Hello folks, we've been working on Active Directory logically for a long time.
You see your test/virtual environment is working as intented, however, deploying it into the real scenario is another story: you must take care on the bandwidth, wire connection types, machine placements, etc.
And, remember that the domain environment needs collaborations, and AD replications must be prioritized.
Fortunately, we don't have to invest in infrastructure intensively, just use your brain to form a good structure to see physical restricts were yesterday!
[00:10] So, today, we will switch to a physical perspective of AD: Sites.
[00:12] If the domain (logical) help you in organizing objects, publishing resources and info about domain objects, applying GPO objects, etc.
Sites, on another hand, it helps above functions work more efficient.
Because you can define the physical structure/topology of your network through it, so the shortest path, the nearest DC, etc. can be looked up in an easy way.
[00:18] So processes like replications, authentications, Active Directory-enabled services can work safe and sound without worry about network congestions (especially in slow WAN connections).
See more benefits of Sites:
Let's see how to control AD sites basically: rename, create subnets, etc.
[00:27] Open Active Directory Sites and Services
[00:34] We can rename the default site.
A site represents a building or a campus network, so let's name it according to that.
Keep in mind that the Site model depends on your scenario: I choose a building as a Site, you may see its good to take a group of your company's branches in a city as a Site.
[01:00] Let create subnets: 10.0.0/24 and 10.0.1.0/24 in the HEADQUARTERS site object.
You have subnets to have granular partitions.
It's child unit is the subnet, you can force to group clients whose IP address belong to the IP subnet (clients that work on the same floor of a corp tower, for example).
[02:13] Now, we are…
[02:15] Splitting your domain into physical sites is recommended, a best practice to utilize local LAN high-speed as well as WAN low-speed connections, reduce latencies, unnecessary single-point overloads.
Though the single site has its advantages, the model depends on your network, take a look at this document to learn more: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc728275(v=ws.10)
We are dividing up our network using Sites, then connect them with Links so that we can define their relationships in the replication explicitly.
Networks usually consist of a set of local area networks (LANs) that are connected by WANs. In AD DS, site link objects represent the WAN connections between sites.
[02:22] Let's create HQ-BUILDING-2 with the DEFAULTIPSITELINK site link.
[02:28] That's just the very first step, there is a bunch of options needs to be configured: links, subnets, Domain Controllers, etc. before the Site model can show its value.
Let's assume that the Domain Controller SNOOPY-SERVER-2 resides in a building thousand miles away from HEADQUARTERS tower and its partner SNOOPY-SERVER.
So it should belong to the site HQ-BUILDING-2.
Move SNOOPY-SERVER-2 server into HQ-BUILDING-2 site.
Now, you just need to define subnets, bind them to appropriate Sites to see clients of a subnet will try to connect each other, and the specified servers, firstly.
[03:11] You may see this kind of grouping is similar to the domain.
Remember that, this is about physical perspective, your domain structure remains the same; replications/bandwidth utilization are the key differences.
This is a very first episode about AD Site and Replication, make sure you do follow demonstrations all the time to see its real applications.
Wait for the next parts to see its role in our Active Directory domain network!