Windows OS Hub
  • Windows Server
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Group Policies
  • Windows Clients
    • Windows 10
    • Windows 8
    • Windows 7
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
  • PowerShell
  • Exchange
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Group Policies
  • Windows Clients
    • Windows 10
    • Windows 8
    • Windows 7
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
  • PowerShell
  • Exchange

 Windows OS Hub / Windows Server 2016 / Windows Server 2016: Workgroup Failover Cluster without Active Directory

May 3, 2018 Windows Server 2016

Windows Server 2016: Workgroup Failover Cluster without Active Directory

In older Windows Server versions prior to Windows Server 2016, you could create a failover cluster only between the servers in the same Active Directory domain. The new version allows to create two- (or more) nodes failover cluster between servers joined to different domains, and even between workgroup servers (not AD domain joined) – a so-called Workgroup Cluster.

Obviously, Windows Server 2016 has to be installed on all cluster nodes. The following cluster scenarios are supported:

Service Status Comment
SQL server Supported It is recommended to use the integrated SQL Server authentication
File server

 

Supported, but not recommended Kerberos authentication for SMB is not supported
Hyper-V

 

Supported, but not recommended Live Migration is not supported, only Quick migration is available
Message Queuing (MSMQ) Not supported MSMQ stores its properties in Active Directory

 

On all future cluster nodes, you have to:

  1. Install Failover Clustering role: Install-WindowsFeature Failover-Clustering –IncludeManagementTools<
  2. Create a local account with the administrator privileges (or use the integrated administrator account) with the same passwords:
    net user /add clustadm Sup33P@ssw0Rd!
    net localgroup administrators clustadm /add
    powershell install Failover Clustering feature on workgroup servers
  3. If the error Requested Registry access is not allowed appears, edit the remote UAC parameter in the registry (this parameter enables the remote access to the administrative shares):
    New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name LocalAccountTokenFilterPolicy -Value 1
  4. Set the same primary DNS suffix. It enables the cluster servers to communicate each other by FQDN names. setting the same primary dns suffix
  5. Uncheck Register DNS connection addresses in the Advanced TCP/IP Settings.dont register connection in dns
  6. Make changes to hosts file so that the servers could resolve the names of other cluster members and the name of the cluster (including FQDN names). You can add the names to c:\windows\system32\drivers\etc\hosts as follows:
    Set file="%windir%\System32\drivers\etc\hosts"
    echo 192.168.1.21 clust-host1 >> %file%
    echo 192.168.1.21 clust-host1.mylocal.net >> %file%
    echo 192.168.1.22 clust-host2 >>  %file%
    echo 192.168.1.22 clust-host2.mylocal.net >> %file%
    echo 192.168.1.20 cluster1 >> %file%
    echo 192.168.1.20 cluster1.mylocal.net>> %file%

hosts file with cluster nodes addresses

To validate cluster nodes, you can use the following command:

test-cluster -node "clust-host1.mylocal.net"," clust-host2.mylocal.net"
To create a cluster using PowerShell, run this command:

New-Cluster -Name cluster1 -Node clust-host1.mylocal.net, clust-host2.mylocal.net -AdministrativeAccessPoint DNS -StaticAddress 192.168.1.20

Now you can check the status of the cluster and its components with the help of get-cluster and get-clusterresource cmdlets.

To connect (and remotely manage) the cluster through a GUI, you need to use Failover Cluster Manager snap-in (included in RSAT for Windows 10).

Now, using Connect to cluster menu item, you can connect to the created cluster. If the cluster has even number of servers, you will have to configure a witness resource. Note that you cannot use the SMB shared folder as a quorum witness. Two modes are supported: Disk Witness — a shared disk (with the simultaneous access to it from both nodes), or Cloud Witness — a cloud disk resource in Azure.

2 comments
0
Facebook Twitter Google + Pinterest
previous post
Why Windows Doesn’t Detect a 5GHz Wi-Fi Network
next post
Error 0x0000007e: Windows cannot connect to network printer, Operation failed

Related Reading

How to Sign a PowerShell Script (PS1) with...

February 25, 2021

How to Shadow (Remote Control) a User’s RDP...

February 22, 2021

Configuring PowerShell Script Execution Policy

February 18, 2021

Configuring Proxy Settings on Windows Using Group Policy...

February 17, 2021

Updating Group Policy Settings on Windows Domain Computers

February 16, 2021

2 comments

Akhmet May 21, 2019 - 6:38 am

What is the purpose of creating the user “clustadm” ?

Reply
admin May 21, 2019 - 8:25 am

This local account needs to be provisioned on the all cluster nodes (with the same password) for mutual authentication in order to add nodes to the cluster or to create a new WSFC cluster.

Reply

Leave a Comment Cancel Reply

Categories

  • Active Directory
  • Group Policies
  • Exchange
  • Windows 10
  • Windows 8
  • Windows 7
  • Windows Server 2016
  • Windows Server 2012 R2
  • Windows Server 2008 R2
  • PowerShell
  • VMWare
  • MS Office

Recent Posts

  • Accessing USB Flash Drive from VMWare ESXi

    February 26, 2021
  • How to Sign a PowerShell Script (PS1) with a Code Signing Certificate?

    February 25, 2021
  • Change the Default Port Number (TCP/1433) for a MS SQL Server Instance

    February 24, 2021
  • How to Shadow (Remote Control) a User’s RDP session on RDS Windows Server 2016/2019?

    February 22, 2021
  • Configuring PowerShell Script Execution Policy

    February 18, 2021
  • Configuring Proxy Settings on Windows Using Group Policy Preferences

    February 17, 2021
  • Updating Group Policy Settings on Windows Domain Computers

    February 16, 2021
  • Managing Administrative Shares (Admin$, IPC$, C$, D$) in Windows 10

    February 11, 2021
  • Packet Monitor (PktMon) – Built-in Packet Sniffer in Windows 10

    February 10, 2021
  • Fixing “Winload.efi is Missing or Contains Errors” in Windows 10

    February 5, 2021

Follow us

woshub.com
  • Facebook
  • Twitter
  • RSS
Popular Posts
  • How to Run Program without Admin Privileges and to Bypass UAC Prompt?
  • Updating List of Trusted Root Certificates in Windows 10/8.1/7
  • How to Upgrade Windows Server 2019/2016 Evaluation to Full Version?
  • Installing SFTP (SSH FTP) Server on Windows with OpenSSH
  • Managing Printers and Drivers with PowerShell in Windows 10 / Server 2016
  • PSWindowsUpdate: Managing Windows Updates from PowerShell
  • SMB 1.0 Support in Windows Server 2012 R2 / Windows Server 2016
Footer Logo

@2014 - 2018 - Windows OS Hub. All about operating systems for sysadmins


Back To Top