0

I am trying to set up Cluster Aware Updating, but it always fails with the following error:

Add-CauClusterRole : Unable to create the CAU clustered role because a Network Name resource could not be created.
This can occur if a computer account (virtual computer object) for the role could not be created in the domain. Check
the event log for more information. If the cluster name account does not have permissions to create the object, you
can pre-stage a computer account in Active Directory. Then, use the Add-CauClusterRole Windows PowerShell cmdlet with
the VirtualComputerObjectName parameter to create the CAU clustered role. For more information about pre-staging
computer accounts, see http://go.microsoft.com/fwlink/p/?LinkId=237624.
At line:1 char:1
+ Add-CauClusterRole -ClusterName cluster -Force -CauPluginName Microsoft.Win ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (:) [Add-CauClusterRole], ClusterUpdateException
    + FullyQualifiedErrorId : CouldNotFindVcoName,Microsoft.ClusterAwareUpdating.Commands.AddCauClusterRoleCommand

Here is the PowerShell command I am using

Add-CauClusterRole -ClusterName cluster -Force -CauPluginName Microsoft.WindowsUpdatePlugin -MaxRetriesPerNode 3 -CauPluginArguments @{ 'IncludeRecommendedUpdates' = 'False' } -StartDate "7/17/2013 3:00:00 AM" -DaysOfWeek 16 -WeeksOfMonth @(2) -VirtualComputerObjectName cau -EnableFirewallRules;

I've prestaged the 'cau' computer object in Active Directory, and given full control to the 'cluster' object.

However, when I run the command, it still tries to create a computer object with a random name, seemingly completely ignoring the VirtualComputerObjectName param. Any thoughts?

Colyn1337
  • 2,387
  • 2
  • 22
  • 38
Jonah H.
  • 203
  • 3
  • 8
  • Where did you pre-stage the 'cau' computer object? If not in the default Computers container then that might be the problem. I know there are issues with moving the CNO to an OU instead of leaving it in the default Computers container. – joeqwerty Jul 17 '13 at 18:19
  • It's in the same OU as the cluster, which is a sub OU inside another OU. Unfortunately, I do not have access to add computers outside this OU. We're working on getting "Create Computer" access for our cluster inside our OU, but I was just trying to get some things working before that happens. Thanks for the info. – Jonah H. Jul 17 '13 at 22:36

1 Answers1

1

In this article you can find how to correctly pre-stage the computer account. From a security point of view you have given the account too many permissions.

Looking at the powershell command I am missing the parameter: -GroupName cau

Erik
  • 174
  • 7