In this blog, I present you a new tool for checking your existing Windows Server Failover Cluster setup, with or without SAP resources: The Cluster Check Tool.
The Cluster Check Tool collects configuration and logging data from your Windows Server Failover Cluster. Based on the collected information, the Cluster Check Tool validates your configuration and checks for common misconfigurations, for example:
- Cluster specific: Quorum configuration, Properties for Resource Groups and Resources, Resource Group Dependencies
- Cluster Nodes: Operating System Version, Version of SAPRC.dll, Windows Service Startup types, Permissions for file System objects and network share
- Network configuration: Forward/Backward Name Resolution of IP Addresses and Hostnames
Disclaimer: This tool is not part of the SAP Products and thus not officially supported by SAP. It was designed to help our customers and supporters to identify potential misconfigurations. Use it at your own risk.
Get and run the Cluster Check Tool
Get the latest version
You can find the latest version of the Cluster Check Tool attached to SAP Note 2624843 – How to check a Windows Failover Cluster configuration?
Version 0.1.0.50 (January 21, 2021)
- Added parameter (-skipEventLogExport) to disable the export of the Windows Event Logs Application and System.
- Added output of Cluster Networks and Cluster Network Interfaces
- Added detection of multiple IP Address resources for SAP <SID> Cluster Groups
- Added detection of cluster nodes that are distributed over distinct subnets
- Fixed parsing of file system and network share ACLs
- Added detection of commonly used Antivirus and other security software based on the
detected Windows Services
Version 0.1.0.45 (November 18, 2020)
- Added cloud provider detection.
Version 0.1.0.44 (October 09, 2020)
- Added parameter (-skipDADetection) to disable the automatic detection of Diagnostic Agent
- Fixed parsing of file informations for old versions (< 220.127.116.11) of saprc.dll.
Version 0.1.0.42 (August 18, 2020)
- Fixed problems when calling PowerShell scripts on remote hosts
- Added additional informations to selected validation messages.
Version 0.1.0.40 (July 16, 2020)
- Added new command line arguments to ClusterCheckTool.exe:
- -local: Run cluster checks only on localhost
- -noWinRM: Run cluster checks without using WinRM (see also the additional PowerShell-Script Run-ClusterCheckTool-NoWinRM.ps1)
- Added check for High-Paging Hotfix (See SAP Note 2553235)
Version 0.1.0.33 (March 04, 2020)
- Added warning message if SAPRC.dll is missing on all cluster nodes.
- Added collection of additional, node specfic data:
- Content of the file %windir%\System32\drivers\etc\services
- Output of the commands:
- fltmc instances
- ipconfig /all
Version 0.1.0.28 (November 11, 2019)
- Added check for data type of registry value DisableCARetryOnInitialConnect. Expected type: DWord
- Added check for Windows Services of NEC Express Cluster
- Added check for the total count of running clustered SAP Windows Services on all nodes
- Added display of the property “Failback Type” for Cluster Groups
- Added exceptions for Well-Know SIDs within Cluster Permissions check
- Fixed check of “NetBIOS over TCP/IP” status for disabled network adapters and network adapters with not assigned IP addresses
- Fixed issues accessing protected registry keys (e.g. services for Anti Virus software)
- Fixed query for latest SAPRC.dll file version
- Fixed some issues if running on a cluster with IPv4 and IPv6 addresses
- Recovery action of windows services was not read correctly
Version 0.1.0.13 (September 13, 2018)
- Added basic support for ENSA2 configuration
- Fixed validation of Windows Services for Clustered SAP instances
- Added detection of Domain and Site awareness on Windows Server 2012 and later
- Fixed bug if the tool is executed on a non-cluster node
- Fixed bug in Run-ClusterCheckTool.cmd (wrong path to Run-ClusterCheckTool.ps1) if it’s executed from the Windows Explorer
Version 0.1.0.4 (28th March 2018)
- First beta Release
Every node of the Cluster must fulfill the following system requirements:
- Windows Server 2008 SP2 or later, x64 only
- .NET Framework 4.5 or later on the cluster node which is used to start the Cluster Check Tool
- The Windows Feature “.NET Framework 3.5 (includes .NET 2.0 and 3.0)”
- You can use the following PowerShell command to check the installation state of this Windows Feature: Get-WindowsFeature -Name NET-Framework-Core
- Windows Management Framework 3.0 or later
You can get the Windows Management Framework 3.0 using the link https://www.microsoft.com/en-us/download/details.aspx?id=34595
- PowerShell 3.0 or later. PowerShell Remoting must be enabled
- The user used to run the Cluster Check Tool must be at least a member of the Active Directory group “Domain Users” and member of the local “Administrators” group on each node of the cluster.
- Disk space: The required disks space mainly depends on the size of the created cluster logs. The size of each cluster log file can exceed several hundreds of megabytes.
Note: If the Cluster Check Tool is executed on a system which is not member of a Windows Server Failover Cluster, all cluster related checks will be skipped. There are also some checks which return false warnings if the Cluster Check Tool is not run on a cluster node!
Running the Cluster Check Tool
Beforehand: It is not necessary to run the Cluster Check Tool on more than one node of the cluster.
Extract the archive to a local directory on one node of the cluster, for example C:\Cluster Check Tool.
Open an elevated PowerShell, navigate to the directory containing the Cluster Check Tool and run the PowerShell script Run-ClusterCheckTool.ps1:
PS > cd "C:\Cluster Check Tool" PS > .\Run-ClusterCheckTool.ps1
Please note: The Cluster Check Tool runs some prerequisite checks on the local system before starting the data collection on the cluster. If one of the prerequisite checks fails the execution will be canceled and the prerequisite check results will be displayed. You can rerun the tool after you have fixed the reported issues.
Wait until the Cluster Check Tool has collected all required information from your cluster. This may take some minutes depending on the performance of your cluster nodes. After the cluster check tool completed his work successfully, the report is opened automatically.
You should find a ClusterReport_<Timestamp> directory in the directory where the Run-ClusterCheckTool.ps1 is located. This directory contains all data that was collected by the Cluster Check Tool:
- ClusterKeyExport.reg: An export of the registry HKLM\Cluster
- Logs: This directory contains the cluster log files
- This directory contains one subdirectory <clusternodename> for each node storing the collected data
- This directory contains one subdirectory <SID> for each detected SAP System storing the collected data
- The Cluster Check Report
- The results of the prerequisite checks
The ZIP-Archive ClusterReport_<Timestamp>.zip is a compressed version of the ClusterReport_<Timestamp> directory. For example, you can attach this archive file to your incidents to provide us additional information about your cluster environment.
How it works
First, the Cluster Check Tool runs a set of prerequisite checks to ensure that it can collect the required data (Step 1). These also includes the check for the system requirements.
If the prerequisite checks passed successfully, the Cluster Check Tool collects information from the Windows Server Failover Cluster (Step 2): The resource groups, resources, and nodes of the cluster and some properties for each of these objects.
For each cluster node detected in step 2, detailed system information is queried mainly using WMI and Remote PowerShell calls (Step 3).
Based on the data from Step 2 and Step 3, the Cluster Check Tool detects the running SAP Systems and collects relevant information for each of these SAP Systems.