Active Directory Sites

1
Chapter 7

• Active Directory Sites

2
Objectives

• Describe the role of sites in Active Directory
  and understand how they represent the physical
  structure of a network
• Describe the objects and components of Active
  Directory that relate to sites

3
Objectives (continued)

• Understand how to plan for the implementation of
  sites in Active Directory and consider how the
  topology of your network will affect your design
• Understand how to create a site and related
  objectsincluding subnets, site links, and site
  link bridgesusing the appropriate administrative
  tools and management consoles

4
Understanding Sites

• A site is one or more Internet Protocol (IP)
  subnets that are well connected
• A site represents a single physical area
• Well connected refers to a local area network
  (LAN) environment connected at high speeds

5
Understanding Sites (continued)

• The site object in Active Directory is sometimes
  called the logical description of the
  physical network

6
Active Directory Objects Related To Sites

• The Configuration naming context (NC) contains
  information about domain controllers (DCs),
  domains, and sites
• Replicates to all DCs and sites in a forest
• Used to construct the replication objects
• The Schema NC contains descriptions of the
  objects in Active Directory
• Replicates to all DCs in a forest

7
Active Directory Objects Related To Sites
(continued)

• The Domain NC contains specific Active Directory
  information for a domain
• Replicates only to DCs in a particular domain
• The site object serves to localize client traffic
  within a defined part of your network

8
Active Directory Objects Related To Sites
(continued)

• A subnet object simply tells Active Directory
  which IP addresses are in a subnet
• Domain controllers are automatically placed into
  sites when they join the Active Directory domain,
  preferentially by IP subnet membership

9
LDAP Listing
10
Active Directory Schema Tool
11
The ADSI Edit Tool
12
A Simple Site
13
Basic DC/Site Functionality
14
Bridgehead Servers

• Windows NT 4.0 domains use single master
  replication
• The primary domain controller (PDC) contains the
  read/write copy of the directory database
• Backup domain controllers (BDCs) have read-only
  copies of the same database
• All changes are made at the PDC and replicated to
  the BDCs

15
Bridgehead Servers (continued)

• Active Directory uses designated DCs, called
  bridgehead servers, that function as the single
  point of contact for all replication information
  from the parent domain
• Manually selected bridgehead servers are called
  Preferred Bridgehead Servers (PBSs)

16
Bridgehead Servers (continued)

• A bridgehead server is automatically selected by
  two components the Inter-Site Topology Generator
  (ISTG) and the Knowledge Consistency Checker
  (KCC)
• The KCC dynamically determines replication paths
  for DCs in a site
• The ISTG optimizes the replication links between
  sites
• The implementation of a PBS causes the KCC to
  stop its bridgehead server selection process
• The KCC will manage selections that it has made

17
Typical Windows NT 4.0 Domain Environment
18
Additional BDCs at a Remote Location
19
Bridgehead Server Functionality
20
Connection Objects

• Provide a representation of the connection
  between two or more DCs within a site or between
  two sites
• Used for regulating and controlling Active
  Directory replication
• The KCC and ISTG will not optimize any connection
  objects created using a manual process
• Connection objects are unidirectional (one-way)

21
NTDS Settings
22
Global Catalog

• Provide clients with a means for locating Active
  Directory resources that are outside of the
  domain
• GC servers contain a subset of information from
  every object in the entire forest
• A client uses a GC server from its own site

23
Planning and Designing Sites

• Physical networks have three things in common
• A point of transmission
• A transmission medium
• A point of reception
• A diagram of physical network infrastructure
  should include
• Cable types
• Approximate paths of cable routing
• Server maps with detailed information about each
  server
• Peripheral devices
• Wide area network (WAN) connections
• The number of users and computers located at each
  location
• Any nonstandard implementations

24
Site Topology

• A site link is the logical link that connects two
  LAN networks
• Several parameters are associated with site links
• Cost
• Replication schedule
• Replication interval
• Transport protocol used for intersite replication
• Site link bridges are used when normal
  connectivity is not available between sites
• Transitive connections means that all site
  links are visible to each other

25
Site Link Costs
26
Site Link Bridges
27
Additional Site Link Bridges
28
Creating and Managing Sites

• Several ways to create and manage sites
• Active Directory Sites and Services Console
• Manage Your Server page
• Active Directory Services Interface (ADSI) Edit
• The placement of DCs occurs automatically during
  the Active Directory installation process
• Clients are placed into Active Directory sites
  according to their subnet membership
• Rename the IP subnet that contains the forest
  root DC

29
The Manage Your Server Tool
30
Starting ADSI Edit
31
Chapter Summary

• Active Directory sites are composed of one or
  more well-connected subnets
• The object connecting two or more sites is called
  a site link
• A site link bridge defines the path that will be
  followed by replication traffic through a number
  of sites
• Bridgehead servers are dedicated DCs that serve
  as a point of contact from one site to another

32
Chapter Summary (continued)

• DCs are placed into the appropriate site based on
  their IP addresses and can be moved later by an
  administrator
• Client computers are placed into sites based on
  their IP addresses each time they start
• Sites may be created in Active Directory using
  the Active Directory Sites and Services snap-in,
  the Manage Your Server tool, or the ADSI Edit tool