Scribd
Upload
14 views11 pages

LAB08 - Setting Up Active Directory Sites Subnets-Site-Links

The document provides a practical guide for setting up Active Directory sites, subnets, and site links, detailing the steps to create and configure these components within a network. It emphasizes the importance of understanding both physical and logical topologies in network design, particularly for organizations with branch offices. Additionally, it discusses considerations for branch office infrastructure, including the deployment of services like RODC, Global Catalog Server, and DNS to optimize connectivity and security.

Uploaded by

pettagsco
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views11 pages

LAB08 - Setting Up Active Directory Sites Subnets-Site-Links

The document provides a practical guide for setting up Active Directory sites, subnets, and site links, detailing the steps to create and configure these components within a network. It emphasizes the importance of understanding both physical and logical topologies in network design, particularly for organizations with branch offices. Additionally, it discusses considerations for branch office infrastructure, including the deployment of services like RODC, Global Catalog Server, and DNS to optimize connectivity and security.

Uploaded by

pettagsco
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Lab: Setting Up Active Directory Sites, Subnets & Site-Links

File Name: LAB08 - Setting Up Active Directory Sites Subnets-Site-Links

Start Date / /20 Completion Dt: / /20 Term:


Student ID: Student Name:
Tutor: Asst. Tutor:

This practical focuses on: A / NA Supervisor Comments.


 Setting Up Active Directory
 Sites,
 Subnets
 & Site-Links

Student: Attention required for practice. Head of Faculty / Academic


Unacceptable response?
Focus and Concentration are not enough?
Achievement – Average / Satisfied

Two topologies are found in a successful network, Physical Topology and Logical
Topology. Physical Topology represents the structure of the network which includes
network topologies, hardware placements, IP address allocations. Logical Topology
represents the security boundaries of said network, network services etc. In an Active
Directory infrastructure setup, the Domain represents the logical topology while
Sites and Subnets represent the physical topology.

Step-By-Step:
Setting Up Active Directory Sites, Subnets & Site-Links

A site can simply be defined as a physical location or network. It can be separate


building, separate city or even in separate country. This Step-By-Step will provide
example of this by detailing steps on setup and configuration of sites and subnets. Two
sites, Site A and Site B will be created then assigned to the relevant servers along with
the subnets.
The environment to be created is as follows:

Server Name Roles Operating System Site Subnets


DC1.contoso.com Primary Domain Windows server Site A (HQ) 192.168.148.0/24
Controller standard 2012 R2
SRV1.contoso.com Additional Domain Windows server Site B (Branch 10.10.10.0/24
Controller standard 2012 R2 Office)
In this demo, SRV1 server is located in Branch office which is located in different geographical
location. It is
connected to primary domain via 256kb link. It is currently setup under the default AD
2

site.
Page
Step 1: Creating a new site

1. Navigate to Server Manager > Tools > Active Directory Sites and Services

2. In the Active Directory Sites and Service window, right-click Sites and select
New Site

3. Enter SiteA in the Name: box

4. Select the DEFAULTIPSITELINK and click OK

5. Click OK to complete the site creation

6. Repeat steps 1 to 5 and create SiteB. Once completed, you should see the
following:
3
Page
Step 2: Creating Subnets

1. In the Active Directory Sites and Services MMC, right-click Subnets and select
New Subnet…

4
Page

2. In the New Object – subnet window, type 192.168.148.0/24


3. In the Select a site object for this prefix option select SiteA and click OK

4. Repeat steps 1 to 3 and use prefex 10.10.10.0/24 assigned to SiteB

Step 3: Creating Site Links

1. In the Active Directory Sites and Services MMC, right-click Inter-Site


Transports > IP and then click New Site Link

5
Page

2. In the New Object – subnet window, enter a desired name for the link, select
both SiteA and SiteB, and click add
3. Click OK to continue

4. The link is then created link with the default values however it can be optimized.
Right-click on the link and select properties

