If you are running Windows Server 2012 and find that you are having to repeatedly run Repair every ~30 days, ensure you have hotfix KB2838043 installed. Repair is only available through the Failover Cluster Manager snap-in, there is no Powershell cmdlet available to script the action. To run Repair, the Network Name resource must be in a "Failed" or "Offline" state. The CNO must have "Create Computer Objects" permissions on the OU in which it resides to recreate the VCO's.
Repair is a safe action to perform on any SQL Server, or File Server deployment. This is because some applications store attributes in the computer object (namely MSMQ), and recreating a new computer object will break the application. If you start any Active Directory administrative tools from the console of an affected domain controller, including Active Directory Sites and Services and Active Directory Users and Computers, you may receive one of the following error messages: Naming information cannot be located because: No authority could be contacted for authentication.
The recommended process to recover deleted computer objects is with the AD Recycle Bin feature, using Repair to re-create computer objects when they have been deleted should be a last resort recovery action. If the VCO had been accidentally deleted, then using Repair will re-create the computer object if it is missing. Repair will check to see if the associated computer object exists in Active Directory. In Windows Server 2012 a Repair action was added for all other cluster Network Names, and is a little bit different. Therefore it is not needed to run Repair to reset the password for a VCO. If the password for a VCO falls out of sync, the CNO will reset the password and self-heal automatically.
Virtual Computer Object (VCO) - The CNO is responsible for managing the passwords on all other computer objects (VCO's) for other cluster network names in the cluster.
0 kommentar(er)
