Active Directory Physical Design

1
Active Directory Physical Design

• Chapter Six

2
Creating a Site

• Sites are collections of computers that are
  connected via a high-speed network
• Commonly understood to refer to local area
  network (LAN) environment
• Made up of one or more well-connected IP subnets
• gt 512kbps available bandwidth according to
  Microsoft
• Computers within a site are considered to be
  well-connected (constant high-speed connectivity)
• The first site is created automatically
  (Default-First-Site-Name) All servers are
  placed in this site

3
Creating a Site

• Open the AD Sites and Services snap-in

4
Creating a Site

• New Object-Site screen - enter the name of the
  remote site and select the site link

5
(No Transcript)
6
(No Transcript)
7
Creating a Subnet

• Required configuration steps
• Must create at least one subnet per site
• Can not have a subnet associated with more than
  one site

8
Creating a Site

• Add subnets - use AD Sites and Services snap-in

9
Creating a Site

• Subnet properties

10
Creating a Site

• View sites in the subnets folder
• Only can use a particular subnet in one site.
• You can have multiple sites in one subnet.
• Allow client computer to determine in which site
  it is located
• Faster authentication and access to resources, if
  it can locate the closest domain controller
• Compare IP address and subnet mask to subnets in
  Active Directory

11
Creating a Site Link

• Site links are low-bandwidth connections between
  sites
• Administrator creates these
• Connection objects represent inbound replication
• Represent fact that physical connection exists
  between two or more sites
• DEFAULTIPSITELINK
• Automatically created when first DC promoted
• Several parameters
• Control replication
• Control how clients and servers determine closest
  site

12
Creating a Site Link
13
Creating a Site Link

• Name the site link
• Must have at least two sites
• Default cost 100
• Higher cost slower WAN link
• Replicate every -gt frequency of replication
• Schedule -gt when replication can occur

14
Creating a Site Link

• Site links have four important properties
• Name
• Cost
• Transport
• Schedule

15
Schedule
16
Creating a Site Link

• Select the desired transport
• Synchronous RPC over IP (reliable)
• Asynchronous SMTP (store and forward, unreliable)
• Creates a link between sites
• Site links are transitive unless you uncheck
  Bridge All Sites

17
(No Transcript)
18
Creating a Site Link Bridge

• Once site links are created, they are
  automatically bridged, that means a transitive
  replication link is generated across all sites
  that are linked.
• Alternatively, you need to specify site link
  bridges when not a fully connected network no
  direct connection between each site. Uncheck
  bridge all site links (IP or SMTP Properties).

Combine Two or More Site Links
19
Domain Controllers

• Windows server computer
• Maintains copy of domain database
• Used for authentication
• Placed in sites by IP address

20
Moving DCs Between Sites
21
Moving DCs Between Sites

• The new site location

22
Functions of Global Catalog Servers

• GCs maintain a subset of the directory
  information from each domain in the domain forest
• GCs are required for logon in a native-mode
  multidomain environment
• Check universal group membership
• Authenticate based on UPN name (jthompson_at_pbcc.edu
  )

23
Creating Global Catalog Servers
Set Global Catalog Server Properties of NTDS
Settings
24
Domain Controllers and Global Catalog Servers
Placement

• Every domain in forest
• Should have at least two domain controllers
• Provides redundancy for authentication
• Can be in different sites
• May be necessary to collect performance
  statistics to determine how many domain
  controllers are needed at site
• Global Catalog Servers
• Index and partial replica of objects and
  attributes
• Most frequently used throughout entire Active
  Directory structure
• Designate global catalog server
• At least one domain controller per site