Cannot perform security update on SharePoint server where DB in Basic Always ON Availability Group

Shuvajit Roy 166 Reputation points
2023-04-27T11:55:47.7+00:00

I have two serves with two DB instances in each of the servers. One with "servername/sqlserverdc" and another with "servername/sqlserverdr". Data from "servername/sqlserverdc" database is synched to "servername/sqlserverdr" with basic always ON availability group.

SharePoint is installed and databases are pointing to "servername/sqlserverdc". However, when I perform security patch through PSconfig.exe or through configuration wizard, I get an error mentioning the databases are in basic always On availability group. The only solution than is, to remove the "servername/sqlserverdr" from the availability group and perform security patch.

This process is cumbersome since I have to remove all the databases one by one. Any suggestion on how to perform security update while "servername/sqlserverdr" in in basic always ON availability group.

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
11,641 questions
SharePoint Server Management
SharePoint Server Management
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Management: The act or process of organizing, handling, directing or controlling something.
2,708 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Vahid Ghafarpour 8,835 Reputation points
    2023-04-28T02:44:59.72+00:00

    When performing security updates on SharePoint with a database in a basic Always On availability group, you may encounter errors if the secondary replica of the database is not synchronized or if the secondary replica is not available. Here are some suggestions you can try:

    Verify the health of the Always On availability group: Check if the Always On availability group is healthy, and if the secondary replica is synchronized with the primary replica. If there are any issues with synchronization or availability, resolve them before proceeding with the security patch.

    Failover the availability group: Failover the availability group to make the secondary replica the primary replica, and apply the security patch on the new primary replica. Once the patch is successfully applied, fail back to the original primary replica.

    Use PowerShell to remove and add databases to the availability group: Instead of manually removing each database from the availability group, you can use PowerShell to remove and add the databases to the availability group. This can help simplify the process and save time.

    Use a rolling upgrade approach: Upgrade one database at a time, by removing it from the availability group, performing the security patch, and adding it back to the availability group. This approach can be time-consuming, but it allows you to perform the security updates without impacting the availability of other databases in the availability group.

    It is important to note that before attempting any of these suggestions, it is recommended to have a backup of the databases and to test the upgrade process in a test environment.

    1 person found this answer helpful.
    0 comments No comments

  2. Shuvajit Roy 166 Reputation points
    2023-04-28T17:57:42.67+00:00

    Hi @Vahid Ghafarpour ,

    Thank u for the suggestions. Please find my response to your suggestions.

    • Verify the health of the Always On availability group: Check if the Always On availability group is healthy, and if the secondary replica is synchronized with the primary replica. If there are any issues with synchronization or availability, resolve them before proceeding with the security patch.

     My Response: All are perfectly fine, status are synchronized and healthy for both servers.

    • Failover the availability group: Failover the availability group to make the secondary replica the primary replica, and apply the security patch on the new primary replica. Once the patch is successfully applied, fail back to the original primary replica.

     

    My Response: This model does not work since despite I make the secondary as primary, the databases are in basic availability group and synchronized. Regardless, I make the primary as secondary and vice-versa, this error will show up. In my experience the only way to patch is to remove the secondary replica and the patching will be successful, however I do not want to patch this way. That is why I am seeking for suggestion.

    • Use a rolling upgrade approach: Upgrade one database at a time, by removing it from the availability group, performing the security patch, and adding it back to the availability group. This approach can be time-consuming, but it allows you to perform the security updates without impacting the availability of other databases in the availability group.

     

    My Response: for rolling upgrade, eventually we must remove the databases from the availability group. If this is the purpose, than I can patch like I performed earlier, which is removing the databases from the availability group, perform the patch and add the databases in the availability group.

    In conclusion, can u suggest any other method to patch SharePoint server while replicas are synchronized through Basic Always ON Availability Group. My purpose is not served. Plz see the errors and my architecture diagram.2

    1

    0 comments No comments