Cluster Node Does Not Fail Over Successfully After You Change the Cluster Service Account

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article has been archived. It is offered "as is" and will no longer be updated.
Symptoms
After you change the Cluster service account on your server cluster, a cluster node does not fail over successfully. Additionally, you do not receive an error message that states the reason for the unsuccessful failover.

Note This issue does not occur if you only change the password for the Cluster service account.
Cause
This issue occurs if you do not update the DNS record of the cluster after you change the Cluster service account. This issue occurs because, during the failover process, the Cluster service tries to access the DNS record by using the new service account credentials. However, because the DNS record does not contain this new account information in the access control list (ACL), the Cluster service does not have the correct permissions to modify the record for the failover process.
Resolution
To resolve this issue, remove and then re-create the DNS record for the cluster. To do so:
  1. Log on to the DNS server, and then start the DNS utility. To do this, click Start, click Run, type dnsmgmt.msc in the Open box, and then click OK.
  2. Under the DNS server object that contains the cluster host (A) record, expand Forward Lookup Zones, and then click the forward lookup zone that contains the cluster host record.
  3. In the right pane, right-click the cluster host record, and then click Delete.
  4. Click Yes to confirm the removal of this record.
  5. Verify that the DNS zone is configured for dynamic updates. To do so:
    1. Right-click the zone, and then click Properties.
    2. On the General tab, make sure that one of the following options is selected in the Dynamic updates list:
      Secure only
      Nonsecure and secure
    3. Click OK.
  6. Quit the DNS utility.
  7. Log on to the cluster node, and then restart the Cluster service. To do so:
    1. Click Start, click Run, type services.msc in the Open box, and then click OK.
    2. In the Services (Local) list, right-click Cluster Service, and then click Restart.
  8. Log on to the DNS server, and then make sure that the host record for the cluster has been created successfully.
MSCS
Properties

Article ID: 823686 - Last Review: 01/06/2015 12:58:55 - Revision: 8.0

  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
  • kbnosurvey kbarchive kbclustering kbprb KB823686
Feedback