A site is a grouping of machines based on a subnet of TCP/IP addresses.

An administrator
determines what a site is. Sites may contain multiple subnets. There can be several domains in
a site.
Active Directory replication to various sites is performed using Active Directory Sites and
Services. (Make section explaining how to use this). Sites and subnets are not related to the
structure of the domain.
The following may be created:
 Sites - One or more IP subnets. Generally this refers to a physical site such as a portion
of the organization in particular city or part of a city which is linked by leased lines or
other media to other parts of the organization.
 Subnets - Subnets must be created in each site object before it is really active. A
network address and subnet mask is used to define the subnet.
 Site links - It is a list of two or more connected sites. Whether the link will use RPC or
SMTP for passing data must be determined before creating the link since it cannot be
changed. Selection IP means selection RPC over IP. Site link information includes:
o Replication schedule - Specify the times the sites can replicate and how often
they attempt replication.
o Link cost - High for a low bandwidth link. A high cost link gets lower priority.
A lower priority link is normally used if there are more than one link to the same
location.
o Member sites - Lists sites that are connected using the site link.
o Transport Mechanism - RPC or SMTP (Mail) is specified.
 SMTP (Mail) - It cannon be used for replication inside the same site and
is a form of asynchronous replication.
 RPC - Requires more bandwidth than SMTP.
Bridgehead server - A domain controller that is used to send replication information to
one or more other sites across a site link.
 Site link bridges - Allows one site in a string of sites to replicate through one or two
sites to a second or third site. These are only used for fine control of how replication
will occur across WAN links. This is actually done automatically by AD, without fine
control. To use this feature, automatic bridging of site links must be turned off. You
must have three sites to create a site link bridge since it takes three sites and two site
links to make a string of sites.
 Global catalog servers - The global catalog is a searchable master index with data
about all objects in a forest. The global catalog server maintains this catalog. It:
o Helps Active Directory resources be located by users.
o During logon, it provides group membership information.
There is one in each domain by default, and the first domain controller in the domain is
originally the global catalog server. It is worthwhile to have a global catalog server on
each side of a WAN connection if the domain is spread out across a WAN.
If several domain controllers are placed on the network, and later the network is broken into
sites, appropriate servers must be manually moved to the appropriate site that they are on. If the
domain controller is created after the site is created, the server is placed automatically in the
correct site (based on IP address).
Site management
In your physical network, a site represents a set of computers that are connected by a high-speed
network, such as a local area network (LAN). Typically, all computers in the same physical site
reside in the same building or perhaps the same campus network.
In AD DS, a site object represents the aspects of the physical site that you can manage,
specifically, replication of directory data between domain controllers. You can use
Active Directory Sites and Services to manage the objects that represent the sites and the servers
that reside in those sites.
Site objects and their related objects are replicated to all domain controllers in an
Active Directory forest. You can manage the following objects in Active Directory Sites and
Services:
 Sites
 Subnets
 Servers
 NTDS Settings
 Connections
 Site links
  IP and SMTP intersite transports
Sites
Site objects are located in the Sites container. You can use site objects to accomplish the
following tasks:
 Create new sites
 Delegate control over sites by using Group Policy and permissions
In every site, there is an NTDS Site Settings object. This object identifies the intersite topology
generator (ISTG). The ISTG is the one domain controller in the site that generates connection
objects from domain controllers in different sites. It also performs advanced replication
management tasks.
For more information about sites and the NTDS Site Settings object, see Understanding Sites,
Subnets, and Site Links.
Subnets
Subnet objects identify the ranges of IP addresses within a site. You can use subnet objects to
accomplish the following tasks:
 Create new subnets
 Associate subnets with sites
 Provide a location for a site that can be used by the printer location tracking feature in
Group Policy
For more information about subnets, see Understanding Sites, Subnets, and Site Links.
Servers
Server objects are created automatically when you add the Active Directory Domain Services
server role. Servers represent domain controllers in the replication topology.
You can use server objects to accomplish the following tasks:
 Identify domain controllers that will act as preferred bridgehead servers. You can use
preferred bridgehead servers to control intersite replication so that it occurs only between
those domain controllers that you specify and not between domain controllers that might
be less able to handle intersite replication traffic.
 Move servers between sites. If you create a new site and you have already installed
domain controllers with IP addresses that map to the new site, you can move the domain
controllers to the new site.
NTDS Settings
Every server object contains an NTDS Settings object, which represents the domain controller in
the replication system. The NTDS Settings object stores connection objects, which make
replication possible between two or more domain controllers.
You can use NTDS Settings objects to accomplish the following tasks:
 Generate the replication topology. The Check Replication Topology command for the
NTDS Settings object signals the ISTG to perform a check of all connections between
domain controllers and add or remove any connections that are needed.
 Enable or disable the global catalog on a server. When you enable the global catalog, the
domain controller replicates the read-only directory partitions that make up the global
catalog in the forest.
For more information about the global catalog, see Understanding the Global Catalog.
Connections
Replication partners of servers in a site are identified by connection objects. Replication occurs
in one direction. A connection object for a server contains information about the other server (the
"from" server) that sends replication to the first server. Connection objects store schedules that
control replication within a site. By default, they automatically poll a replication partner for new
changes once every hour. For intersite replication, connection objects derive their schedule from
the site link object. You do not have to manage schedules on connection objects. Connection
objects are created automatically by the replication system.
You can use connection objects to accomplish the following tasks:
 Identify replication partnerships of servers in the site
 Force replication over a connection, when you do not want to wait for scheduled
replication or to test replication over a connection
Site links
Site links represent the flow of replication between sites. You can manage intersite replication by
configuring site properties: over what time periods replication can occur, how often replication
occurs within a certain time period, and the preferred routes between two sites.
You can use site link objects to accomplish the following tasks:
 Add and remove sites that use the site link
  Set the cost of replication over the site link, which determines the likelihood that
replication occurs over this site link when there are multiple routes that replication could
take to reach a destination site
 Set the site link schedule, which determines the hours and days that replication is
available (can occur) over the site link
 Set the replication interval, which determines how often replication occurs over the site
link when replication is available
For more information about using site links, see Scheduling Replication Between Sites.
IP and SMTP intersite transports
Replication uses remote procedure call (RPC) over either the IP transport or the Simple Mail
Transfer Protocol (SMTP) transport. You can use SMTP to send replication within mail
messages in environments where wide area network (WAN) links are not available. In this case,
replication occurs according to the messaging schedule and not the site link schedule. By default,
intersite replication uses the IP transport protocol to deliver replication packets. You can use the
IP and SMTP Intersite Transport containers to accomplish the following tasks:
 Create site links. You can add site links to the replication topology as needed to
accommodate new sites.
 Create site link bridges. Site links are bridged by default in AD DS, and they are not
necessary in most deployments.
For more information about intersite transports, see Scheduling Replication Between Sites.
Service publication
Some services, such as Certificate Services, Message Queuing, and Exchange Server, publish
information in the Sites container in AD DS automatically when they are installed. Other
services can be published in the directory with programming interfaces.
Active Directory Sites and Services exposes published service-related objects in the Services
node. This node is not visible by default. To view this node, open Active Directory Sites and
Services, and then, on the View menu, click Show Services Node .
The objects in the Services node in Active Directory Sites and Services are published for use by
the respective application administrators. For this reason, information about these objects is
available in documentation for the service or application.
Creating site
Two topologies are found in a successful network, Physical Topology and Logical Topology. Physical
Topology represents the structure of the network which includes network topologies, hardware
placements, IP address allocations. Logical Topology represents the security boundaries of said network,
network services etc. In an Active Directory infrastructure setup, the Domain represents the logical
topology while Sites and Subnets represent the physical topology.
A site can simply be defined as a physical location or network. It can be separate building, separate city
or even in separate country. This Step-By-Step will provide example of this by detailing steps on setup
and configuration of sites and subnets. Two sites, Site A and Site B will be created then assigned to the
relevant servers along with the subnets.
Step 1: Creating a new site
1. Navigate to Server Manager > Tools > Active Directory Sites and Services

