Solved

hyper-v cluster

Posted on 2014-07-25
5
420 Views
Last Modified: 2014-11-12
I have Hyper-v Failover Cluster on my Network(3x Server 2012). We plan to Change AD Administrator Password.

schould i consider something before changing admistrator Password?

Thanks
0
Comment
Question by:apollo-13
5 Comments
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 400 total points
Comment Utility
As long as you didn't do anything bizarre, there is nothing special to consider. Hyper-v and cluster services run under various service accounts, not under the administrator account. So changing its password does not impact those services.
0
 

Author Comment

by:apollo-13
Comment Utility
No not  Bizarre changing(Hardware or Software ) .

 we want only AD Administrator  Password Change for security reasons (old IT gone from us).

after changing Administrator Password ,do i Need to restart all hyper-v Server(3x Hyper-v Cluster Server) and VMs under Cluster? or log out and Login with new Password enough?
0
 
LVL 24

Assisted Solution

by:Mohammed Khawaja
Mohammed Khawaja earned 100 total points
Comment Utility
Below are some best practices:

1.  Do not use Domain Administrator account as a service account for anything
2.  Do not schedule tasks to run as Domain Administrator
3.  Create a separate account if you need a service/application that requires domain admin level privileges

If you have followed the steps above then you do not need to do anything
0
 

Author Comment

by:apollo-13
Comment Utility
thanks
0
 
LVL 38

Expert Comment

by:Philip Elder
Comment Utility
There is a local account on each node that the Cluster Service uses for pretty much all of its local changes.

We have our domains set up with a GPO that includes a number of security related settings. One of those settings is to cache the last 3-5 logons.

After the administrator password has been changed make sure to log on to the nodes at least a couple of times over the next few days to allow them to cache the credentials.

If you do not have a standalone DC (IMNSHO a bad idea not to have one) and your cluster goes offline with your DCs your Hyper-V nodes will have the _last_ credential/password cached. That may or may not be the previous one. While one can use the local admin UN/pwd on the nodes this may not help when troubleshooting a cluster down situation.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now