What is File Share Witness feature in Windows Server 2019

When a high-demanded service or website is hosted on a Server, they are usually designed such that there are multiple balancing nodes. These nodes make sure that when one node fails, there are other nodes which can take care. In case of Windows Server 2019/2016, the node balancing works through a quorum system. In this guide, we will talk about the Windows File Share Witness feature.

File Share Witness & Quorum system

A quorum system is a vote based system where a number of notes should be present to make sure they work in case of failure. Sometimes, the voting system comes to halt when there is “even number” of total votes. The point of voting is simple. It makes sure that nodes are not overloaded. Introducing a File Share Witness act as a tiebreaker. It can provide an additional quorum vote when necessary. This makes sure that a cluster continues to run in the event of a site outage.

Majority Voting for FWS

So if you have four nodes which are balanced in a 2-2 format, and if one of the nodes fail, other 2 nodes should be able to balance it. However, with 2-2 format, it gets stuck. If IT admins can deploy a File Share Witness which can add a vote to 2 of those existing nodes, a quorum will be reached, and nodes can take care of everything. Read more about Legacy & Modern FSW here.

What is File Share Witness feature in Windows 2019/2016

One of the key requirement for FSW to work is that it should be part is that it must be domain joined and a part of the same forest. This criterion was important because the failover Cluster utilizes Kerberos for the Cluster Name Object (CNO) to connect and authenticate the share. This sometimes might not be possible because of several reasons including

  • Poor internet connection.
  • The domain controller is not available.
  • No active directory CNO object
  • and lastly no shared drives for a disk witness.

Keeping these scenarios in mind, Microsft added a feature in Windows 2019 which quorum system work even when it’s not part of a domain. This was possible by using a local user account on the server the FSW is connected to.

IT admins can create a local (not administrative) user account, give that local account full rights to the share, connect the cluster to the share. Here are the steps:

  • Log on to SERVER and create a local user account (i.e. FSW-ACCT)
  • Create a folder on the SERVER and share it out
  • Give the local user account (FSW-ACCT) full rights to the share
  • Log in to one of your cluster nodes and run the PowerShell command:

    Set-ClusterQuorum -FileShareWitness \\SERVER\SHARE -Credential $(Get-Credential)

  • You will be prompted for the account and password for which you should enter SERVER\FSW-ACCT and the password.

File Share Witness

Further, if there is no extra server available, a USB drive connected to a router works as well. Once connected, you can set up your share name, username, and password for access. This works with SMB 2.0 and above.

You can read more about File Share Witness feature on MSDN.

Download this VPN to secure all your Windows devices and browse anonymously
Posted by on , in Category Windows with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

Leave a Reply

Your email address will not be published. Required fields are marked *


5 + 3 =