I recently added a 2008 server to an existing 2003 domain. The 08 machine is DC and global catalog. However, it seems like (and makes sense that) when I make changes to policy on the 08 machine, it is propogating to the 03 machine and the clients after gpupdate report that the policy is coming from the 03 machine. This leads me to believe that there is something else that is defining the 03 machine as the master...
I would like the 08 machine to be the primary and 03 to be the backup. Is there a procedure I need to follow to make this happen? What are the caveats (if any)? And are there any features of 08 that I should look into taking advantage of?
Thanks,
There are no "primary" or "secondary" domain controllers in Active Directory.
You shouldn't really be worried about which server is performing authentication or suppling Group Policy to clients. The servers are equal replicas so the functionality is the same. You could tweak preference values on the SRV RR's for the DC's in DNS if you really wanted to, but you'd need a compelling reason to do so.
Why do you care which machine clients are using for Group Policy refresh?