Windows Server 2003 Cluster Service (MSCS): Top 10 Best Practice Tips

Under no circumstance should any other resource be created in the Cluster Group other than the default ones which are Quorum, Cluster IP Address and Cluster Network Name. (ref: KB168948)  If MS DTC is installed in the Cluster Group using the cluster’s resources and it’s not going to be used heavily by SQL, then this […]
  1. Under no circumstance should any other resource be created in the Cluster Group other than the default ones which are Quorum, Cluster IP Address and Cluster Network Name. (ref: KB168948)  If MS DTC is installed in the Cluster Group using the cluster’s resources and it’s not going to be used heavily by SQL, then this is the only exception that is supported as long as the MS DTC resource has the “Affect the group” box on the Advanced tab unchecked.

    NOTE:  Using the “Affect the group” box on the Advanced tab to uncheck this option before trying to bring any resource Online, is always a Best Practice tip to avoid unnecessary group failovers from one node to the other when the resource itself fails.

  2. The most efficient way to create many file shares on a cluster is to create sub-folder shares, because this option can significantly reduce the number of resources and overhead.  Using the same methodology as if you were creating user’s home folders. (ref: KB256926)  This option also simplifies administration and disaster recovery.  If you must use individual File Share resources for several hundred shares, it may be necessary to add more CPUs or memory to the server.

    NOTE:  When setting the permissions, do it on the File Share resource through Cluster Administrator to set share level permissions.  Only domain level groups should be used in defining share level permissions, because local groups and user accounts do not reside on the other node, and the permissions will not take effect when the file share is failed over.  The only exception to this is if all nodes in the cluster are domain controllers (which is not something we normally recommend due to the overhead on the DC).  It is recommended for security granularity at the file level, to use NTFS permissions instead of share level permissions on a server cluster.