?
Solved

shut down Hyper-V cluster

Posted on 2011-10-23
2
Medium Priority
?
901 Views
Last Modified: 2012-05-12
This is a lab not in production.

We've been testing the Hyper-V cluster recently.  two Windows 2008 R2 SP1 servers are running Hyper-V in a cluster (2 SAN)

Another Hyper-V is in standalone.

One DC is in the cluster

One DC is running on the standalone Hyper-V

One DC is running on a physical server.

The goal was to see if we can also power it on (after the shut down) in the event that a DC goes down.  So we moved all FSMO roles on the DC in the cluster (which of cource can't be brought online before the cluster is online)

We shuted down all VM and servers,

Then we powered on the DC from the physical server.  Then the standalone Hyper-V.  we couldn't login to the domain at first.

We powered on the other DC running on the standalone Hyper-V.

It looks like AD has some trouble to run without the DC that had all the FSMO roles.  

Then we powered on the Hyper-V cluster.  The cluster failed to go online.  it couldn't resolve the cluster name (but the IP was online)  Besides, it looks like one of the Hyper-v that had all the disks (SAN) online was the one having the problem.  

As soon as we shut it down, the disks ownership has been transfered to the other Hyper-V and everything went back online.

QUESTION
As far as I understand.  It can take more time to bring all AD ressources online when the DC that holds all FSMO roles is down.  Is that true?

Besides, when one of the Hyper-V in the cluster is having trouble to reach the DNS, the cluster cannot be used from the IP only.  But I can be wrong here.  Please let me know

The disks (SAN) owned by a Hyper-V server will not be available if this server is having problem to communicate with the DNS, although all other DC are also running the DNS,

Thanks for your feedback
0
Comment
Question by:quadrumane
2 Comments
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 1200 total points
ID: 37014356
Ok, that's not true. FSMO holders are not so important according to DC boot up process. To be able to log in in a domain at least one Global Catalog server is required and at least one DNS server. Make sure that both DCs are GC and have DNS role installed.

Then DNS settings in NIC properties are important. To be able to resolve all necesarry SRV DNS records, you need to specify in this case primary and alternate DNS servers on both Domain Controllers. Please check that order

For DC1
Primary: DC2
Alternate: its IP address
3rd: 127.0.0.1 (loopback interface)

And accordingly to these settings, configure the second DC.

Please test this scenario, please and let me know if it works now.

Regards,
Krzysztof
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 800 total points
ID: 37025440
In addition to having a working domain controller with DNS, I also find it useful to have a working DHCP server, especially when the Hyper-V nodes use DHCP. ( Learned that the hard way :-)

FMSO roles aren't needed, but it can take several minutes for AD to come up on a DC, and of course your cluster nodes need to point to a running DNS server. With those changes, you should be able to completely shut down your environment and bring it back up.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This article will explain How to fix Broken backup chain in Veeam Backup & Replication.
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question