After migrating local groups/users to a Cluster Server, the cluster fails over and the access control entries for the local groups/users now appear as SIDs.
When choosing the option to migrate local groups/users to destination server and selecting “Target Server” as the destination, the local groups are created locally on the active node of the cluster. When the cluster fails over the new active node does not have a way to resolve the SIDs of the local groups/users since they do not exist locally on this server. Microsoft recommends not using local groups to grant permission to cluster resources for this reason.
Select the option to migrate local groups to Active Directory. This will create domain local groups on the target server which can be accessed by both nodes in the cluster as long as both nodes exist on the same domain.
Please see the following Microsoft article for more information:
Local Groups and Microsoft Cluster Server
http://support.microsoft.com/default.aspx?scid=kb;en-us;241796
© 2021 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy