SQL cluster as domain controller | SQL Server Performance Forums

SQL Server Performance Forum – Threads Archive

SQL cluster as domain controller

When I initially setup an active/active cluster a while back I was forced to make the cluster node Domain controllers as well because of a lack of other boxes to handle the job and the need for a domain to even install a cluster. It’s been working fine. The domain solely exists for the SQL cluster isolated on its own network and it is not any sort of company-wide domain controller so there doesnt appear to be any replication overhead or memory/performance issues. I know, I know …. it is not recommended to have a cluster node as a DC, but it was my only option. I have since added another active/active sql cluster (utilizing the domain/controllers from the previous cluster). Later, in a brilliant move, I decided to make the new active/active cluster nodes backup domain controllers by running DCPROMO so all 4 machines would essesntially be the same and could operate with/without eachother. I did this on ONE of the new cluster nodes. After the install, the cluster service on the node I tried this on would no longer start of course and that’s when I found out that you SHOULD NEVER install active directory on a machine AFTER the cluster service is installed. I removed it from being a Backup Domain controller, but local accounts and security policies had been altered (even for the domain account that the cluster runs under). I used the MS article "How to manually re-create the Cluster Service Account" to put all the local user policy settings back that the DCPROMO install and uninstall removed. http://support.microsoft.com/kb/269229/ Now I have all the rights described there back in place for the domain account used by the cluster on the node I tried to make a BDC. Anyone make this same mistake? Are there any other things that could have been broken? The cluster node seems to work fine now and the cluster service can run fine on that node and I am able to use CLuster Admin to move groups around, etc. BUT I am wondering if I should wipe all the boxes and start over putting the cluster together OR blow away the node I messed up and just reinstall that one. Any advice?
Hi ya, If I was in the same predicament, then I’d blow away the cluster and rebuild it. Installing ad does lots of stuff to local groups, sids, etc. In theory what you’ve done should be ok, but are you willing to take that chance? Cheers
Twan
]]>