In our office we currently have two servers running Windows Server 2008 R2 that run as Active Directory Domain Controllers. One is a physical, and one is a Hyper-V virtual server.
I have transferred all the FSMO roles to the physical server, and assumed that server would take care of all the user logons. However it seems that about half get logged in using physical and half get logged in using the virtual.
I'd prefer if users only could log in through the physical machine.
Is this as easy as stopping the NETLOGON service on the virtual server?
Could this have any negative side effects?