Windows Server 2012 – Failover Clustering error “Cluster network name resource ‘Cluster Name’ failed registration of one or more associated DNS name(s) for the following reason: DNS bad key.”

Today I had to troubleshoot an issue on our 2012 (non-R2) cluster that was causing live migration to fail. Quick migration wasn’t affected.

The error I was receiving was:

Cluster network name resource 'Cluster Name' failed registration of one or more associated DNS name(s) for the following reason: DNS bad key.

I tried all of the suggestions on the various KB articles and blog posts, but none of them would help. A lot of them were related to externally-hosted DNS, but our DNS is a normal AD-integrated zone hosted internally. I tried removing the cluster node object’s DNS A record, and forcing a repair:

(By the way, just confirming that taking the Cluster Name resource offline doesn’t affect the Hyper-V workloads running on the cluster)
imageimage1

The repair recreated the CNO A-record with the correct permissions assigned to the cluster’s AD computer account. This still didn’t help.

I then edited the permissions on the CNO’s DNS A-record to allow the individual cluster nodes’ computer accounts write access, and the problem went away.

image2

I’ll be the first to admit that this is an annoying solution as I’m going to have to add the permissions for new cluster nodes as they’re added to the cluster in the future. That said, I think I’m going to build a new 2012 R2 cluster on the other two blades, move the workloads across, and then rebuild these nodes as well.

3 thoughts on “Windows Server 2012 – Failover Clustering error “Cluster network name resource ‘Cluster Name’ failed registration of one or more associated DNS name(s) for the following reason: DNS bad key.”

  1. Awesome… thank so much for posting, had the exact same problem and this fix worked when nothing else did. Cheers!

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s