Active Directory in Hyper-V environments, Part 7

This entry is part 7 of 10 in the series Active Directory in Hyper-V environments

For a while, Microsoft’s KnowledgeBase article 976424, titled Error code when the kpasswd protocol fails after you perform an authoritative restore: “KDC_ERROR_S_PRINCIPAL_UNKNOWN”, has been available to solve issues with unexpected behavior after authoritatively restoring  the krbtg account on Windows Server 2008 and Windows Server 2008 R2-based Domain Controllers.

Now, in KnowledgeBase article 2784261, titled Recommended hotfixes and updates for Windows Server 2012-based Failover Clusters, Microsoft recommends the hotfix for Windows Server 2012-based Failover Clusters, quoting:

Install on every domain controller running Windows Server 2008 Service Pack 2 or Windows Server 2008 R2 in order to add a Windows Server 2012 failover cluster. Otherwise Create Cluster may fail when attempting to set the password for the cluster computer object with error message: CreateClusterNameCOIfNotExists (6783): Unable to set password on <ClusterName$>

These days, most fail-over clusters are deployed to provide a robust, scalable and highly-available virtualization platform using Hyper-V. If you plan a Windows Server 2012-based Fail-over Cluster in your environment running Windows Server 2008 or Windows Server 2008 R2-based Domain Controllers, apply this hotfix during the next service window.

Note:
Domain Controllers need to restart to apply this hotfix.

Related KnowledgeBase articles

Error code when the kpasswd protocol fails after you perform an authoritative restore: “KDC_ERROR_S_PRINCIPAL_UNKNOWN”
The kpasswd protocol fails with a KDC_ERR_S_PRINCIPAL_UNKNOWN error after you perform an authoritative restore on the krbtgt account in a Windows Server 2008 domain
Recommended hotfixes and updates for Windows Server 2012-based Failover Clusters

Further reading

The System Center Connector Robert Smit Cluster MVP

Tipjar

Robert Smit, a Dutch Microsoft MVP on Fail-over Clustering and my friend, pointed this out to me on twitter this morning.

Series Navigation<< Active Directory in Hyper-V environments, Part 6Active Directory in Hyper-V environments, Part 8 >>

leave your comment