[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 454
  • Last Modified:

Cluster Service/Admin Rights

Do we need to give the mentioned users the below rights;

1. User Name
   Cluster Service

  Member of
 Administrators
 Schema Admins
 Enterprise Admins
 Domain Admins

2. clusteradmin

    Member of
    Domain Admins

3.  Exchange Cluster

 Member of
 Administrators
 Schema Admins
 Enterprise Admins
 Domain Admins

please let us know whether we need to keep the above users members of the group mentioned.
Our scenario we have both our exchange 2007 (CCR mode) & SQL server running in clustered mode.
0
gogimathew
Asked:
gogimathew
  • 3
  • 2
1 Solution
 
Vinchenzo-the-SecondCommented:
the service accounts should not be a member of any of those groups.  Do be cautious removing domain admins, make sure the service account has the minimal permissions on the servers.  I usually give service account local admin rights on the servers they service
0
 
gogimathewAuthor Commented:
thanks for the comment V.
I would like to ask you , if we keep domain admins and remove other service accounts will it affect any other cluster related services
0
 
Vinchenzo-the-SecondCommented:
No one should be a member of Schema admins.  This group is need if and when you make changes to the Schema.  Enterprise admin is like domain admins but for all domains in the forest.  The Administratrs group is for AD.  Removing these groups from the users should affect services.
0
 
gogimathewAuthor Commented:
thanks V.
So its better to keep Administrators & Domain admins.
0
 
Vinchenzo-the-SecondCommented:
Domain Admin will already be a member of Adminstrors in AD and Administrators on every member server.  You can remove the account from Administrators
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now