A new feature for the windows server 2019 that is currently released in the Windows insiders. If you want to test it out and provice feedback please follow the link and sign up.
One of the quorum models for Failover Clustering is the ability to use a file share as a witness resource. The File Share Witness is designated a vote in the Cluster when needed and can act as a tie breaker in case there is ever a split between nodes.
There is a specific requirement that the witness should be joined to the domain and part of the same forest. And the reason is that it needs Kerberos to connect and authenticate with the share.
Though the are few scenarios that this is not possible:
- No or extremely poor Internet access because of a remote location, so cannot use a Cloud Witness
- No shared drives for a disk witness. This could be a Storage Spaces Direct hyper-converged configuration, SQL Server Always On Availability Groups (AG), Exchange Database Availability Group (DAG), etc. All of which do not utilize shared disks.
- A domain controller connection is not available as the cluster has been dropped behind a DMZ
- A workgroup or cross-domain cluster where there in no active directory CNO object
So in Windows Server 2019, we can create a new File Share Witness that simple uses a local user account . That means no kerberos, Domain controller, certificates and Cluster name object needed. And no account needed on the nodes.
The way it works is that on the Windows Server you wish to place the FSW, create a local (not administrative) user account, give that local account full rights to the share, connect the cluster to the share.