DistributedNetworks DistributedNetworks


Active Directory  «Prev  Next»
Lesson 1

Sites and Domain Controllers Location

Introduction to the physical structure of Active Directory

The physical structure of Active Directory refers to the use of sites and location of domain controllers, which are used to manage network traffic and conserve bandwidth. The way you structure Active Directory physically determines where and when logon authentication traffic and directory replication traffic will occur. This can have a profound effect on the performance of the network. As you know, the physical structure is completely separate from the logical structure of the directory, which consists of domains, trees, and forests organized on your network.
By the end of this module, you will be able to:
  1. Define sites and site links
  2. List reasons for creating Active Directory sites
  3. Recognize the effect of replication traffic on a slow link
  4. Define the relationship between sites and subnets
  5. Define the replication components and the purpose of each
  6. List two ways to create connection objects
  7. Define the difference between intrasite and intersite replication
  8. List the characteristics of site link costs
  9. Monitor replication traffic
In the next lesson, we will start by discussing replication and the physical structure of Active Directory.

Active Directory

Site Topology


Separate Physical Network topology from Logical Active Directory Design

Active Directory sites allow you to separate your physical network topology from your logical Active Directory design. This lets you configure domains and forests according to your administrative and security requirements, without being restricted by geography or bandwidth limitations. You can deploy a single domain in a single site, multiple domains in a single site, or a single domain that spans multiple physical locations.
Once you have created your logical Active Directory structure, you will then configure sites to control how replication takes place on your network. Active Directory uses sites and site links[1] to figure out the most efficient path to replicate data to all of the domain controllers and Global Catalog servers that need to receive updates, so it is critical to the performance of your network that you design your site topology correctly.
You will also use sites to control how your clients log on to your network: AD will use site information to pick the closest domain controller to any client that’s logging on to the domain. This will allow your clients to authenticate against a domain controller in the same subnet, rather than going across a slow or expensive WAN link in order to log onto Active Directory. There are also other Active Directory aware applications that will use site information to direct clients to servers that are located physically close to the client requesting the resource.
You will configure sites and subnets using the Active Directory Sites & Services MMC snap-in. When a client logs on to your domain, Active Directory will automatically figure out which site it needs to belong to based on its IP address and subnet mask. Site information for your domain controllers gets determined by the machine’s location within Active Directory. When you first install Active Directory, your new domain controller gets placed into a new site called (imaginatively enough) Default-First-Site. (You can rename this just by right-clicking the site and selecting Rename.) Until you create additional sites, every domain controller you install will be placed into this default site, regardless of its location.
Within each site, you will configure one or more subnets to correspond with the physical addressing scheme of your network. It’s important to configure subnet objects correctly so that your clients will contact the appropriate domain controllers, since clients will first attempt to contact a DC within the same subnet for authentication.
[1]Site links: A relationship between two sites that allows replication to occur.|||