Solved

Server 2012 R2 Clustered role not failing over

Posted on 2014-09-05
7
355 Views
Last Modified: 2014-09-16
I have a Clustered role consisting of an Bitvise SSH SFTP Server not failing over. The windows service does not start. I have other clustered roles on this cluster that have no trouble.  

When it tries to fail over, the following error appears in the Event log

event
  time: 2014-09-03 16:32:10.255235 -0400
  app: BvSshServer 6.07
  name: E_SERVICE_COMPONENT_INIT_ERROR
  desc: Error initializating component.
  parameters
    component: CompSec
  error
    type: Exception
    message: Error looking up local ComputerSid: [WVIVR-SFTPCLU01] First LookupAccountName() for 'WVIVR-SFTPCLU01' failed with the following error: Windows error 1332: No mapping between account names and security IDs was done. [WVIVR-SFTPCLU01\] First LookupAccountName() for 'WVIVR-SFTPCLU01\' failed with the following error: Windows error 1332: No mapping between account names and security IDs was done.
0
Comment
Question by:DTUser
  • 4
  • 2
7 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40306675
have you checked the account being used is not locked out, disabled, or recently had password changed?
have you verified any security policy rights that user account should have is granted on that server?
0
 

Author Comment

by:DTUser
ID: 40306683
Which user account should I be looking at?  The Windows service is running as Local System.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40306686
Sounds like the SSH service is running as an account that is neither a domain account nor a "well known" account such as the network service. So the SID lookup not successful during failover and the new node cannot start the service because it does not have an account to start it under.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:DTUser
ID: 40306707
I tried changing the SSH service to the domain administrator account, but afterwards the service would not start.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40306713
Well, getting the permissions so the service can run under a domain account, a well known account, or a managed service account (which is a specific type of domain account) will be essential to failover working. Which means understanding the requirements and poet tally working with the app vendor.
0
 

Accepted Solution

by:
DTUser earned 0 total points
ID: 40317930
I spoke with the vendor, but they could offer no support.  I ended up removing the service from the cluster.
0
 

Author Closing Comment

by:DTUser
ID: 40324964
None of the solutions worked, so I abandoned the process.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question