Host management networks need to be publicly connected. Specifically they need direct access to DNS and AD resources or the cluster will not function properly. The cluster name resource may be failing if it is not communicating correctly with AD.
Cluster communication is OK for this network and is actually advised, provided you have set CSV network priority correctly.
In addition. When you create the cluster, a ComputerObject is created in Active Directory with the name of the Cluster, and also adds an entry to your DNS server. Thats why it need direct access to DNS and AD resources.
Regards,
The CNO and VCOs are computer accountsand like user accounts, computer accounts have passwords. AD randomly generates the passwords for computer accounts. By default, the domain policy will reset the password for a computer account every 60 days.
The CNO is used for operations such as joining new nodes to the cluster, creating new objects in the domain, and performing a live migration of virtual machines (VMs) between nodes. The CNO's domain password must be up-to-date for these operations to occur. To be on the safe side, the Cluster Service will attempt to reset the password for its objects at the halfway point (30 days). If the password hasn't been reset at the 60-day mark, the name will fail to come online.
To reset the password, you need to do a repair from within Failover Cluster Manager. As Figure 6 shows, you right-click the failed name resource, select More Actions, and choose Repair.
Figure 6: Resetting the CNO Password Manually in Failover Cluster Manager
When issuing a repair, Failover Cluster Manager uses the user account with which you logged on to contact AD to reset the password. Therefore, you must have the Change Password right on the CNO; otherwise, the repair will fail. You also need to make sure that the Reset Password right is enabled on the CNO and VCOs so that WSFC can reset the password when it needs to.
This topic is archived. No further replies will be accepted.
Other recent topics
