Failover Clustering installation error

agicfuture
agicfuture used Ask the Experts™
on
Situation:
Cannot build cluster on Windows 2008 Server. It cannot pass the "Forming cluster" phase. I tried GUI and command mode on node1, node2, DC.

Information and error:

Node 1 (server1): Windows Server 2008 Enterprise SP2 (64bits)
Node 2 (server2): Windows Server 2008 Enterprise SP2 (64bits)
Domain Controller: Windows Server 2008 Standard SP2 (32bits)

Remark:
- Passed Cluster validation checking
- If i run "cluster.exe /forcecleanup", it will say Invalid option 'forcecleanup.
- I  use remote desktop to access all computer during installation.
- Windows Firewall Turn on and allow all Inbound and Outbound connection. One rule created to allow "No authorization" for above Node1 and Node2. Same config on Domain controller.
- During the installation of cluster, i saw new computer object can be created on DC.
- Assigned "Domain Admin, User, Administrator" to Node1 and Node2


Strange problem:  All server cannot perform windows update now.
Event ID: 20  (Window update Error Code 80070490)
Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Server 2008 x64 Edition (KB976098).


Event ID: 1570
Node 'server1' failed to establish a communication session while joining the cluster. This was due to an authentication failure. Please verify that the nodes are running compatible versions of the cluster service software.

Event ID: 4625
Resetting the IPSec security association timeout registry value failed during cluster node cleanup. This is because the IPSec security association timeout was modified after this machine was configured to be a member of a cluster. For manual cleanup, execute the 'cluster.exe' command on this machine with the 'forcecleanup' option specified. Alternatively, you may reset the IPSec security association timeout by deleting the 'SYSTEM\CurrentControlSet\Services\IKEEXT\Parameters\NLBSFlags' value and the 'SYSTEM\CurrentControlSet\Services\IKEEXT\Parameters\FailoverClusterRestoreNLBSFlags' value from HKEY_LOCAL_MACHINE in the Windows registry.

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
do you have 2 proper networks.

a public network? and a private network between the cluster nodes?

Author

Commented:
One network for all server

Network 1:  Node1, Node2, DC, Server3,Server4
* Server4 is only one computer have public IP and allow remote desktop out of local network
* Server4 using real DNS ip setting. All other's DNS ip setting pointed to DC

Network 2: Node1 connected Node2 by Cross Cable on Network Card 2.
* Using 169.254.x.x  Both can ping each other
cluster node node1 /forcecleanup
cluster node node2 /forcecleanup

make sure the cluster account you are using is a domain admin account
Acronis in Gartner 2019 MQ for datacenter backup

It is an honor to be featured in Gartner 2019 Magic Quadrant for Datacenter Backup and Recovery Solutions. Gartner’s MQ sets a high standard and earning a place on their grid is a great affirmation that Acronis is delivering on our mission to protect all data, apps, and systems.

Author

Commented:
The cleaning is success. And then i run below command but still not pass the "forming cluster" stage.

WZL is purely Production-oriented company. When NPC and Ship Captain still in charge, they like to use MBWA (Management by walking around).

The turnover and absenteeism of employees are relatively high. The well-being of employee has been ignored.



The cleaning is success. And then i run below command but still not pass the "forming cluster" stage.


C:\>cluster /cluster:sqlcluster /create /nodes:"node2.mydomain.com node1.mydomain.com" /ipaddress:10.1.0.123/255.0.0.0
  4% Initializing Cluster mycluster.
  9% Validating cluster state on node node2.mydomain.com.
 13% Searching the domain for computer object mycluster
 18% Creating a new computer object for mycluster in the domain
 22% Configuring computer object mycluster as cluster name object
 27% Validating installation of the Microsoft Failover Cluster Virtual Adapter o
n node node2.mydomain.com.
 31% Validating installation of the Cluster Disk Driver on node node2.mydomain.com
 36% Configuring Cluster Service on node node2.mydomain.com.
 40% Validating installation of the Microsoft Failover Cluster Virtual Adapter o
n node node1.mydomain.com.
 45% Validating installation of the Cluster Disk Driver on node node1.mydomain.com.
 50% Configuring Cluster Service on node node1.mydomain.com.
 54% Starting Cluster Service on node node2.mydomain.com.
 54% Starting Cluster Service on node node1.mydomain.com.
 59% Forming cluster sqlcluster.This phase has failed for Cluster object 'mycluster' with an error status of 1460 (0x000005B4).
Cleaning up node2.mydomain.com.
Cleaning up node1.mydomain.com.
Cleaning up mycluster.

System error 1460 has occurred (0x000005b4).
This operation returned because the timeout period expired.

Author

Commented:
Yes. I have read that and found that my registry contain  DatalinkAddress values already.

I should replace the value data to : 02-AA-BB-CC-DD-01   or just confirm there have value?
are these cluster nodes vms? or imaged from each other. that value should be different between the 2 nodes.

of one is 02-AA-BB-CC-DD-01 change the other to 02-AA-BB-CC-DD-02

so they are different and reboot.

Author

Commented:
They are real server, not vm.  Both have difference value on DatalinkAddress
since the proper clean up, have you removed the failover service on both nodes and rebooted and then try again.

Author

Commented:
tried remove and reinstall many times

Author

Commented:
Two more Event in Event Viewer when i do all step again.

Event ID: 36872
No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this.

Even ID: 1220
LDAP over Secure Sockets Layer (SSL) will be unavailable at this time because the server was unable to obtain a certificate.
 
Additional Data
Error value:
8009030e No credentials are available in the security package


Thanks Stephen
are both servers in the domain, can you access the domain controller. does \\domainname give you access to do domain controller?

Author

Commented:
Both yes.  And i have try  "cluster.exe" to create cluster on DC, the result is same.

Commented:
hi,

this might be basic but is essential in establishing cluster on server 2008.

points to conider.

-clustering on server 2008 also checks ur hardware's firmware levels
-Security Patch being installed. -> this can be achieved at well balanced if you are into fresh installation, do a single image and perform sysprep
-a shared storage, a witness disk or something
-must have a private link for as dedicated heartbeat link between two nodes.
-make sure that the server is connected to the domain
-cluster admin account must have a "create object" property

id these are complied, you can run the create cluster wizard with ease.

hope this helps.

regards,

Author

Commented:
Hi bcoyxp, any concern or problem if i use remote desktop to connect all of the server during the cluster installation?

Because i cannot visit the data center.

Author

Commented:
Hi Bcoyxp, I also can't do windows update, below is error.  Thanks.


Event ID: 20  (Window update Error Code 80070490)
Installation Failure: Windows failed to install the following update with error 0x80070490: Update for Windows Server 2008 x64 Edition (KB976098).
I fixed it.

Commented:
sorry agi, i was out for while... good thing you were able to fix the error.
you should not have any problems using RD, coz i am doing the same.

cheers on your new cluster!

feel free to ask, coz sharing is learning.

Commented:
I'm also facing the above problem. Please let me know the fix.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial