Listener Creation Fails due to Lack of Permission Issue

This post is continuation of my previous Availability Group Listener creation post

If the domain Administrator is not allowing the Permission to create and read computer Objects then we can use this method for successful creation of Availability Group Listener.

Here we are creating the VCO ( which is Virtual Computer Object ) manually in Active Directory as we don’t have permission to create computer objects Automatically.

For doing this make sure the user who logged in has a permission to create computer objects in domain.

  • Open Active Directory Users and Computers ( shortcut to open from powershell : dsa.msc )
  • Click on VIEW and select ‘ Advanced Features 
  • Locate your container where the listener is getting created, in my case it will locate on COMPUTER as shown in below

Now right click on the container where VCO needs to get created in my case it is in COMPUTERS –>click on NEW–>Click on Computer

Here we are creating the Listener Object in COMPUTERS Container

A Pop window ‘ New-Object Computer ‘ will be opened to provide your Listener Name –> Enter your Listener Name in Computer Name Field (AGL)–> click OK.

Now right click on the created VCO which is AGL in my case –click on Properties–>Click ADD button–>enter your cluster name ( in my case AWON$)–>click on Object types–>Enable check box for Computers–> click OK –>Again click OK

Now click on the Cluster Name ( AWON ) and see the permissions below and then click OK.

Read
Allowed To Authenticate
Change Password
Receive As
Reset Password
Send As
Validate write To DNS Host Name
Validate Write To Service Principle Name
Read Account Restrictions
Write Account Restrictions
Read DNS Host Name Attributes
Read MS-TS-GatewayAccess
Read Personal Information
Read Public Information

So, now Virtual Computer Object which is Listener is Created in Active Directory Domain.

Now try to create Listener Using SQL Server Management Studio(SSMS) and it will get created successfully without any Issue.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.