WBC2013
asked on
Stop specific AD server processing logons
I have 5 domain controllers:
3 x Windows Server 2008
2 x Windows Server 2003
The FSMO roles are split between the 2008 servers.
How can I safely ensure the three 2008 servers take priority over the 2003 servers for processing logons?
I could just demote and decommission the 2003 servers but we rely on them for DNS as various systems still point to them.
A google search showed that someone disabled the netlogon service to achieve this and others disabled the Active Directory services. But I still need them to function as DNS servers and our zones are AD-integrated.
3 x Windows Server 2008
2 x Windows Server 2003
The FSMO roles are split between the 2008 servers.
How can I safely ensure the three 2008 servers take priority over the 2003 servers for processing logons?
I could just demote and decommission the 2003 servers but we rely on them for DNS as various systems still point to them.
A google search showed that someone disabled the netlogon service to achieve this and others disabled the Active Directory services. But I still need them to function as DNS servers and our zones are AD-integrated.
ASKER
I've increased the priority values for 1 on the SRV records for the older servers.
To test this I've logged on and off 10 times and only once did I get an older server processing the request.
Does anyone have experience of doing this a better way? (We only have 1 AD site and subnet)
To test this I've logged on and off 10 times and only once did I get an older server processing the request.
Does anyone have experience of doing this a better way? (We only have 1 AD site and subnet)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
https://www.experts-exchange.com/questions/21661187/Preferred-logon-domain-controller-in-windows-2000.html