The job of configuring and creating sites belongs to
the administrators who manage Active Directory, but those who manage the
network must be well informed and possibly involved in the design.
Whether Active Directory and the network are handled by the same or
different groups, they affect each other, and undesired network
utilization or failed network connectivity might result. For example, if
the Active Directory administrator defines the entire enterprise as a
single site, and several Active Directory changes happen each day,
replication connections would exist across the enterprise, and
replication traffic might be heavy, causing poor network performance for
other networking services. On the other side, if the network
administrator allows only specific ports to communicate between certain
subnets, adding Active Directory might require that additional ports be
opened or involve specific network requirements on the servers at each
location.
For these examples,
the company locations and IP addresses in Table 1 will be used. The company has a hub-and-spoke topology, with
each branch office connected to the main office. The main office has an
IPv4 and an IPv6 subnet.
Table 1. Common Subnet Mask to Prefix Length
| Location | Role | Subnets | WAN Link |
|---|
| Oakland, USA | Main Office | 192.168.3.0/24
2001:db8:1234:5678::/64 | |
| Boston, USA | Branch Office | 192.168.10.0/24 | T3 |
| Paris, France | Branch Office | 192.168.11.0/24 | T1 |
| Tokyo, Japan | Branch Office | 192.168.12.0/24 | T1 |
Creating a Site
When creating a site,
Active Directory and network administrators must decide how often AD
will replicate between sites. They also must share certain information
such as the line speed between the sites and the IP addresses of the
servers that will be replicating. Knowing the line speed helps determine
the correct cost of a site link. For the network administrator, knowing
which IP addresses to expect network traffic from on certain ports is
helpful when troubleshooting or monitoring the network. To create a
site, the AD administrator needs a site name and subnet and also needs
to know which other sites will replicate to the new site.
To create a site, follow these steps:
1. | Launch
Server Manager on a domain controller.
|
2. | |
3. | Expand the
Active Directory Domain Services folder.
|
4. | Expand the Active Directory Sites and Services snap-in.
|
5. | Right-click the Sites container and choose New Site.
|
6. | Type in the name of the site and select any existing
site link, as shown in Figure 1. Then click OK to
create the site.
|
7. | A pop-up
window might appear, stating what tasks still need to be completed to
properly create a site. Read the information, take notes if necessary,
and click OK.
|
Repeat this for each site
that needs to be created. For the sample company, Table 2 lists the sites
that will be created.
Table 2. Company ABC Sites
| Location | Site Name |
|---|
| Oakland, USA | Oakland |
| Boston, USA | Boston |
| Paris, France | Paris |
| Tokyo, Japan | Tokyo |
Creating Site Subnets
After you create a site, it should be listed in the
console window. To complete the site creation process, follow these
steps:
1. | Within
the Active Directory Sites and Services snap-in, right-click the Subnets
container, and choose New Subnet.
|
2. | Type in the address prefix in the Prefix field—for
example, 192.168.3.0/24 for the Oakland site IPv4 subnet.
Note
The address prefix is the
IP address and the mask entered in network prefix notation. This is the
format “IP network address/prefix length.” This is very similar to the
IP address and subnet mask format. Table 3 lists some common subnet masks and their prefix length
values.
Table 3. Common Subnet Mask to Prefix Length| Subnet Mask | Prefix Length |
|---|
| 255.0.0.0 | 8 | | 255.255.0.0 | 16 | | 255.255.255.0 | 24 |
|
3. | Select the appropriate site from the list at the bottom
of the window to associate it with the new subnet.
|
4. | Click OK to create the new subnet.
|
Repeat this for each subnet
in the locations. Table 4
lists the resulting entries for the sample Company ABC.
Table 4. Company ABC Sites and Subnets
| Location | Site Name | Subnets |
|---|
| Oakland, USA | Oakland | 192.168.3.0/24
2001:db8:1234:5678::/64 |
| Boston, USA | Boston | 192.168.10.0/24 |
| Paris, France | Paris | 192.168.11.0/24 |
| Tokyo, Japan | Tokyo | 192.168.12.0/24 |
Adding Domain
Controllers to Sites
If a new domain controller
is added to a forest, it will dynamically join a site with a matching
subnet if the site topology is already configured and subnets have been
previously defined. However, a preexisting domain controller will not
change sites automatically, unlike workstations and member servers. A
domain controller has to be moved manually if the topology changes. If
an existing domain controller is being moved to a new site or the site
topology or replication strategy has changed, you can follow these steps
to move a domain controller to a different site:
1. | Launch
Server Manager on a domain controller.
|
2. | Expand the Roles folder.
|
3. | Expand the Active Directory Domain Services folder.
|
4. | Expand the Active Directory Sites and Services snap-in.
|
5. | Expand the Sites folder.
|
6. | Locate the site that contains the desired domain
controller to move. You can browse the site servers by expanding the
site and selecting the Servers container of the site, as shown in Figure 2.
|
7. | When you locate the desired
server, take note of the source site, right-click the server name, and
choose Move.
|
8. | When a
window opens listing all the sites in the forest, select the destination
site, and click OK to initiate the server move.
|
9. | When the move is complete, verify that the domain
controller has been placed in the correct Servers container of the
desired site.
|
Note
Although you can
manually create replication connections if the desired connections are
not automatically created by the intersite topology generator (ISTG)
within 15 minutes after moving the server, the fact that the automatic
creation did not happen usually indicates a problem with site
configuration and replication.
