[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 506
  • Last Modified:

exchange 2003 cluster swapping back and forth after domain admin password change

hi,

i have an exchange 2003 active-passive 2 node cluster whose resources are failing over back and forth between nodes everymorning at the same time ever since i changed the domain admin password.
the complete fail over is taking about 20 minutes.

there are other errors with active sync and ese. everything started when i changed the password. if i change it back, the flip-flop stops. i have to change the password.
0
mehrdadalaei
Asked:
mehrdadalaei
  • 2
1 Solution
 
oBdACommented:
You're probably using the domain admin account to run the cluster service (and/or other services as well).
Accounts that are used for interactive logons should never be used to run services as well.
Create dedicated user accounts ("ServiceCluster" or whatever) to run services, and give them only the necessary permissions to do their tasks.
So for a short-time workaround, you can of course just update the password for the service account, but then you should check the service accounts on all machines, check how to change the account in question, and then do so.

Changing the cluster account is a bit more involved than just going into the Services console and setting a new account. Check here for details:

Change the account under which the Cluster service runs
http://technet2.microsoft.com/windowsserver/en/library/ec513ba0-08a6-493b-889f-6403f974657f1033.mspx?mfr=true

How to manually re-create the Cluster service account
http://support.microsoft.com/kb/269229

How to change the Cluster service account password
http://support.microsoft.com/kb/305813
0
 
mehrdadalaeiAuthor Commented:
hi,

thank you for your quick response and i think you have it right. just was hoping you could help me confirm a couple things.
so for now, i changed the domain admin password on the dc. then i ran the command you see below and it was successful. is that password change associated to the domain admin account?
i did this while all resources and services were online...do i only need to run this once on only one of the cluster nodes? it shows that both nodes were successfull.


C:\Documents and Settings\Administrator.SAFELIFE>cluster /cluster:safelifeex /ch
angepassword:temppassword /skipdc
Verifying cluster node availability...
Verifying support for password change operation...
Verifying that all clusters use the same service account...

Skipping password change on domain controller.

Changing password on cluster safelifeex...
The password change on node SLEX1 of cluster safelifeex succeeded.
The password change on node SLEX2 of cluster safelifeex succeeded.
0
 
oBdACommented:
That password change is associated with the stored credentials for whatever account is configured to run the cluster service on the nodes in the cluster. Yes, this command only needs to be executed once per cluster.
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now