Versions Compared

Version Old Version 8 New Version 9
Changes made by

Alex Barth

Alex Barth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Process

Service Administrator Tasks

  1. Create a parent OU to contain the AD objects for the cluster nodes, cluster account, and cluster services
  2. Create a group to contain the cluster members
  3. Create a group to contain the cluster admins
  4. Send email to ad-requests@its.utexas.edu requesting delegation of "computer objects" in parent OU to the cluster members and cluster admins groups. 

Example: "please delegate control of computer objects in <PARENT OU> to <CLUSTER MEMBERS GROUP> and <CLUSTER ADMINS GROUP>"

Domain Administrator Tasks

  1. Run the computer delegation script using the requested OU and the cluster members group as arguments
  2. Run the computer delegation script using the requested OU and the cluster admins group as arguments

Service Administrator Tasks

  1. Create cluster computer object in parent OU
  2. Create computer objects for cluster nodes in parent OU
  3. Add cluster computer objects and cluster node computer objects to the cluster group

Notes

Only the computer object for the cluster and the cluster node objects must be members of the cluster group. Computer objects for cluster services and cluster applications should not be added to the cluster members group.

...

titleTable Of Contents

...

Prerequisites

  • A name for the cluster has been defined
    • ex. DEPT-Cluster1

Prepare Active Directory objects

Info

The steps in this section can be completed by a department administrator or a user with permissions to create OUs and computer objects in a department OU.


  1. Create a new OU in Active Directory to contain the objects for the cluster.
    • This is the cluster OU.
  2. Create the computer objects for the cluster members in the cluster OU.
    • These are the cluster member objects.
  3. Create a disabled computer object with the name of the cluster in the cluster OU.
    • This is the cluster computer object.
  4. Create a group and add the cluster computer object and cluster member objects to the group.
    • This is the cluster computers group.
  5. Create a group and add the user accounts for the cluster administrators to the group.
    • This is the cluster administrators group.
  6. Navigate to the Austin Active Directory page in ServiceNow

Request Active Directory delegation

Info

The steps in this section can be completed by a department owner.


  1. Request delegation for the cluster members by completing the Austin Active Directory Delegation Request form with the following information:
    • AD Group Name to delegation permissions to: provide the name of the cluster computers group
    • Delegation(s) to Apply: select the Computer delegation
    • OUs to apply the delegations to: provide the distinguished name of the OU created in step 2
  2. Request delegation for the cluster administrators by completing the Austin Active Directory Delegation Request form with the following information:
    • AD Group Name to delegation permissions to: provide the name of the the cluster administrators group
    • Delegation(s) to Apply: select the Computer delegation
    • OUs to apply the delegations to: provide the distinguished name of the OU created in step 2
  3. Wait for the requests to be completed.