Hi All
I work for an international airline with domain controllers spread throughout the globe. We have multiple domains but have an issue on our Windows 2003 domain. This domain has a functional level of Windows 2003 and has a Windows 2003 PDC role holder but also contains Windows 2008 DC's. Currently due to application specifics we want to exclude the Windows 2003 DC from being queried for logon requests but for it to remain as a domain controller for the time being. I've been having a look at increasing the priority and reducing the weight count for the DNS records that relate to this particular 2003 server and how it advertises its Active Directory services.
My understanding with the logon process is that it queries the _tcp.domain container for the ldap srv records of all domain controllers and attempts an ldap bind to all and waits for the first domain controller to respond before being sent off to the _sites.domain containers to find the site ldap srv record specific to its site dependent on its IP Address. If this is correct would that mean I only need to change the priorty and weight for the ldap record in these two containers to stop the server from offering logon services?
The link below seems to indicate I need to change it in all areas but this does not make sense to me
http://blog.axiomdynamics.com/2010/01/how-to-change-srv-records-priorities.html
Can anyone shed any light?