A node was evicted from the cluster. If you are not sure why, review the sequence of logged events before the eviction. If you do not currently have Event Viewer open, see "Opening Event Viewer and viewing events related to failover clustering." In Event Viewer, look for the following information:
One or more events that indicate that the node failed an attempt to join the cluster. These events might include a status code that contains more information.
An event that indicates that the node was evicted intentionally. If you do not know who evicted the node and want to collect such information in the future, you can configure auditing of attempts to access the cluster. To do this, first configure organization-wide auditing settings, then follow the instructions in "Enabling auditing of a cluster after auditing has been configured in your organization," later in this topic.
After correcting a problem on a node, if necessary, restart the Cluster service on the node. For more information, see "Restarting the Cluster service after correcting a problem on a node," later in this topic.
To perform the following procedures, you must be a member of the local Administrators group on each clustered server, and the account you use must be a domain account, or you must have been delegated the equivalent authority.
Restarting the Cluster service after correcting a problem on a node
To restart the Cluster service after correcting a problem on a node:
To open the failover cluster snap-in, click Start, click Administrative Tools, and then click Failover Cluster Management. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
In the Failover Cluster Management snap-in, if the cluster you want to manage is not displayed, in the console tree, right-click Failover Cluster Management, click Manage a Cluster, and then select or specify the cluster that you want.
If the console tree is collapsed, expand the tree under the cluster you want to manage.
Expand the console tree under Nodes.
Right-click the node that you want to start and then click More Actions. If Stop Cluster Service is available, click it. Otherwise, skip to the next step.
Right-click the node that you want to start, click More Actions, and then click Start Cluster Service.
Enabling auditing of a cluster after auditing has been configured in your organization
To enable auditing of a cluster after auditing has been configured in your organization:
To open the failover cluster snap-in, click Start, click Administrative Tools, and then click Failover Cluster Management. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
In the Failover Cluster Management snap-in, if the cluster you want to manage is not displayed, in the console tree, right-click Failover Cluster Management, click Manage a Cluster, and then select or specify the cluster that you want.
Right-click the cluster, click Properties, and then click the Cluster Permissions tab.
Click the Advanced button, and then click Auditing.
Specify the users or groups that you want to audit in the same way that you would for other resources.
Opening Event Viewer and viewing events related to failover clustering
To open Event Viewer and view events related to failover clustering:
If Server Manager is not already open, click Start, click Administrative Tools, and then click Server Manager. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
In the console tree, expand Diagnostics, expand Event Viewer, expand Windows Logs, and then click System.
To filter the events so that only events with a Source of FailoverClustering are shown, in the Actions pane, click Filter Current Log. On the Filter tab, in the Event sources box, select FailoverClustering. Select other options as appropriate, and then click OK.
To sort the displayed events by date and time, in the center pane, click the Date and Time column heading.
Home
PLK