Sites and Subnets

Sites and Subnets

Active Directory allows you to model your physical network topology using sites. This video looks at how to create sites in Active Directory. Creating sites allows you to control how data is replicated in your organization.

Demonstration 04:05

Sites Definition
Microsoft defines a site as a group of well-connected networks.

Advantages of sites
1) Sites automatically direct users to the closest resource.
2) Schedules can be configured that allow the administrator to control when replication will occur.

Site design
Multiple networks can be combined together regardless of which IP address ranges they use. If you have two networks separated by a high speed networking device, you may want to combine these networks together. Usually networks that are separated by a Wide Area Network will be put into different sites. You could also place different networks into different sites for security reasons. For example, if you had a secure network holding your intellectual property separated by a firewall, you may decide to put this network in its own site to reduce the amount of traffic travelling between the networks. Less traffic travelling between the networks means fewer rules that have to be created on the firewall between the networks.

Protect objects from accidental deletion
A lot of objects in Active Directory have the option to protect the object from accidental deletion. The tick box for this will be found in the properties for the object on the object tab. If the option is ticked and an attempt to delete the object or move the object is made, an access denied message will be displayed. To perform either of these actions, the tickbox needs to be cleared first.

Demonstration
To create or change the site configuration, open Active Directory Sites and Services from administrative tools under the start menu.

When you first install Active Directory, a site will be created called Default-First-Site-Name. This site can be renamed to another site, deleted when no longer required, or simply not used.

Under the site container, the Domain Controller/s for that site will be listed. When you promote a server to a Domain Controller, the wizard will look at the IP address of the server and suggest a site in which to put the Domain Controller or you can choose your own. For this reason, the Domain Controller should be put into the correct site when it is promoted assuming the site existed. If you need to physically move the Domain Controller or it has been put into the wrong site, you can move the Domain Controller object to another site at any time.

To create a new site, right click sites and select new site. The network address will then need to be entered (either the IPv4 or IPv6 network address).

Comments

comments