none
Confirm SQL Cluster does not need to remain as an Active Directory account?

    Question

  • Just a question in regards to a customer that no longer wants to use Active Directory for their SQL Authentication and just use SQL and an SA account? But from what I know about Windows Clustering along SQL in a cluster there would have to be some sort of communication with an Active Directory domain and an account that has some sort of access at the AD Level?

    This is just a basic yes or know and just want to confirm this.

    Thanks

    Freddie

    Monday, January 30, 2017 2:07 PM

All replies

  • What type of clustering and what version of SQL Server? If it is an AlwaysOn Failover Cluster Instance (the traditional type of SQL cluster) then I believe that yes, AD is required. If it is an AlwaysOn Availability Group and you are on SQL Server 2016 there is the option now to setup an AG with servers that are not a part of the same domain or not a part of domains at all.

    Joie Andrew "Since 1982"

    Monday, January 30, 2017 2:52 PM
  • You need AD to set up a clustered environment.

    You have some options depending on the versions, though, I haven't tried them myself yet. Check out the following docs:

    https://technet.microsoft.com/en-us/library/dn265970(v=ws.11).aspx

    https://blogs.technet.microsoft.com/dataplatforminsider/2015/12/15/enhanced-always-on-availability-groups-in-sql-server-2016/


    http://ekremonsoy.blogspot.com | http://www.ekremonsoy.com | @EkremOnsoy

    Monday, January 30, 2017 2:58 PM
  • Hi Joie

    They are running SQL 2012 ENT with just the basic Windows Failover Cluster option with one Instance (for many databases) and not using the AlwaysOn, so I figure that they would need to keep everything within AD or they would have some issues making these changes now and wait to they move to SQL 2016 at this point.

    Freddie 

    Monday, January 30, 2017 3:18 PM
  • Yep, if they want to keep it a cluster they need AD. If they do not need a cluster but want HA you can probably look to migrate it from a cluster to new instances setup with either log shipping or database mirroring (although note that database mirroring is deprecated).

    Joie Andrew "Since 1982"

    Monday, January 30, 2017 3:20 PM
  • Hi ITPRO_User,

    Let’s break it down into pieces:

    >>The undelaying WSFC:

    Starting with Windows Server 2016 the Active Directory requirement becomes optional as you could use Workgroup Cluster. If you are running earlier versions of Windows Server you still need Active Directory environment to build a WSFC.

    >>SQL Server:

    As far as I can tell, you still need Active Directory to make SQL Server Cluster work as you would have to use domain account as SQL Server service account(checked with SQL Server 2016). AlwaysOn availability group works fine with Workgroup Cluster though.

    If you have any other questions, please let me know.

    Regards,
    Lin

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, January 31, 2017 2:51 AM
    Moderator