Creating sites(and corresponding site links)and subnets using the AD sites and services console?

Question

I'm currently in the process of planning on deploying a new active directory structure with a single forest,a top level empty root domain and two child domains-which will house two business units. Within each business unit there are six large remote sites that are large enough to have a domain controller. Each large remote site has five subnets. Additionally, there are another twenty-five subnets per business unit that are located in smaller remote sites where no domain controller will be placed. Can someone please explain and offer some recommendations for me to consider what action(s) I must take towards this project? I would gladly appreciate it, thanks.

Answer 1

Setting up AD Sites is a well documented procedure. You've already identified the need for a site (remote site, must be up when WAN link is down), and even the networking components. That's a good part of the way already.

When it comes time to create Sites in Active Directory, that is done through the AD Sites and Service console. Happily the details don't change between Windows 2003 and 2008 domains.

The first step is to define Subnets. This can be done for both IPv4 and IPv6 addresses (chances are good you don't need to worry about v6 yet). Right-click on 'Subnets' and select 'Add new subnet'. Add the network (e.x. 192.168.37.0/24)and the site it belongs to. During initial setup you can add everything to the Default Site, since this can be easily changed later.

Until you install a DC at a remote site you don't want to declare a new Site in AD. Once you have the DC up in the remote site, you can actually set up the site. Right-click on Sites, and select "New Site". The IP transport should be used unless you have a special configuration. Then for each subnet actually at the site, right click on it and go to Properties, and change the site. The DC at that site should figure out it is in a site and reconfigure accordingly.

You want at least one Global Catalog server at each Site, which is also configured from ADS&S. Expand the new Site, expand Servers, and expand the server that will get the GC role. Right-click on NTDS Settings, select Properties, and check the "Global Catalog" box.

Configuring the replication schedule is next, and that will depend on a number of things. The default schedule will replicate between sites every three hours. Once you have more than one site, you will need to figure out if you want to replicate directly between remote sites or if all replication will be done to the home office first before dissemination out to the remotes. I can't give guidance on that since network details have a significant impact, as does the amount of replication traffic that is generated as a part of normal operation. You may want to prevent replication during certain very busy parts of the day, but only analyzing your network traffic will tell you if that's needed.