Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Active directory sites and services

Active directory sites and services 5 years 7 months ago #36786

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
Hi folks,

Could you please any one of you folks can explain me precisely about Sites and services in Active directory, Highly appreciable if explained with few practical example.

Thanks in Advance.

Rizin
Known is a drop, unknown is an Ocean
The administrator has disabled public write access.

Re: Active directory sites and services 5 years 7 months ago #36787

  • Bublitz
  • Bublitz's Avatar
  • Offline
  • Senior Member
  • Posts: 301
  • Thank you received: 3
  • Karma: 2
It's mainly used to configure you domain controller sites/servers.

Basically create you subnets.

192.168.1.x/24
192.168.2.x/24
192.168.3.x/24

Then assign subnets to your physical sites (which you also create).

So Site1 - 192.168.1.x
Site2 - 192.168.2.x
Sire 3 - 192.168.3.x

When you create a domain controller it will then add them to a site based on its ip (you can also manually create a server).

Once this is done you can configure domain controller parameters and tell them who and when they sync to each other.

So lets say site 1 is you main "base" You can tell site 1 to sync with 2 and 3.

Site 2 and 3 can be configured not to sync to each other only servers in site 1 for instance.

You can also make domain controllers global catalog servers so they process logins. (If you remove domain controllers and you end up removing your last global catalog server you'll get some calls....)

You should also go in there every so often to make sure any old/decommissioned domain servers/sites/subnets are removed

There is alotttt more stuff to configure in there parameter wise, but those are some very common tasks you'll do in ADSS.
The Bublitz
Systems Admin
Hospice of the Red River Valley
The administrator has disabled public write access.

Re: Active directory sites and services 5 years 7 months ago #36793

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
Hi bublitz,

Thanks for your reply.

1. Assume if i have 192.168.1.0 subnet only for my whole domain shall i create this subnet and assigned to default site service.

2. Creating Site1, site2, site 3 is applicable for multiple sites (multiple domain controller) isn't it please explain.

3. if i have created a 10 VLANS with the subnet 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 etc.. till 192.168.10.0 shall i create these subnets and assigned to the default site services provided that all subnets belongs to One domain controller.

4. Could you please explain the advantages of the creating subnets in sites and services for single domain controller and multiple domain controller.

Thanks much in Advance and really appreciate your help.

Rizin
Known is a drop, unknown is an Ocean
The administrator has disabled public write access.

Re: Active directory sites and services 5 years 7 months ago #36795

  • Bublitz
  • Bublitz's Avatar
  • Offline
  • Senior Member
  • Posts: 301
  • Thank you received: 3
  • Karma: 2
1. If you only have 1 site it will be created automatically when you install AD. I haven't done a fresh install of a single domain controller in a along time. So i'm not sure a subnet is automatically created just the site is. Since you not syncing with any other controllers it might not even been necessary. If ADSS didn't install this subnet by default then your ok.

2. It depends, but if site 1 has 2 domain controllers each on their own subnet I would make 1 Site and add 2 subnets. Site 2 and Site 3 both have 1 each then I would add a site and a subnet for 2 and 3.

3. Nope I use multiple Vlans as well for iscsi and guest vlans. I do not add these networks in. Just you like you mentioned I add 1 if a domain controller resides on it. On the flip side I don't think it actually causes any harm or damage its just not necessary is all.

4. Its all about replication. So if a domain controller is on a subnet add it. If the domain controller is at a different "site" and is spit geographically or a WAN connection is involved id always make a site. Example if you have a slower wan you can sync less often then if you make multiple sites. If domain controllers reside on a LAN you can make them more often so it adds granularity and control. It also organizes your environment similar to active directory users and computers. If you lump all you pcs and all users into 1 container you have less control and organization if you want to do group policy's for instance.
The Bublitz
Systems Admin
Hospice of the Red River Valley
The administrator has disabled public write access.

Re: Active directory sites and services 5 years 7 months ago #36798

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
Thanks for your reply.

A practical scenario:

1. There is one Win2k3 server domain for more than 100 users, All users in the 192.168.1.0 /24 subnet.

2. I created a site name called A1 despite of default site services, immediately one pop up message asked me to move my domain to A1.

3. I did the same and the domain moved to the A1 services. then i created a subnet 192.168.1.0/24, that's it.

4. Server has been moved to the new site A1 and there is no server name in default-site-services.

5. Please have a look on below image and advise me. Many thanks in advance.

Known is a drop, unknown is an Ocean
The administrator has disabled public write access.

Re: Active directory sites and services 5 years 7 months ago #36805

  • Bublitz
  • Bublitz's Avatar
  • Offline
  • Senior Member
  • Posts: 301
  • Thank you received: 3
  • Karma: 2
If you only have 1 domain controller id just leave it at the default site with the subnet you created.
The Bublitz
Systems Admin
Hospice of the Red River Valley
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.082 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup