Ran into an interesting problem with a colleague. He was trying to form a basic Hyper-V cluster on Windows Server 2012 R2, but kept getting the following error:
Event ID: 1570 Source: Microsoft-Windows-FailoverClustering Event Details: Node 'Host1' failed to establish a communication session while joining the cluster. This is due to an authentication failure. Please verify that the nodes are running compatible versions of the cluster service software.
We verified DNS settings, disjoined and rejoined Active Directory, verified the host’s computer account was valid, time sync with the domain was good, rights of his account to form the cluster were sufficient, validated the nodes for clustering, and more.
At that point, we began looking at GPO policy settings like “Access this computer from the network”, and noticed that Authenticated Users was not in there. Simply adding Authenticated Users and refreshing the GPO on the cluster nodes resolved the issue.
Be careful making changes to these types of settings. While Authenticated Users may seem like a group you would want to remove from a policy like that, it’ll often cause problems down the road.