Create Availability Group Listener Fails with Message 19471, ‘The WSFC cluster could not bring the Network Name resource online’

When trying to create an availability group listener, SQL Server may fail and report the following error:

Create failed for Availability Group Listener 'SQLCDB01Temp'. (Microsoft.SqlServer.Smo)

The WSFC cluster could not bring the Network Name resource with DNS name 'SQLCDB01Temp' online. The DNS name may have been taken or have a conflict with existing name services, or the WSFC cluster service may not be running or may be inaccessible. Use a different DNS name to resolve name conflicts, or check the WSFC cluster log for more information. The attempt to create the network name and IP address for the listener failed. The WSFC service may not be running or may be inaccessible in its current state, or the values provided for the network name and IP address may be incorrect. Check the state of the WSFC duster and validate the network name and IP address with the network administrator. (Microsoft SQL Server, Error: 19471)

When a client access point (CAP) is created directly from Windows Cluster Administrator, the CAP is successfully created, but the network name resource fails to come online, even though the IP Address resource is online.

Right-clicking the client access point resource and choosing Properties, under the General tab, the DNS Status reports a message 'DNS handle is invalid.'

 Cause

This issue occurs because the rc4-hmac keys on the Domain Controller and the cluster side for the virtual computer object (VCO) are different. The ticket decryption fails when the ticket is encrypted by using the rc4-hmac encryption. Additionally, the cluster becomes unavailable for any computer that uses the rc4-hmac keys.

The issue is described as Issue 2 in the following Knowledge Base article:

Can't access a resource that is hosted on a Windows Server 2012-based failover cluster
https://support.microsoft.com/kb/2838043

 Resolution

  • Apply the hotfix described in article 2838043.
  • OR
  • Workaround the problem using the following steps:
  1. Launch Failover Cluster Manager.
  2. In the Roles pane, right-click the availability group resource and choose Add Resource and then Client Access Point.
  3. Enter a DNS Name and click in the affirmative through the rest of the wizard to create the CAP. The CAP is created, the IP Address resource comes online, but the network name resource fails to come online.
  4. Right-click the Network Name resource, click the General tab and check the DNS Status, it will read "DNS handle is invalid."
  5. With the network name resource offline, right-click on the network name resource and navigate to More Actions, choose Repair.
  6. Repeat repair until DNS Status reports OK under the General tab of the network name properties.
  7. Bring the network name resource online.
  8. Delete this CAP and try creating the AG Listener from the SQL Server Management Studio.

 More Information

Windows cluster is actually failing to create or bring the availability group listener clustered resource online in Windows Cluster. Therefore, this error is a generic error message and does not give us enough information about the cause of the error. If availability group listener creation fails, but the symptoms above do not match, there could be other causes of this error and the generic troubleshooting is outlined in:

Troubleshooting AlwaysOn availability group listener creation in SQL Server 2012
https://support.microsoft.com/kb/2829783