Hello Experts,
We are in the process of Active directory modernization where we are upgrading our active directory from 2012 R2 to 2019...part of this exercise is to also find the static IP address that are reaching to the legacy domain controllers before demoting them. The logic behind this is to find the servers which are only reaching out to a single domain controller and update there DNS settings to point to the new 2019 domain controllers...Before doing the demotion we wanted to suppress the DC and check if there are application or services in the environment which are getting effected by it...One way of doing this is to suppress the srv record of the domain controllers but we don't want to do this as we have faced issue with this practice before....The other option that we got to know was about moving the domain controller to an isolated site which will do the replication but will stop the client/server traffic to the domain controller....What we wanted to know was how can we isolate a site and make this happen without firewall or vlan or re-IPing the domain controllers...Please, suggest.