1

Configuring Sites• Configuring Site Settings• Configuring Inter-Site Replication• Troubleshooting Replication• Maintaining Server Settings

2

Configuring Site Settings• Configuring Site Settings• Sites• Subnets• Site Links• Site Licensing• Practice: Configuring a Site

3

Overview of Configuring Site Settings• Create a site.• Associate a subnet with the site.• Connect the site using site links.• Select a site license server.

4

Site Definitions• Sites define sets of domain controllers that are well

connected in terms of speed and cost.• A site is equivalent to a set of one or more IP subnets.• An object named Default-First-Site-Name is created in

the Sites container when Active Directory is installed.• It is necessary to install the first domain controller into

Default-First-Site-Name.• You can rename Default-First-Site-Name to this site’s

name.

5

Sites and Replication• Domain controllers in the same site replicate on the

basis of notification.• Replication within sites occurs as needed rather than as

scheduled.• Replication between sites occurs according to a

schedule.

6

New Object-Site Dialog Box

7

Subnets• Computers on TCP/IP networks are assigned to sites

based on their location in a subnet or a set of subnets.• Subnets group computers in a way that identifies their

feasible physical proximity on the network.• Subnet information is used to find a domain controller in

the same site as the computer that is authenticated during logon.

• Subnet information is used during Active Directory replication to determine the best routes between domain controllers.

8

New Object-Subnet Dialog Box

9

Properties Dialog Box for a Subnet

10

Site Link Overview• A site link must be established for replication to occur.• Site links are not generated automatically; they must be created

in Active Directory Sites and Services.• Each site link contains the schedule that determines when

replication can occur between the sites that it connects.• The Active Directory Sites and Services console guarantees that

every site is placed in at least one site link.• A site link can contain more than two sites; all the sites are

equally well connected.• Active Directory Installation Wizard automatically creates an

object named DEFAULTIPSITELINK in the IP container.• Rename the DEFAULTIPSITELINK object to the name you want to

use for the site link.

11

IP Replication• Uses RPCs for replication over site links (inter-site) and

within a site (intra-site).• Inter-site replication adheres to replication schedules;

Active Directory can be configured to ignore these schedules.

• Does not require a CA.

12

SMTP Replication• Used for inter-site replication only, not for intra-site

replication.• Asynchronous.• Typically ignores all schedules.• When using SMTP, the process must be completed by

installing and configuring a certification authority (CA).• The CA signs SMTP messages that are exchanged

between domain controllers, ensuring the authenticity of directory updates.

13

New Object-Site Link Dialog Box

14

Site Licensing Overview• Ensure an organization’s legal compliance with Microsoft

BackOffice software license agreements.• Information is collected on a server by the License Logging

service in Microsoft Windows 2000 Server.• Information is replicated to a centralized database on a server

called the site license server for the site.• The Licensing utility can be used to view the licensing history for

the entire site.• The default site license server is the first domain controller

created for the site.• The site license server does not have to be a domain controller.• In large organizations with multiple sites, licensing information is

collected separately by the site license server in each site.

15

Configuring Inter-Site Replication• Configuring Inter-Site Replication• Site Link Attributes• Site Link Bridges• Manually Configuring Connections• Designating a Preferred Bridgehead Server• Practice: Configuring Inter-Site Replication

16

Site Link Cost• Configure site link cost to assign a value for the cost of

each available connection used for inter-site replication.• Establish site links for each multiple redundant network

connection.• Active Directory always chooses the connection on a

per-cost basis.

17

Properties Dialog Box for a Site Link

18

Replication Frequency• Configure replication frequency by providing an integer

value that tells Active Directory how many minutes it should wait before using a connection to check for replication updates.

• An interval must be at least 15 minutes and no more than 10,080 minutes.

• A site link must be available for any replication to occur.

19

Replication Availability• Availability determines when a site link will be available

for replication.• SMTP typically ignores all schedules.• Do not configure site link replication availability on SMTP

site links unless• The site links use scheduled connections.• The SMTP queue is not on a schedule.• Information is being exchanged directly from one

server to another, and not through intermediaries.

20

Schedule For Dialog Box for a Site Link

21

Site Link Bridges• By default, all site links are bridged in terms of cost.• When site links are bridged, they are transitive.• All site links for a specific transport implicitly belong to a

single site link bridge for that transport.• All site links within the bridge can route transitively, but

they do not route outside of the bridge.

22

New Object-Site Link Bridge Dialog Box

23

Manually Configuring Connections• Active Directory automatically creates and deletes

connections under normal conditions.• Connections can be manually added, configured, or

forced to replicate over a particular connection.• Normally, replication should be allowed to be

automatically optimized based on information provided to Active Directory Sites and Services about your deployment.

• Create a connection manually only if the connection is required and is to persist until manually removed.

24

Forcing Replication Over a Connection

25

Designating a Preferred Bridgehead Server• Allows more control of replication behavior• Provides ranking for choosing preferred server• Distributes the directory information via intra-site

replication• Creates contact point for exchange of directory

information between sites• Ensures that high levels of directory information

exchange are handled promptly

26

MultipleBridgehead Servers• Only one preferred bridgehead server is the active preferred

bridgehead server at any time at a single site.• If the active preferred bridgehead server fails, Active Directory

selects from your designated set another preferred bridgehead server to be the active preferred bridgehead server.

• A domain controller is selected if no other preferred bridgehead servers are available.

• The domain controller might not have the bandwidth to efficiently handle the increased requirements posed by being a preferred bridgehead server.

• A preferred bridgehead server will be used as the first choice to receive and send all directory traffic.

27

Bridgehead Server and Firewalls• A preferred bridgehead server must be specified if the

deployment uses a firewall to protect a site.• Establish the firewall proxy server as the preferred

bridgehead server, making it the contact point for exchanging information with servers outside the firewall.

• If this procedure is not followed, directory information may not be successfully exchanged.

28

Troubleshooting Replication• Troubleshooting Replication• Checking Replication Topology

29

Replication• Ineffective replication can result in declining Active

Directory performance, such as new users not being recognized.

• Ineffective replication primarily results in out-of-date directory information or unavailable domain controllers.

• Each cause has one or more possible solutions.

30

Checking Replication Topology• Active Directory runs a process that considers the cost

of inter-site connections, checks whether any previously available domain controllers are no longer available, checks whether new domain controllers have been added, and then uses this information to add or remove connection objects to create an efficient replication topology.

• This process does not affect manually created connection objects.

31

Maintaining Server Settings• Maintaining Server Settings• Creating a Server Object in a Site• Moving Server Objects Between Sites• Enabling or Disabling a Global Catalog• Removing an Inoperative Server Object from a Site

32

Global Catalog• Clients must have access to a global catalog to log on.• At least one global catalog should exist in every site, to

receive the benefits of containing network traffic provided by using sites.