- Join Windows 11 to an Active Directory domain - Thu, Jun 1 2023
- Change Windows network profiles between public and private - Wed, May 24 2023
- How to map a network drive with PowerShell - Wed, May 17 2023
In a Hyper-V or HCI cluster, cluster-aware updating (CAU) migrates all workloads from one host to other nodes of the cluster, installs the updates, and restarts the machine. This process then repeats itself until the entire cluster is up to date.
Until recently, Failover Cluster Manager and PowerShell were the tools of choice for this maintenance task, and for some time now, it's also been possible to use Windows Admin Center (WAC). WAC simplifies the process even further by automatically installing the CAU feature on the cluster nodes if necessary.
Connecting WAC to a cluster
The first step is to connect to the cluster using WAC, if it's not already connected. To do this, open the Cluster Manager from the menu in the title bar. There, you can execute the command +Add and enter the cluster name object (CNO) under which you have registered the cluster in Active Directory (AD).
Add the cluster to the WAC Cluster Manager by entering the CNO
After the connection has been successfully established, you can switch to Updates in the navigation bar on the left. If you have not used WAC to update the cluster before, or deactivated CredSSP after the last maintenance job as recommended, then a dialog box will be displayed that asks you to allow CredSSP.
The update tool automatically detects whether CredSSP needs to be activated and asks for approva
Notorious issues with CredSSP
When in gateway mode, the Admin Center often causes problems when delegating credentials to the endpoints, so that instead of the dialog box mentioned, you often receive an error message:
You can't use Cluster-Aware updating tool without enabling CredSSP and providing explicit credentials.
Instead of enabling CredSSP WAC sometimes shows an error message when connecting through a gateway
One cause might be that you're using a gateway server localized in a language other than English. Manually activating CredSSP on the gateway server and the cluster nodes doesn't usually solve the problem. So another option is to install WAC on a workstation; because you connect directly to the cluster from the workstation, the credential delegation problem does not occur there.
Searching for updates
After overcoming the CredSSP hurdle, the Update Manager will offer to add the CAU feature if not already done.
WAC will install Cluster Aware Updating if required
The following overview lists the cluster nodes and their update status. Before any updates have taken place, the status is shown as Not Available.
There is no defined status before the first cluster update from this page you can start searching for update
Now you can start the search for updates via the corresponding link. If the search finds required updates, you can then start the installation process. Each node then undergoes multiple stages, starting with Waiting, followed by Being Deployed, Installing, and Restarting if a reboot is required.
The cluster nodes receive pending updates one after another and are then restarted if necessary
Confirming successful updates
At the end of the update process, the Update status column indicates whether the update was successful. The following screenshot shows one node with the value PartiallyFailed, because the device couldn't be rebooted and had to be done manually.
After installing the updates you can check in the overview if it was completed successfully
To determine whether there were also problems during the update, you should view the tab under History. There, you can find the exact name of the update, including a description and the status of the installation.
Subscribe to 4sysops newsletter!
Under the History tab you can find detailed information and the installation status of updates
To get a complete history of the installed updates, you should not switch away from the update window during the entire process. If you want to use another WAC tool in the meantime, you can either open it in another browser window or use the pop-out tools introduced with version 2103.