5. In the SiteA-SiteB Dedicated Link Properties window, the cost defines the links
assigned bandwidth. Further details in regards to cost can be found here
6
Page
6. Replication changes can also be defined between sites. To accomplish this, click
on Change Schedule

7. Define a custom schedule and click OK

8. Click OK to apply the changes

Step 4: Moving the Domain controllers to the newly created sites


7
Page

1. In the Active Directory Sites and Services MMC, navigate to Default-First-Site-


Name > Servers
2. Right-click on the Domain controller required to move and select Move…

3. In the Move Server window, select SiteA which will be site the Domain Controller
will be moving to and click OK

4. Repeat steps 1 to 3 to move SRV1 to SiteB


8
Page
This completes the configuration of sites, subnets and site links.

Active Directory + Branch office infrastructure design


In organization it may have branch offices, stores in different geographical locations. Some of these
branch office network infrastructures may not need integrate with the cooperate network. For
example, if it’s a sales office they may communicate with the Head office just through email or phone.
So that branch office network will work as separate independent structure.

But it’s not always simple like that. Your branch office also may need to be a part of cooperate network.
In such requirement we need to properly plan out what services needs to deploy on branch network
and how each service, resources should optimize in order to maintain connectivity with cooperate
network as well as maintain security and availability.

Active directory also crucial in the branch office infrastructure design. Correct placement of associated
services also important. Idea of this article is to provide tips and tricks which will help to build a proper
9

branch office network.


Page
Before go for implementations we need to consider followings, 1)
How branch office network and cooperate network connected?
2) What is the bandwidth between the locations?
3) What sort of operations, branch office will do?
4) What data, resources branch office depends on from cooperate network?
5) How often those should update or access?
6) Who will manage the infrastructure?
7) What sort of security measure should take on infrastructure design? 8) What are the risks
involve and how we can mitigate them?

Answers for those questions are depend on the organization business model. But if you have proper
answer to those questions before the start implementation it solves 75% of the problems which can
occurs in network.

Read Only Domain Controllers (RODC)


RODC is allows to get rid of administrative overhead and implement local services to the branch
network. I already done complete RODC implementation series and you can get more info about RODC
and its implementation from
http://www.rebeladmin.com/2014/10/why-read-only-domain-controllers-rodc/

Global Catalog Server


GC server is distributed data repository that provides searching and login in AD forest. Placement of this
depend on the link between branch office and the cooperate network. It will help to optimize
bandwidth usage as we can use this to facilitate local login without going through WAN.

Universal Group Membership Caching (UGMC)


This is used when global catalog server is not in place in branch network. This also can use to prevent
additional traffic use for authentication process between cooperate network and branch office
network.

DNS Server: You must install DNS role in the branch office network even it’s a RODC. So, users in
branch office can query for DNS records even connectivity to cooperate network unavailable. If it’s
RODC you can use primary read-only types. So, it copies all the forest and domain DNS Zone files. If it’s
not RODC you can keep it as secondary DNS server.

DHCP Server: If the devices in branch office going to use DHCP for ip assignment it is important to
deploy DHCP server in branch office. It reduces support issues, and traffic on the WAN link. It also helps
to maintain the availability even WAN is down.
10

BranchCache
Page

This is also very important in branch office network. It helps to cache the content which is accessed
from cooperate network. This runs on two modes.
1) Distributed cache mode – This distributes cache content among the user computers.
2) Hosted cache mode – this stores cache content on the server in branch office and distribute
data from there.

Recommended mode to use is hosted cache mode as it increases the cache availability and also multi-
subnet access. However, it depends on the budget and the requirements as it need server.

You can use distributed cache mode if,


1) Network serve for less than 100 users
2) No servers deployed in network
3) Multiple subnet with less than 100 users in each

You can go for hosted cache mode if,


1) Network serve for more than 100 users
2) Multiple subnets with large number of users
3) Additional servers are in branch office

These are the main services which is important for branch office network design, but depend on the
operation requirements you can place other services and optimize it for branch office network use.

11
Page

You might also like