IT Knowledge Base

Technical Repository

HowTo: Windows 2012 R2 Cluster Aware Updating – Enable PowerShell Remote Shutdown

Error when running the Cluster Updating Readiness Analyzer

Rule ID: 9
Title: A firewall rule that allows remote shutdown should be enabled on each node in the failover cluster
Result: Error
Problem: One or more failover cluster nodes do not have a firewall rule enabled that allows remote shutdown
Impact: Cluster-Aware Updating may not be able to update this failover cluster. An Updating Run that applies updates that require restarting the nodes may not complete properly.
Resolution: If a firewall is in use on the failover cluster nodes, configure a firewall rule to allow the coordinator computer to restart the cluster nodes. To do this, if Windows Firewall is in use, enable the “Remote Shutdown” firewall rule group for the Domain profile on the failover cluster nodes, or pass the -EnableFirewallRules parameter to the Invoke-CauRun or Set-CauClusterRole Windows PowerShell cmdlet. If a non-Microsoft firewall is in use, configure and enable a firewall rule that enables inbound TCP traffic for the wininit.exe program using RPC Dynamic Ports.

Run this PowerShell command on all cluster nodes

Set-NetFirewallRule -Group "@firewallapi.dll,-36751" -Profile Domain -Enabled true

Leave a Reply