You need to ensure that you can start File1

Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Node1and Node2. Node1and Node2 run Windows Server 2012
R2. Node1and Node2 are configured as a two-node failover cluster named Cluster2.
The computer accounts for all of the servers reside in an organizational unit (OU) named
Servers.
A user named User1 is a member of the local Administrators group on Node1and Node2.
User1 creates a new clustered File Server role named File1 by using the File Server for
general use option. A report is generated during the creation of File1 as shown in the exhibit.
(Click the Exhibit button.)

File1 fails to start.
You need to ensure that you can start File1.
What should you do?

Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Node1and Node2. Node1and Node2 run Windows Server 2012
R2. Node1and Node2 are configured as a two-node failover cluster named Cluster2.
The computer accounts for all of the servers reside in an organizational unit (OU) named
Servers.
A user named User1 is a member of the local Administrators group on Node1and Node2.
User1 creates a new clustered File Server role named File1 by using the File Server for
general use option. A report is generated during the creation of File1 as shown in the exhibit.
(Click the Exhibit button.)

File1 fails to start.
You need to ensure that you can start File1.
What should you do?

A.
Increase the value of the ms-DS-MachineAccountQuota attribute of the domain.

B.
Assign the user account permissions of User1 to the Servers OU.

C.
Assign the computer account permissions of Cluster2 to the Servers OU.

D.
Recreate the clustered File Server role by using the File Server for scale-out application
data option.

E.
Log on to the domain by using the built-in Administrator for the domain, and then recreate
the clustered File Server role by using the File Server for general use option.



Leave a Reply 10

Your email address will not be published. Required fields are marked *


ebrahimkali

ebrahimkali

A. Log on to the domain by using the built-in Administrator for the domain, and then recreate the clustered File Server role by using the File Server for general use option:
It is not required that the cluster creator has to have domain admin privilege (Deploy an Active Directory-Detached Cluster).
https://technet.microsoft.com/en-us/library/dn265970.aspx
C. Assign the computer account permissions of Cluster2 to the Servers OU:
This step has to be done prior of creating the cluster (Prestage Cluster Computer Objects in Active Directory Domain Services).
https://technet.microsoft.com/en-us/library/dn466519.aspx
D. Increase the value of the ms-DS-MachineAccountQuota attribute of the domain:
This is not the issue because the user account which is used to create the cluster already doesn’t have permission to create active directory object.
https://technet.microsoft.com/en-us/library/dd391926(v=ws.10).aspx
E. Recreate the clustered File Server role by using the File Server for scale-out application data option:
This is not related to the issue.
File Server for general use:
When you select this option, you have support for SMB and NFS shares, and you can also use File Server Resource Manager, Distributed File System Replication and other File Services role services.
File Server for scale-out application data:
When you select this role, there is support only for SMB v3 shares; that is, there is no support for NFS shares. In addition, with this configuration you will not be able to use some file server role services, such as FSRM and DFS replication.
https://technet.microsoft.com/en-us/library/hh831349.aspx
B. Assign the user account permissions of User1 to the Servers OU:
This is the correct choice.
You must configure permissions so that the user account that will be used to create the failover cluster has Full Control permissions to the Cluster Name Object (CNO).
https://technet.microsoft.com/en-us/library/dn466519.aspx#BKMK_UserPerms For Windows Server 2012 (R2)
Requirements related to failover clusters, Active Directory domains, and accounts
As described in the preceding three sections, certain requirements must be met before clustered services and applications can be successfully configured on a failover cluster. The most basic requirements concern the location of cluster nodes (within a single domain) and the level of permissions of the account of the person who installs the cluster. If these requirements are met, the other accounts required by the cluster can be created automatically by the failover cluster wizards. The following list provides details about these basic requirements.
 Nodes: All nodes must be in the same Active Directory domain. (The domain cannot be based on Windows NT 4.0, which does not include Active Directory.)
 Account of the person who installs the cluster: The person who installs the cluster must use an account with the following characteristics:
o The account must be a domain account. It does not have to be a domain administrator account. It can be a domain user account
o The account must have administrative permissions on the servers that will become cluster nodes. The simplest way to provide this is to create a domain user account, and then add that account to the local Administrators group on each of the servers that will become cluster nodes.
o The account (or the group that the account is a member of) must be given the Create Computer objects and Read All Properties permissions in the container that is used for computer accounts in the domain. Another alternative is to make the account a domain administrator account.
o If your organization chooses to prestage the cluster name account (a computer account with the same name as the cluster), the prestaged cluster name account must give “Full Control” permission to the account of the person who installs the cluster.
https://technet.microsoft.com/en-us/library/cc731002(v=ws.10).aspx#BKMK_requirements For Windows Server 2008 (R2)

Naga

Naga

Answer is B
Scenario: You have created a Windows Server 2012 Scale-Out File Server. The cluster,
including the network and storage, pass the cluster validation test. Everything looks and is
good. You create a File Server role for application data (SOFS) but it fails to start.

Problem: Basically, the cluster needs permissions to create a computer object (for the
SOFS) in the same Active Directory OU that the cluster object (Demo-FSC1) is stored in.

Resolution: Reconfigure the permissions on the Servers OU.
In this case we assign the user account permissions of User1 to the Servers OU.

Wayne Fulton

Wayne Fulton

Naga what are you talking about?? It says in the question that the type of server that has been created is a file server for general use!! It DOES NOT say a scale out file server has been created.

MancaMulas

MancaMulas

I think Naga just got mixed up on the file server type, but i think he’s right about the answer, if you have in account what he described has the problem and the resolution of that same problem.

Dude

Dude

I believe this to be B, I had the same problem building a cluster and fixed it by doing exactly this.

JeanMalot

JeanMalot

I highly doubt it. B is wrong.

JeanMalot

JeanMalot

Surprised at the number of people that got this wrong.
Correct answer is
C. Assign the computer account permissions of Cluster2 to the Servers OU.

You guys are mixing it all up.
Please read *carefully* https://technet.microsoft.com/en-us/library/dn466519.aspx

The issue here is that computer object “File1” cannot be created in Servers OU, hence service cannot start.

The CNO (the Cluster object, in our case Cluster2) needs full access permissions on the Servers OU to be able to create VCOs (the cluster role, in our case File1). This has got nothing to do with user1.

-User1 needs full permissions on CNO (Cluster2)
-CNO needs full permissions on Servers OU

Tried it in lab: giving permissions to User1 will not allow the service to start. Giving permissions to Cluster2 on Servers OU (actually, only “create computer objects” permission is needed) will start File1 successfully.

Micro

Micro

Answer is C

CNO is creating VCO, so CNO must have right permissions over OU.

kyo

kyo

Agree with C. Watch CBTNuggets and James Conrad explains it all in his 2012 R2 course. This exact issue is brought up and he solves it by granting the Cluster the right to read and create computer objects in the servers OU.