Versions Compared

Version Old Version 8 New Version Current
Changes made by

Alex Barth

Alex Barth

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Process

Service Administrator Tasks

  1. Create a parent OU to contain the AD objects for the cluster nodes, cluster account, and cluster services
  2. Create a group to contain the cluster members
  3. Create a group to contain the cluster admins
  4. Send email to ad-requests@its.utexas.edu requesting delegation of "computer objects" in parent OU to the cluster members and cluster admins groups. 

Example: "please delegate control of computer objects in <PARENT OU> to <CLUSTER MEMBERS GROUP> and <CLUSTER ADMINS GROUP>"

Domain Administrator Tasks

  1. Run the computer delegation script using the requested OU and the cluster members group as arguments
  2. Run the computer delegation script using the requested OU and the cluster admins group as arguments

Service Administrator Tasks

  1. Create cluster computer object in parent OU
  2. Create computer objects for cluster nodes in parent OU
  3. Add cluster computer objects and cluster node computer objects to the cluster group

Notes

Only the computer object for the cluster and the cluster node objects must be members of the cluster group. Computer objects for cluster services and cluster applications should not be added to the cluster members group.

...

titleTable Of Contents

...

Prerequisites

  • A name for the cluster has been defined

    • ex. DEPT-Cluster1

Prepare Active Directory objects

Info

The steps in this section can be completed by a department administrator or a user with permissions to create OUs and computer objects in a department OU.

  1. Create a new OU in Active Directory to contain the objects for the cluster.

    • This is the cluster OU.

  2. Create the computer objects for the cluster members in the cluster OU.

    • These are the cluster member objects.

  3. Create a disabled computer object with the name of the cluster in the cluster OU.

    • This is the cluster computer object.

  4. Create a group and add the cluster computer object and cluster member objects to the group.

    • This is the cluster computers group.

Request Active Directory delegation

The required delegation can be created in one of two ways:

Expand
titleThe Active Directory Delegation Request form in ServiceNow

  1. Browse to the following page:

  2. Select Request in the Active Directory Delegation section.

  3. Complete the form by setting the following values:

    • Set the AD Group Name to delegation permissions to field to the name of the cluster computers group created in the previous section

    • Select the Computer delegation in the Delegation Options section

    • Set the OUs to apply the delegations to field to the canonical or distinguished name of the cluster OU created in the previous section

  4. Submit the form by selecting Request on the right-hand side of the form.

  5. Wait for the Active Directory team to process the requested delegation.

Expand
titleThe Requests By Attribute process

  1. Browse to following page:

  2. Complete the appropriate sections in the Submit Requests and Review Results section.