Site
Creation and Configuration in Active
Directory
The
job of configuring and creating sites belongs to the administrators who manage
Active Directory, but those who manage the network must be well informed and
possibly involved in the design. Whether Active Directory and the network are
handled by the same or different groups, they affect each other, and undesired
network utilization or failed network connectivity might result. For example, if
the Active Directory administrator defines the entire enterprise as a single
site, and several Active Directory changes happen each day, replication
connections would exist across the enterprise, and replication traffic might be
heavy, causing poor network performance for other networking services. On the
other side, if the network administrator allows only specific ports to
communicate between certain subnets, adding Active Directory might require that
additional ports be opened or involve specific network requirements on the
servers at each location.
For
these examples, the company locations and IP addresses in Table 1 will be used.
The company has a hub-and-spoke topology, with each branch office connected to
the main office. The main office has an IPv4 and an IPv6
subnet.
|
Table
1. Common Subnet Mask to Prefix Length
| |||
|
Location
|
Role
|
Subnets
|
WAN
Link
|
|
|
Main
Office
|
192.168.3.0/24
2001:db8:1234:5678::/64
|
|
|
|
Branch
Office
|
192.168.10.0/24
|
T3
|
|
|
Branch
Office
|
192.168.11.0/24
|
T1
|
|
|
Branch
Office
|
192.168.12.0/24
|
T1
|
Creating
a Site
When creating a site,
Active Directory and network administrators must decide how often AD will
replicate between sites. They also must share certain information such as the
line speed between the sites and the IP addresses of the servers that will be
replicating. Knowing the line speed helps determine the correct cost of a site
link. For the network administrator, knowing which IP addresses to expect
network traffic from on certain ports is helpful when troubleshooting or
monitoring the network. To create a site, the AD administrator needs a site name
and subnet and also needs to know which other sites will replicate to the new
site.
To
create a site, follow these steps:
|
1.
|
Launch Server Manager
on a domain controller.
|
|
2.
|
Expand the Roles
folder.
|
|
3.
|
Expand the Active
Directory Domain Services folder.
|
|
4.
|
Expand the Active
Directory Sites and Services snap-in.
|
|
5.
|
Right-click the Sites
container and choose New Site.
|
|
6.
|
Type in the name of
the site and select any existing site link, as shown in Figure 1. Then click OK
to create the site.
Figure 1. Creating a new site.  |
|
|
|
|
7.
|
A pop-up window might
appear, stating what tasks still need to be completed to properly create a site.
Read the information, take notes if necessary, and click
OK.
|
Repeat this for each
site that needs to be created. For the sample company, Table 2 lists the sites
that will be created.
|
Table
2. Company ABC Sites
| |
|
Location
|
Site
Name
|
|
|
Jaipur
|
|
|
Mumbai
|
|
|
|
|
|
|
Creating Site Subnets
After you create a site, it should be listed in the console window. To complete the site creation process, follow these steps:
|
1.
|
Within the Active
Directory Sites and Services snap-in, right-click the Subnets container, and
choose New Subnet.
| ||||||||||
|
2.
|
Type in the address
prefix in the Prefix field—for example, 192.168.3.0/24 for the Jaipur site IPv4
subnet.
Note The address prefix is the IP address and the mask entered in network prefix notation. This is the format “IP network address/prefix length.” This is very similar to the IP address and subnet mask format. Table 3 lists some common subnet masks and their prefix length values.
| ||||||||||
|
3.
|
Select the
appropriate site from the list at the bottom of the window to associate it with
the new subnet.
| ||||||||||
|
4.
|
Click OK to create
the new subnet.
| ||||||||||
Repeat this for each
subnet in the locations. Table 4 lists the resulting entries for the sample
Company ABC.
|
Table
4.
Company ABC Sites and Subnets
| ||
|
Location
|
Site
Name
|
Subnets
|
|
|
Jaipur
|
192.168.3.0/24
2001:db8:1234:5678::/64
|
|
|
Mumbai
|
192.168.10.0/24
|
|
|
|
192.168.11.0/24
|
|
|
|
192.168.12.0/24
|
Adding Domain Controllers
to Sites
If a new domain
controller is added to a forest, it will dynamically join a site with a matching
subnet if the site topology is already configured and subnets have been
previously defined. However, a preexisting domain controller will not change
sites automatically, controller will not change
sites
automatically, unlike workstations and member servers. A domain controller has
to be moved manually if the topology changes. If an existing domain controller
is being moved to a new site or the site topology or replication strategy has
changed, you can follow these steps to move a domain controller to a different
site:
|
1.
|
Launch Server Manager
on a domain controller.
|
|
2.
|
Expand the Roles
folder.
|
|
3.
|
Expand the Active
Directory Domain Services folder.
|
|
4.
|
Expand the Active
Directory Sites and Services snap-in.
|
|
5.
|
Expand the Sites
folder.
|
|
6.
|
Locate the site that
contains the desired domain controller to move. You can browse the site servers
by expanding the site and selecting the Servers container of the site, as shown
in Figure 2.
Figure 2. Browsing for site servers.  |
|
7.
|
When you locate the
desired server, take note of the source site, right-click the server name, and
choose Move.
|
|
8.
|
When a window opens
listing all the sites in the forest, select the destination site, and click OK
to initiate the server move.
|
|
9.
|
When the move is
complete, verify that the domain controller has been placed in the correct
Servers container of the desired site.
|
No comments:
Post a Comment