29, 2016 6:44 AM