Windows Server 2022 Datacenter Cluster Unable to Use Cluster Aware Updating After Installing Sentinel One Anti-virus

Dayton, Donald E 0 Reputation points
2024-04-25T22:16:54.2533333+00:00

I created a two-node cluster using Windows Server 2022 Datacenter on separate ESXi hosts. The Cluster Aware Updating (CAU) was working perfectly fine until I installed the corporate-mandated Sentinel One Anti-virus solution. Now, the two nodes show no update status, and when I select the "generate updates list," I get an error box. Although the failover clustering and SQL Server Enterprise Always Available are still functioning, I want to get the CAU working again. I've been unable to find a solution through Google. I have opened a ticket with Sentinel One, but there has been no resolution thus far.

cim

Windows Server Clustering
Windows Server Clustering
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Clustering: The grouping of multiple servers in a way that allows them to appear to be a single unit to client computers on a network. Clustering is a means of increasing network capacity, providing live backup in case one of the servers fails, and improving data security.
1,008 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Ian Xue 37,706 Reputation points Microsoft Vendor
    2024-04-29T04:36:21.5766667+00:00

    Hi Donald,

    Good day!

    Here are some steps you can take to troubleshoot and resolve the issue:

    1. Review the configuration of the Sentinel One Anti-virus solution. It's possible that it is blocking or interfering with the communication between the cluster nodes required for CAU to function properly. Ensure that any firewall settings or network rules configured by the anti-virus solution are not preventing the necessary communication.
    2. Configure the anti-virus solution to exclude the directories, processes, or network ports used by CAU from scanning or blocking. This can prevent interference with CAU's operation.
    3. In addition, temporarily disable or uninstall Sentinel One on one of the cluster nodes if possible and then try to run CAU again. If CAU works without the anti-virus software, it confirms that Sentinel One is indeed the cause of the issue.

    Best Regards,

    Ian Xue


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.