Using Active Directory Sites

Much of the discussion related to the Active Directory Domain Services thus far (in this hour and Hour 8) has revolved around the Active Directory’s logical hierarchy (domains, OUs, and so on). Sites, on the other hand, are physical entities (having an actual physical location) and help to determine your network’s physical topology.

When creating regional (child) domains in your root domain, each regional domain is placed in a site. Each site operates at least one domain controller for the regional domain (which branches off the root domain or forest in the Active Directory hierarchy). This allows for intersite replication between the various domain controllers in the tree.

Sites, which are Active Directory schema objects (and so contained in the Active Directory), also typically represent IP subnets that are connected by LAN or WAN connections (meaning reliable, high-speed connections). So, in a nutshell, an Active Directory site is typically a physical location on the network that represents a schema container for a regional domain, and the site is also typically one or more IP subnets. IP subnetting is covered in Hour 7, “Working with the TCP/IP Network Protocol.”

Because you will have a map (meaning an actual diagram) of your domain hierarchy before you bring your regional domains online, it actually makes sense to begin setting up your network’s site structure immediately after creating the forest for the domain. When you create regional domains, you must specify the site in which the domain will reside during the domain creation process.

By the Way

Creating the sites before adding the regional domains allows you to place each regional (child) domain in the appropriate site up front. You won’t have to go back and change the site assignments after the fact.

Using sites as a way to structure both the regional domain locations and your IP subnets not only helps to keep local IP traffic on the subnet but it also allows you to determine how intersite replication will take place, which conserves bandwidth on the LAN or WAN connections between the different sites. Because it makes sense to have a domain controller within a site so that users on that subnet can log on using a local (to the site) domain controller, using regional domains with unique physical sites enables you to get the most out of your network bandwidth (particularly since you control the replication of the Active Directory database between the domain controllers in these sites).

By the Way

Hour 8, also discusses the use of sites in conjunction with regional domains, in the section “Adding a Regional (Child) Domain.”

Creating a Site

Sites are created using the Active Directory Sites and Services snap-in. You can access the Active Directory Sites and Services snap-in in the MMC (select Start, Administrative Tools, Active Directory Sites and Services) or in the Server Manager node tree. To create a new site, follow these steps:

1. Right-click the Sites folder and then select New Site. The New Object – Site dialog box opens (see Figure 9.8).

Figure 9.8. The New Object – Site dialog box.

2. Type a name for the new site. You must also select a site link object for this site. By default, there is only the DEFAULTIPSITELINK object. This object type is stored in the Active Directory (and is part of the schema). After you supply the site name and select the site link object, click OK.

3. A message box appears, letting you know that the new site has been created. A list of tasks that need to be performed related to the site, such as linking the site to other sites and adding a subnet or subnets to the new subnet container, is also provided. Click OK to close the information box.

By the Way

By default, you are provided with a site named the Default-First-Site-Name. You can rename this site and use it as one of your sites. Right-click the site icon and select Rename. Then you can type a new name for the site.

Configuring a Site

To configure a site, you must associate a subnet (or subnets) to the site and connect the site to other sites, using an Active Directory connection (this takes care of replication between the sites). To associate a subnet to the site, follow these steps:

1. Right-click the Subnets folder in the snap-in tree and select New Subnet. The New Object – Subnet dialog box appears (see Figure 9.9).

Figure 9.9. Associate a subnet with a site.

2. In the prefix box, enter the network ID (or address) for the subnet followed by the prefix. The prefix is the number of bits used to create the subnet, plus the network ID bits. The prefix can be converted to the subnet mask used for the subnet. The information entered in the prefix box can be in the IPV4 notation or the IPv6 notation (depending on whether the site uses IPv4 or IPv6). Figure 9.9 shows a Class B subnet with a 19-bit prefix, which would convert to the subnet mask

By the Way

IPv4 subnetting and working with IP addresses, subnet masks, and IPv6 notation are discussed in Hour 7.

3. In the Select a Site Object for This Prefix box, select the site that is to be associated with this subnet. Click OK. The new subnet appears in the Subnets folder, as shown in Figure 9.10.

Figure 9.10. New subnets and sites appear in the Active Directory Sites and Services snap-in tree.

[View full size image]

For replication to occur between the sites in your network, you must create a site link between the sites. The steps that follow walk you through the creation of a site link.

1. Click the Inter-Site Transports folder in the Active Directory Sites and Services tree. To create an IP link, right-click the IP folder in the snap-in Details pane and click New Site Link. The New Object – Site Link dialog box opens (see Figure 9.11).

Figure 9.11. The New Object – Site Link dialog box.

2. Enter a name for the site link. Then add two or more sites to the site in this site link box on the left of the dialog box (select the site and then click Add). When you have entered the information required, click OK. The new site link is stored in the IP folder (or the SMTP folder, if you created the new site link in that protocol container).

By the Way

You can also create site links using the SMTP protocol. However, this requires that you have an Enterprise Certificate Authority server available and that SMTP has been installed on all domain controllers that use the link. Typically your site links are of the IP variety.

3. You can also add sites to an existing site link. Right-click the site link icon and select Properties. Make sure that the General tab is selected.

4. Select the site names listed and then add them to the site link as needed, using the Add button. Click OK when you have finished adding sites to the site link.

