- Duplicate objects in Active Directory.
- IPv6 enabled on the existing nodes and disabled on the node trying to join.
- Invalid DNS entries.
- To check for duplicate Active Directory objects, use LDIFDE.EXE from a command line to do the search.
Example: C:\> ldifde -f output.ldf -r "(samAccountName=W2K8-R2*)"
In the example above:
-f = filename to write to
-r = the variable to search
W2K8-R2* = give me everything that starts with W2K8-R2
This will create the file output.ldf in the current directory that can be read by notepad. If you review the file, if it is a computername, you will see the below information:
If it is a user or service account, it will not have the above, but would have:
Also in the sections, it will give you the current OU that it resides in. To get the node to join, you must rename user/service account name to something else. For this, just go to the OU listed.
- We have seen IPv6 being disabled on the new nodes and enabled on the existing nodes giving this error as well. Failover Clustering will use IPv6 first for its Cluster communication between nodes, if it is an enabled protocol. It will drop and use IPv4 only if IPv6 is disabled. Failover Clustering is not going to mix and match the versions.
For example, you have an existing running Windows 2008 R2 Failover Cluster with IPv6 enabled. Any new node that will be brought into the Cluster will also need IPv6 enabled. The new node will be senbding IPv4 traffic to the running Cluster and will be ignored.
- Any kind of name resolution issues will also cause these time outs as it may be going to something it is not intended. If you are using any DNS or WINS, all entries need to be checked. If there is an invalid entry somewhere, it should be cleaned up and corrected.
Article ID: 2634445 - Last Review: Oct 19, 2011 - Revision: 1