Article ID: 2770582 - View products that this article applies to.
When you create a Windows Server 2012 failover cluster, the following event is logged in the System log:
When you create a Windows Server failover cluster, a Cluster Computer object for the cluster name is created in Active Directory Domain Services (AD DS). The object is called a Cluster Name Object (CNO).
A new feature in Windows Server 2012 flags Cluster Computer objects to prevent them being deleted accidentally. If you do not have sufficient rights to the organizational unit (OU) in AD DS where the Computer objects are being created, an event is logged that notifies you that the cluster objects are not protected from accidental deletion.
To resolve this issue, follow these steps:
To improve the level of protection and ability to recover from the accidental deletion of Custer Computer objects, we recommend that you enable the Active Directory Recycle Bin feature. For more information about how to do this, go to the following TechNet websites:
Step-by-step guide to the Active Directory Recycle Bin featureFor more information about the failover cluster security model, click the following article number to view the article in Microsoft Knowledge Base:
How to configure accounts in Active Directory
947049For more information about Cluster Computer Objects, go to the following MSDN website:
(http://support.microsoft.com/kb/947049/ )Description of the failover cluster security model in Windows Server 2008
How to identify stale Cluster Computer objectsFor more information about the Protect object from accidental deletion option, go to the following TechNet website:
How to preventing unwanted or accidental deletions and how to restore deleted objects in Active Directory
Article ID: 2770582 - Last Review: January 18, 2013 - Revision: 1.0