Setup Cluster Permission

We will now setup the cluster AD object permission, so it is allowed to create objects within the same Organization Unit. This is needed so the cluster can create AlwaysON listeners:

  1. Open up the Active Directory Users and Computers Tool within the Administrative Tools:

  2. Enable Advanced Features - this allows viewing and configuring advanced security settings in AD:

  3. Expand the domain OU, then right-click on Computers, then click on Properties:

  4. Click on the *Security** Tab -> Click on Advanced -> then click on Add:

  5. Click on Select a principal then click on Object Types, and make sure to check Computers, so it can see computers and cluster objects. Type the new cluster name, then click OK to add:

  6. In the permission dialog box, make sure to check Create Computer Objects, then click OK to add that permission, then click OK and Apply to all succeeding dialog boxes to exit:

The required permission has now been set for the cluster AD object