2. In the Active Directory Sites and Service window, right-click Sites and select New Site

3. Enter SiteA in the Name: box

4. Select the DEFAULTIPSITELINK and click OK

 5. Click OK to complete the site creation

6. Repeat steps 1 to 5 and create Site B. Once completed, you should see the following:

Step 2: Creating Subnets

1. In the Active Directory Sites and Services MMC, right-click Subnets and select New
Subnet…
 2. In the New Object – subnet window, type 192.168.148.0/24

3. In the Select a site object for this prefix option select SiteA and click OK

4. Repeat steps 1 to 3 and use prefex 10.10.10.0/24 assigned to SiteB

Step 3: Creating Site Links
1. In the Active Directory Sites and Services MMC, right-click Inter-Site Transports > IP
and then click New Site Link

2. In the New Object – subnet window, enter a desired name for the link, select both SiteA
and SiteB, and click add
3. Click OK to continue

4. The link is then created link with the default values however it can be optimized. Right-
click on the link and select properties

5. In the SiteA-SiteB Dedicated Link Properties window, the cost defines the links assigned
bandwidth. Further details in regards to cost can be found here
 6. Replication changes can also be defined between sites. To accomplish this, click on
Change Schedule

7. Define a custom schedule and click OK

8. Click OK to apply the changes

Step 4: Moving the Domain controllers to the newly created sites

1. In the Active Directory Sites and Services MMC, navigate to Default-First-Site-Name >
Servers

2. Right-click on the Domain controller required to move and select Move…

3. In the Move Server window, select SiteA which will be site the Domain Controller will
be moving to and click OK

4. Repeat steps 1 to 3 to move SRV1 to SiteB

This completes the configuration of sites, subnets and site links.