Configuring Active Directory Sites and Subnets

We’ll look at two key components of the Active Directory infrastructure in this article: sites and subnets. Sites in ADDS are used to group domain controllers and clients into containers that display your corporate network’s physical topology. WAN traffic between firm branches in different cities/countries can be optimised using sites. Clients can quickly discover the Active Directory domain controller closest to them by binding multiple TCP/IP subnets to each site. An AD site is a collection of IP subnets connected by high-speed network cables and used to manage Active Directory replication traffic. As a result, a single site may contain many IP address zones. The network/bitmask format is used to specify IP subnets, such as 192.168.19.0/24.

When you construct the first Active Directory domain controller in your domain, a site named Default-First-Site-Name is created by default. By default, the new DC, as well as all previous DCs, are placed in this site. Let’s say your company has a headquarters and two branches in different cities. It’s your job to set up the proper AD site and subnet architecture.

Use the Active Directory Sites and Services snap-in to manage AD sites and subnets (dssite.msc). There is only one Default-First-Site-Name site in the terminal by default. It should be renamed HQ.

Hint. You can rename the site using PowerShell:

Get-ADReplicationSite Default-First-Site-Name | Rename-ADObject -NewName NewSiteName

Now create 2 new sites:

  • Toronto
  • Vancouver

Click on Sites > New Site.

Specify the site name, select link name (the default is DEFAULTSITELINK with IP transport) and click OK. Create another site.

You must now construct IP subnets and associate them with the proper AD site. The Subnets section contains a list of IP subnets that is empty by default.

Create a new subnet: Subnets -> New Subnet.

Specify the IPv4 subnet and subnet mask in the format 192.168.1.0/24 and bind it to the desired AD site.

Create and map all other IP subnets in your organisation to Active Directory sites in the same way.

You can create a subnet and add it to an AD site using PowerShell:

New-ADReplicationSubnet -Name “192.168.100.0/24” -Site "HQ"

To display all IP subnets, run the command:

Get-ADReplicationSubnet -Filter *

Additional domain controllers can be installed in new sites once you’ve created sites and subnets. When you add a new domain controller, it is automatically added to the site where the domain controller’s IP subnet is bound. If a site is not allocated to a domain controller’s subnet, it will be placed in a site that allowed the server’s promotion to a domain controller by default.

Site links are used to communicate between pages on the internet. A site link connects two or more AD sites and follows the topology of the physical connections between them. If all three of your sites can be immediately linked to each other, for example, make a single site link that contains all three.

In the Inter-Site Transports > IP part of the same panel, you can administer the site with links. We only have one connection named DEFAULTSITELINK by default, with three locations and a replication schedule of every three hours.

Leave a Reply

Your email address will not be published. Required fields are marked *




Enter Captcha Here :