Wrong network location profile causes issues with Windows Failover Cluster

Hi folks,

The other day I was pulling hair from my head trying to configure a Windows Failover Cluster intended for an SQL Server Availability Group setup.

During the cluster validation stage I always got this message:

The Windows Firewall on node node01.domain.local is not properly configured for failover clustering.
In particular, the ‘Public’ firewall profile is enabled on adapter ‘node01.domain.local – SLOT 1 PORT 2’.
The ‘Failover Clusters’ rule group is not enabled in firewall profile ‘Public’.
This may prevent some network communication between cluster nodes.

The OS install and networking part was already configured by a someone else and it was a pretty straightforward installation.

The issue turned out to be caused by the 2 NICs we have for iSCSI traffic which did not have a gateway configured.

Windows uses gateways to identify networks. If it doesn’t have a gateway configured, or if it can’t successfully ping it, it will not be able to identify the network it’s connected to and will assume it’s a public one.

Network cards in Windows can be connected to one of these type of networks:
– Public
– Private
– DomainAuthenticated

By default, the public network location type is assigned to any new networks when they are first connected.

A public network is considered to be shared with the world, with no protection between the local computer and any other computer. Therefore, the Windows Firewall rules associated with the public profile are the most restrictive.

As part of the Windows Failover Cluster validation/creation there are checks to verify connectivity (between cluster nodes, active directory, etc.).

These were the settings I had:
Before

All I needed to do was to move all non-domain network interfaces into the private profile:

After

After the change the cluster creation went without issue.

This small detail be easily missed and can cause a lot of headaches and lost time investigating failover clusters.

Cheers!

Update Ola Hallengren’s IndexOptimize Job to only update statistics

Managing a lot of SQL servers does not have to to be a burden. One or a hundred, should be the same, right?
This is how you can quickly update (on a bunch of servers) the IndexOptimize job which is created if you install the MaintenenceSolution from Ola Hallengren:

Erik Darling (t|b) has written a longer post here.

PS. Check out how to quickly install Ola’s maintenance solution on the dbatools.io website.

Register-PSRepository fails on Powershell Core when running behind a corporate proxy

Trying to register a psrepository behind a corporate proxy fails on Powershell Core.

The error you receive is:

Running the same on Windows Powershell 5.1 works.
Now, let see why it’ not working on Powershell Core.

Trying to find more details about the error message:

Let’s look at the function inside the module where the error is triggered (bonus tip on how to jump directly to the line number)

The error message is misleading, as it turns out the part that is failing is this one:

We know the endpoint location is valid, so that means we cannot pass through the proxy.
Digging around the internet led me to this GitHub issue.

Apparently, .NET Core is not respecting proxy in some cases.

The recommended workaround from Steve Lee is to set

or to create

Turns out our little problem is now fixed and the Register-PSRepository command runs successfully.

I hope this post will save you some time in case you run into the same issue.

Voilà!

Block Chrome Software Reporter Tool

Use the following PowerShell Snippet to disable Chrome Software Reporter Tool from eating your CPU cycles:

ChromeCleanupEnabled’s value determines whether the Software Reporter Tool may run on the system.

ChromeCleanupReportingEnabled’s value determines whether the results are reported to Google.

Enable transmission-daemon logging to file

If you use transmission-daemon on your Raspberry Pi and want to have logs to a file, you can follow a few simple steps to accomplish this:

Edit the service file:

Change the ExecStart line to look like this:

You can choose between these options:

systemctl will complain that the service file was changed. Run:

to reload units.

Create the log file and assign the correct ownership and permissions:

Restart the service:

Have fun!

dbatools – fully automated offsite backups, database restores and integrity checks

In this article you’ll find the process I implemented to test my backups using dbatools and PowerShell.
dbatools is a free PowerShell module with over 200 SQL Server administration, best practice and migration commands included.
Backed up by a community of […] Continue Reading…

How to Change your Network Profile in Server 2012R2

Network Profiles were first introduced to allow administrators to configure different firewall profiles based upon what network a user connects to.
Administrators could change the profile by navigating to Network and Sharing Center in control panel and selecting the […] Continue Reading…

Get SMO version on your server

A quick way to find out what SMO versions are installed:

Silently Download and Install SQL Server Management Studio (SSMS)

SSMS is now free and no longer requiring licensing.
It is a separate install and has a more frequent release cycle, usually around 30 days.
To be able to maintain up to date a larger number of SSMS installations I wrote […] Continue Reading…

Add syntax color to crontab editor

You might be wondering why you don’t have syntax coloring when you are editing crontab entries.
This can be solved very simply by specifying your editor before starting crontab:

The change can be made persistent across the whole system if you […] Continue Reading…

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close