Exchange Troubleshooting: Permission issue while adding members in database availability group

Issue

Permission issue while adding Exchange members in database available group

Symptoms

Exchange DAG was throwing permission and cluster API errors when try to add new mailbox servers as members

Error

A database availability group administrative operation failed. Error: The operation failed. CreateCluster errors may result from incorrectly configured static addresses. Error: An error occurred while attempting a cluster operation. Error: Cluster API '"CreateCluster() failed with 0x5. Error: Access is denied"' failed.  

 An Active Manager operation failed. Error An error occurred while attempting a cluster operation. Error: Cluster API '"CreateCluster() failed with 0x5. Error: Access is denied"' failed..  

DAG Task logs:-  [2014-01-17T11:02:13] The operation wasn't successful because an error was encountered. You may find more details in log file "C:\ExchangeSetupLogs\DagTasks\dagtask_2014-01-17_11-02-11.454_add-databaseavailabiltygroupserver.log".

[2014-01-17T11:02:13] WriteError! Exception = Microsoft.Exchange.Cluster.Replay.DagTaskOperationFailedException: A database availability group administrative operation failed. Error: The operation failed. CreateCluster errors may result from incorrectly configured static addresses. Error: An error occurred while attempting a cluster operation. Error: Cluster API '"CreateCluster() failed with 0x5. Error: Access is denied"' failed. ---> Microsoft.Exchange.Cluster.Replay.AmClusterApiException: An Active Manager operation failed. Error An error occurred while attempting a cluster operation. Error: Cluster API '"CreateCluster() failed with 0x5. Error: Access is denied"' failed.. ---> System.ComponentModel.Win32Exception: Access is denied

Fix

Issue was fixed after applying read permission to local service account on securepipeline registry.

Hkey_Local_Machine - System- SecurePipeServers- Winreg- Select properties and add local service and select read permission.