JSI Tip 7871. Your Windows Server 2003 cluster nodes may fail when the CachedLogonsCount is zero?

If intra-cluster communication is required when a domain controller is unavailable, a cluster node may fail if the CachedLogonsCount Value Name has been set to a data value of zero (0).

NOTE: The default data value of CachedLogonsCount for Windows Server 2003 is 10.

In this scenario, you may experience any or all of the following behaviors:

- Nodes are arbitrarily removed from the cluster.

- The cluster log records access denied errors for node-to-node communication.

- Attempts to join a node produce RPC errors and timeouts.

- The cluster log may record '\[NM\] Received advice that node <node id> has failed with error 5" errors.

- The event log may record error 1726 - The remote procedure call failed.

This behavior occurs because a CachedLogonsCount data value of 0 prevents a node from using cached credentials when authentication is required and a domain controller is unavailable.

To prevent this behavior, make sure that a domain controller is available and set the CachedLogonsCount data value to the same non-zero value on ALL nodes, restarting each node.

NOTE: You can also use Group Policy to alter the CachedLogonsCount data value by using the following on ALL nodes:

1. On a cluster node, use Start / Run / gpedit.msc / OK to open the Group Policy Editor.

2. Expand Computer Configuration / Windows Settings / Security Settings / Local Policies / Security Options.

3. Double-click the Interactive Logon:Number of Previous Logons to Cache value and set the data value to a number greater than 0.

4. Press OK.

5. Restart the server.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.