Hi,
a customer has, accidentally, deleted multiple Active Directory Computer objects which correspond to Network Name Resources of a Windows Cluster 🙁 .
The cluster network name itself was also affected and no backup of the AD Database to restore the objects was available.
All solutions that I’ve found to get the cluster working again are based on the restore of the AD objects.
But there is also another way respective hack 🙂 . This works for me on a Windows 2008 R2 Cluster.
Typical error are:
- Event ID 1207 is logged to the Eventlog: “Unable to get Computer Object using GUID” “There is no such object on the server.”
- Or in the C:\Windows\Cluster\Reports\cluster.log file (exported with
cluster.exe log g)
Network Name <Clustername>: Unable to Logon. winError 1326
It is not sufficient to create new AD Computerobjects, because the ObjectGUID of the Computerobject is different to the GUID stored in the recource properties of Networkname resource in the clusters database.
All further steps in Powershell require that the following code with functions is already loaded. Adjust the LDAP Search variable and copy and paste it into a powershell window which is started with administrator permissions on a cluster node.
Legend
Domain: subdom.domain.local
Cluster Node 1: node1.subdom.domain.local
Cluster Node 2: node2.subdom.domain.local
Cluster Networkname: cno.subdom.domain.local
$sLDAPRoot="LDAP://DC=subdom,DC=domain,DC=local"
function fGetADComputerObjectFromName([System.String]$sComputerName,[System.String]$sLDAPSearchRoot){
$oADRoot = New-Object System.DirectoryServices.DirectoryEntry($sLDAPSearchRoot)
$sSearchStr ="(&(objectCategory=computer)(objectClass=computer)(samaccountname="+$sComputerName+"$))"
write-host "SEARCH" $sSearchStr
$oSearch=New-Object directoryservices.DirectorySearcher($oADRoot,$sSearchStr)
$oFindResult=$oSearch.FindAll()
if($oFindResult.Count -eq 1){
write-host "OK, Computer Object found in AD"
return($oFindResult)
}
else{
return($false);
write-warning "No computerobject found in AD."
}
}
# Convert GUID as stored in AD to
# GUID Stored in Cluster Registry
# as described here http://blogs.technet.com/b/csstwplatform/archive/2010/10/15/cluster-network-name-resource-cluster-name-cannot-be-brought-online-unable-to-get-computer-object-using-guid.aspx
function fConvertGuidADToGuidClusterRegistry([byte[]]$aGUIDAsByteArray)
{
if($aGUIDAsByteArray.Count -ne 16){write-warning "Wrong AD ObjectGUID format."}
[byte[]]$aBytesConverted=new-object byte[] 16
for($iLoop=0;$iLoop -le 3;$iLoop++){
$aBytesConverted[3-$iLoop]=$aGUIDAsByteArray[$iLoop]
}
for($iLoop=0;$iLoop -le 1;$iLoop++){
$aBytesConverted[5-$iLoop]=$aGUIDAsByteArray[$iLoop+4]
}
for($iLoop=0;$iLoop -le 1;$iLoop++){
$aBytesConverted[7-$iLoop]=$aGUIDAsByteArray[$iLoop+6]
}
for($iLoop=8;$iLoop -le 15;$iLoop++){
$aBytesConverted[$iLoop]=$aGUIDAsByteArray[$iLoop]
}
return New-Object System.Guid @(,$aBytesConverted)
}
function fCheckNetworkNameGUID([string]$sNetworkName)
{
# Get AD Object
$oComputer=fGetADComputerObjectFromName $sNetworkName $sLDAPRoot
if($oComputer){
# GUID from AD use ADSIEdit and the detail view of the objectguid Property
$oGUIDRegistryShouldBe=fConvertGuidADToGuidClusterRegistry $oComputer.Properties["objectguid"].item(0)
# Get GUID from Registry HKLM:\Cluster\Resources\ResourceID\parameters\ObjectGUID
$oNetworkName=Get-ChildItem HKLM:\Cluster\Resources|%{New-Object -Type PSObject @{"PSPath"=$_.Name;"RESOURCEID"=$_.PSChildName;"NAME"=$_.GetValue("Name");"GUID"=$_.OpenSubKey("Parameters").GetValue("ObjectGUID")}}|where-Object{$_.Name -eq $sNetworkName}
if($oGUIDRegistryShouldBe.ToString("N") -eq $oNetworkName["GUID"])
{
write-host "GUID between AD and Cluster Registry are in sync."
return $true
}
else
{
write-warning "GUID mismatch between Cluster Registry and AD"
write-host -foregroundcolor green "Cluster Resource : " $oNetworkName["RESOURCEID"]
write-host -foregroundcolor green "GUID expected in registry: " $oGUIDRegistryShouldBe.ToString("N")
write-host -foregroundcolor red "GUID found in registry : " $oNetworkName["GUID"]
return $false
}
}
}
Recreate the computer object in AD and check the GUID with the following Powershell Script. The parameter to the fCheckNetworkNameGUID function is the NetworkName of the resource. Of course the check fails.
