Solved

Event 1573 can't form a cluster because witness not accessible : Symantec Endpoint related?

Posted on 2013-10-22
9
2,934 Views
Last Modified: 2013-12-09
After rebooting this DBS02 server, it could not join the
cluster : refer to attached screens.

Could it be due to recently we installed Symantec Endpoint
Protection & it blocks certain traffic?  I login using domain adid
as well as local administrator but in services.msc, I can't stop
the Symantec Client Protection & the other Symantec service:
the "Stop" option was simply greyed out (ie I can't select it).

Any help wud be appreciated
WitnessClus.jpg
CantStartClusvc.jpg
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
9 Comments
 

Author Comment

by:sunhux
ID: 39591506
Another question:
I'm completely newbie to Win 2012 so need step by step
instruction on how to get into Symantec Endpoint Protection
to disable its firewall rules (if there's any)
0
 

Author Comment

by:sunhux
ID: 39591508
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 500 total points
ID: 39596648
this is pretty normal. if the witness server has firewall software on it may be preventing the node from seeing it, and therefore killing the cluster.

Is the node on the same site/subnet as the witness?
can it ping it?
can it browse to fileshares?
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 

Author Comment

by:sunhux
ID: 39602326
> Is the node on the same site/subnet as the witness?
Yes, on same subnet 10.7.3.x/24.

> can it ping it?
Yes, could ping.

> can it browse to fileshares?
Could browse (using 'net view \\witness_IP'    &
even map a drive to (using 'net use x: \\witness_IP' )

I've figured out how to disable Syman Endpt Protectn's
firewall.

Curious, which port is that that needs to be permitted
without which it would show in Failover Cluster Manager
the member node as 'Down'
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 500 total points
ID: 39608520
Could browse (using 'net view \\witness_IP'    &
Cluster system uses names. can you ping/browse it by it's name on the domain?
click start>run '\\servername\' and see if you are presented with shared folders that you can browse.
if you don't have any shares on that server, try browsing to '\\servername\c$' to see the default C drive share.

Curious, which port is that that needs to be permitted
without which it would show in Failover Cluster Manager
the member node as 'Down'
There are many ports needed to allow this to work. In general if you can browse to a share it means the right ports are probably open.
0
 

Author Comment

by:sunhux
ID: 39611972
> can you ping/browse it by it's name on the domain?
Yes

> start>run '\\servername\' and see if you are presented with shared folders
Yes

Thing is I still would like to know which port was being blocked
by SEP which caused this issue.  Some other ports were permitted
by SEP : for this reason I could map drives & thus the 2 "Yes" answers above
0
 
LVL 27

Accepted Solution

by:
Steve earned 500 total points
ID: 39613716
this is a good post for fileshare ports:
http://www.experts-exchange.com/Security/Misc/Q_21157694.html

and here is window's official one:
http://technet.microsoft.com/en-us/library/cc731402.aspx

The cluster element of this does add a requirement to access the server's RPC ports too.
http://technet.microsoft.com/en-us/library/cc738291(v=ws.10).aspx
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
A procedure for exporting installed hotfix details of remote computers using powershell
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question