In my post “What happened to the Cluster Service Account?” I asked the following question:
Suppose you created a cluster named “SQLCLUSTER01” and this cluster hosts two applications, named “CORPSQL01” and “CORPDOCS.” Active Directory will contain three computer objects – SQLCLUSTER01, CORPSQL01, and CORPDOCS. SQLCLUSTER01 be the owner of CORPSQL01 and CORPDOCS.
Taking this example one step further, suppose that this cluster is configured to have a File Share Witness. To which identity would you need to grant permissions on the file share used as this witness?
The answer here is the computer object named SQLCLUSTER01$. The CNO object name is SQLCLUSTER01 and this is the identity under which the File Share Witness operates when going over the network. The $ at the end is to indicate that the name is a computer name instead of a user or group.
Software Development Engineer
Clustering & High Availability