PS C:\ fCheckNetworkNameGUID "con" SEARCH (&(objectCategory=computer)(objectClass=computer)(samaccountname=con$)) OK, Computer Object found in AD WARNING: GUID mismatch between Cluster Registry and AD Cluster Resource : 26d49be5-7428-4aca-9321-b0e2ad77f47d GUID expected in registry: da52a193e646a142a3fe71dc62110c36 GUID found in registry : c6784f21779746caae76b07a61690d0f False
This has to be corrected. Save the expected GUID and the Cluster Resource ID to a file. Both was needed later.
Editing the clusters registry under HKLM:\Cluster do not work, the cluster did not recognize any changes there. The changes must be done “offline”.
Do the following steps:
- Before you begin Logon to one cluster node, i.e. node1.subdom.domain.local, and shutdown all other nodes in the cluster
- One the remaining node, set the Startuptype for the cluster service to disabled
sc config ClusSvc start= disabled
[SC] ChangeServiceConfig SUCCESS - Reboot the node, Login again
- Start an cmd with administrator rights. Check if the cluster service is not running
C:\Windows\system32>sc query ClusSvc
SERVICE_NAME: clussvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 1 STOPPED
WIN32_EXIT_CODE : 1077 (0x435)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0 - Backup the clusters config
robocopy /S C:\Windows\Cluster C:\Windows\Cluster.save - Load the clusters Registry Hive C:\Windows\Cluster\CLUSDB
Either load it with regedit.exe, select HKLM, menu File, load hive and browse to C:\Windows\Cluster\CLUSDB, Name is clus
or usereg LOAD HKLM\CLUS C:\Windows\Cluster\CLUSDB - The Clusters registry hive is now “mounted” at HKLM\CLUS
- Locate the previously noticed NetworkName resource at HKLM\CLUS\Resources by its Resource ID with regedit, in this example
HKLM\CLUS\Resources\26d49be5-7428-4aca-9321-b0e2ad77f47d - Change to subkey “Parameters”
- And set the “ObjectGUID” Value to the already noticed “expected GUID”, in this example
“ObjectGUID”=da52a193e646a142a3fe71dc62110c36 - Unload the registry hive
reg.exe UNLOAD HKLM\CLUS - Open MMC SnapIn Active Directory Users an Computers and look for the already created Computer Object.
- Set Fullcontrol permissions to all Computer objects with failed Networkname Resources for Clusternetworkname (cno.subdom.domain.local) Computer Object and for each nodes (node1.subdom.domain.local, node2.subdom.domain.local) in the cluster.
- Reset each the Active Directory Computer Objects for each failed Networkname Resource
- Now, set the cluster service to startup type auto
sc config ClusSvc start= auto
[SC] ChangeServiceConfig=SUCCESS - And reboot the node
If the node is up. Rerun the powershell fCheckNetworkNameGUID function.
PS C:\ fCheckNetworkNameGUID "con" SEARCH (&(objectCategory=computer)(objectClass=computer)(samaccountname=con$)) OK, Computer Object found in AD GUID between AD and Cluster Registry are in sync. True
If the failed Networkname Resource is the Clusternetworkname itself, select the Cluster in the Cluster MMC Plugin, and choose the “Repair Active Computer Object” in the “More Actions” menu.
For all other Networkname Resource there is no repair option, simply bring the resource online.
Start all other cluster nodes and try to move the Services or Application to them.
Note: This is a deep intervention in the Clusters Database, but the last chance for me to get the cluster up.
Michael
Many thanks!!!! you saved me, i’ve wasted more than two weeks to find a solution, we had exactly the same problem as this topic.
Best regards,
Thank you so much. Your solution is working well.
Best Regards
Many thanks!
Best solution, helped me get the cluster back to normal! The PowerShell script displays the error “cannot index into NULL array” I knew that because I had a problem with the cluster GUID, your script helped me get the correct GUID for the registry 🙂 Thanks!