2

I'm trying to find out if Server 2008 supports clustering in a DMZ environment where there is no ActiveDirectory installed. If it does require AD then can clustering be done using the AD Lightweight Directory Service feature in 2008 (previously known as ActiveDirectory application mode (ADAM) in Server 2003)?

Update: I should have put this Microsoft whitepaper link (Word 2007 doc) as context for the original question. The whitepaper says in the "An Improved Security Model" section that the Cluster Service Account (CSA) no longer has to be a domain account. What I'm trying to find out is if the CSA doesn't need to be a domain account, can a cluster be built without AD.

Sixto Saez
  • 133
  • 7

2 Answers2

1

The servers have to be in a domain and the cluster services account has to be a domain account.

Ishmael
  • 71
  • 2
  • 9
  • Can't accept this answer because according to the Microsoft whitepaper, a domain account isn't required for the CSA. Also, the second part of the question isn't answered. – Sixto Saez Jan 25 '10 at 13:49
1

According to Microsoft "Overview of Failover Clustering with Windows Server 2008 - White Papaer" (http://www.microsoft.com/download/en/details.aspx?id=13153) document, you still need a working Active Directory for failover clustering, and not ADAM is not useful here as it doesn't have all the security features it needs.

Extract from the document mentioned above: ". In addition, failover cluster nodes must be joined to an Active Directory®–based domain (not a Windows NT® 4.0–based domain)."

What you can do is to user Cluster Nodes as AD Domain Controllers (check http://support.microsoft.com/?id=281662)

Hope it helps