Why is there a "User Manager Group" role created automatically after setting up a Failover Cluster?

Question

Why is there a "User Manager Group" role created automatically after setting up a Failover Cluster?

kedar giri 81

After installing a Windows Failover Cluster and adding the cluster nodes, I noticed that a new role named "User Manager Group" appears under Failover Cluster Roles.

I did not create this role manually, and I am not sure why it was created automatically.

Is this a default role that Windows creates during the cluster setup?

What is its purpose, and is it safe to leave it as is?

Should I make any configuration changes or permissions adjustments for this role?

Environment Details:

Windows Server 2025

User's image

Cluster type: [SQL Server Always-on].

Alex Pixley 0 Reputation points

2025-10-21T18:37:28.64+00:00

According to this link: What is the "User Manager Group" in Azure Stack HCI 22H2 Used For?

The User Manager Group (a Failover Cluster role) enables WAC to manage the cluster from user accounts in Azure AAD.

According to Copilot, "The User Manager Group role is automatically added in some cluster configurations, such as Hyper-V 2025 clusters, but official documentation on its detailed usage is still limited."

The lack of documentation is annoying as it seems like this role is affecting some of the clustered services and I was hoping to read more on how to configure it.

2 answers

Your answer

Alex Pixley 0 Reputation points

2025-10-21T18:37:28.64+00:00

According to this link: What is the "User Manager Group" in Azure Stack HCI 22H2 Used For?

The User Manager Group (a Failover Cluster role) enables WAC to manage the cluster from user accounts in Azure AAD.

According to Copilot, "The User Manager Group role is automatically added in some cluster configurations, such as Hyper-V 2025 clusters, but official documentation on its detailed usage is still limited."

The lack of documentation is annoying as it seems like this role is affecting some of the clustered services and I was hoping to read more on how to configure it.

Answer 1

Dear kedar giri,

We understand your concern, especially since this role was not manually created and appears automatically after adding cluster nodes. Based on current behavior in Windows Server 2025, this role is not part of the standard failover cluster configuration and is not documented as a default system role. It may have been introduced by a third-party application, a management tool, or a background service during cluster setup.

To determine its origin, we recommend checking the role’s associated resources and dependencies within Failover Cluster Manager, and reviewing recent event logs for any automated role creation. If the role is inactive or not linked to critical services, it is generally safe to leave it in place. However, if it’s not serving a known purpose, you may consider disabling or removing it after confirming it’s not required by your environment.

No immediate configuration or permission changes are necessary unless the role is actively impacting cluster operations.

Let me know how it goes, and if this answer helps, feel free to hit “Accept Answer” so others can benefit too 😊 T&B, Harry.

Answer 2

the role we’re talking about has nothing to do with any third party application or service, it’s 100% made in Microsoft, the role is automatically created immediately after creating the cluster, both under domain or in DMZ. Apparently it has to do with the different users’ permissions in cluster’s management, but I have no idea if deleting it could create any issue, or about the advantages of keeping it. But I’m quite completely sure that there is still no Microsoft documentation on this matter.

Share via

Why is there a "User Manager Group" role created automatically after setting up a Failover Cluster?

2 answers

Your answer