Question : Two domain controllers - Only one logon server

In our office we currently have two servers running Windows Server 2008 R2 that run as Active Directory Domain Controllers. One is a physical, and one is a Hyper-V virtual server.

I have transferred all the FSMO roles to the physical server, and assumed that server would take care of all the user logons. However it seems that about half get logged in using physical and half get logged in using the virtual.

I'd prefer if users only could log in through the physical machine.
Is this as easy as stopping the NETLOGON service on the virtual server?
Could this have any negative side effects?

Thanks,
Jamie

Answer : Two domain controllers - Only one logon server

If you stop the logon service it will stop it authenticated. However, it will also stop recplication between the domain controllers, so it will get out of sync and will be no good when you wan to use it as a backup.

the other option is to put it on a seperate subnet and then configure AD Sites and Services to sync between the 2 subnets. This way the computers will not us it to logon to as it is not on the local subnet.

Random Solutions

PHP.ini file 'display_errors' is set to Off but errors still appear on page?

Thunderbird slow to download

unable to scan with my HP Photosmart All-in-one printer

Getting the Windows.MessageBox handle

How to reset the sametime password for a single user

Equipment for home MPLS test lab?

"outlook.ost cannot be accessed because it has been configured for usw with a different mailbox"

Repeater Enable/Disable RequiredFieldValidator depending a textbox

External Monintor won't work w/ Toshiba laptop; it USED to; fn (f5) doesn't "stick"

ORACLE SQL similarity with SQL Server