Always On: Permissions

Configuring Always-On is easy as long as you have the required permissions. I have tumbled into the trap of permissions and have seen many others fell in too.

The set of permissions you require for configuring Failover Cluster (If you are doing that too):

  1. Your account should be domain account (it will be user domain account in most cases and that is fine).
  2. Your account/group should be part of “Local Administrators” group in each node.
  3. Your account should have “Create Computer Objects” and “Read All Properties” permissions in the container that is used for computer accounts in the domain.

For configuring Always-On Listener:

  1. Cluster Object Name of WSFC cluster should have the Create Computer Objects permission.
  2. You should be sysadmin or have CREATE AVAILABILITY GROUP/ ALTER ANY AVAILABILITY GROUP/ CONTROL SERVER permission.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s