70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 6: Active Directory Physical Design

Guide to MCSE , Enhanced2 Objectives Describe the objects and components of Active Directory that relate to the physical structure Understand how to plan the physical structure of Active Directory and consider how the topology of your network will affect your design

Guide to MCSE , Enhanced3 Active Directory Physical Objects Physical objects Have equivalent physical structure in real world Logical and physical structure independent Physical objects: Sites Site links Domain controllers

Guide to MCSE , Enhanced4 Example Site and Domain Configurations

Guide to MCSE , Enhanced5 Site Objects Site Region of network infrastructure Made up of one or more well-connected IP subnets “Well connected” Commonly understood to refer to local area network (LAN) environment

Guide to MCSE , Enhanced6 Site Objects (continued) Default-First-Site-Name Site created when first domain controller promoted Often is renamed Used as first site in Active Directory Can be left alone Used to identify when servers cannot determine their site Allow clients belonging to same physical network to access services from servers in close proximity

Guide to MCSE , Enhanced7 Site Objects (continued) Servers: Domain controllers Global catalog servers Distributed file system (DFS) Site-aware

Guide to MCSE , Enhanced8 Simple Site Diagram

Guide to MCSE , Enhanced9 Activity 6-1: Creating Sites Objective: This exercise is designed to familiarize you with the process of creating sites using Active Directory Sites and Services

Guide to MCSE , Enhanced10 Activity 6-1: Creating Sites (continued) Implement the site structure seen below:

Guide to MCSE , Enhanced11 Subnet Objects Identify subnets on network Can be associated with sites Allow client computer to determine in which site it is located Comparing its IP address and subnet mask to subnets in Active Directory

Guide to MCSE , Enhanced12 List of Subnets That Make Up Each Site

Guide to MCSE , Enhanced13 Site Link Objects Represent fact that physical connection exists between two or more sites DEFAULTIPSITELINK Automatically created when first DC promoted Several parameters Control replication Control how clients and servers determine closest site

Guide to MCSE , Enhanced14 Network Connections and Site Links

Guide to MCSE , Enhanced15 Activity 6-3: Creating Site Links Objective: This exercise is designed to familiarize you with the process of creating site links using Active Directory Sites and Services Follow the instructions to create site links

Guide to MCSE , Enhanced16 Creating a Site Link

Guide to MCSE , Enhanced17 Domain Controllers Windows server computer Maintains copy of domain database Used for authentication Placed in sites by examining IP address

Guide to MCSE , Enhanced18 Activity 6-4: Moving a Domain Controller Object Between Sites Objective: Understand the process of manually moving a domain controller between sites Once a domain controller has been promoted it must be moved to a new site if physically relocated

Guide to MCSE , Enhanced19 Active Directory Sites and Services

Guide to MCSE , Enhanced20 Planning and Designing the Physical Structure Planning and designing: Important task Must complete prior to implementing physical objects themselves

Guide to MCSE , Enhanced21 Physical Network Physical network Represents actual physical objects that deliver message from one place to another Components: Point of transmission Transmission medium Point of reception Begin planning Active Directory sites by creating diagram of physical network infrastructure

Guide to MCSE , Enhanced22 Physical Network (continued) Diagram should include: Cable types Approximate paths of cable routing Server maps Peripheral devices WAN connections Number of users and computers located at each physical location Nonstandard implementations

Guide to MCSE , Enhanced23 Site Topology Collection of objects that represent physical network Does not necessarily map one to one to actual physical topology Key factor: Arrangement of subnets

Guide to MCSE , Enhanced24 Site Links Used to model amount of available bandwidth between two sites Networks connected by link that is slower than LAN speed Cost Purely arbitrary value Not an actual dollar figure Assigned by administrator

Guide to MCSE , Enhanced25 Site Links (continued) Clients choose to connect to server that has lowest cost path Domain controllers use site link cost to locate closest replication partners Once lowest-cost server is selected 100% up to underlying network structure to determine how data gets from point A to point B

Guide to MCSE , Enhanced26 Choosing Server Based on Cost

Guide to MCSE , Enhanced27 Choosing Replication Partner Based on Cost

Guide to MCSE , Enhanced28 Site Links Using 1 for a preferred link strongly discouraged Can use a formula

Guide to MCSE , Enhanced29 Activity 6-5: Modifying the Cost of a Site Link Objective: This exercise is designed to familiarize you with the process of modifying the cost of a site link Use Active Directory Sites and Services to modify site link cost

Guide to MCSE , Enhanced30 Number of Hops Versus Site Cost

Guide to MCSE , Enhanced31 Site Links Replication Schedule Defines hours during when site link available for replication Manually configured Requires consideration when determining appropriate settings Replication interval Controls polling interval used by replication process

Guide to MCSE , Enhanced32 Site Links (continued) Transport Protocol Choices: RPC (Remote Procedure Call) over TCP/IP SMTP Replication within site always uses RPC over TCP/IP Based on quality of network connectivity

Guide to MCSE , Enhanced33 Site Link Bridges Some sites do not have a fully routed IP environment Cannot ping from one site to another site Composed of minimum of two site links Fully routed IP infrastructure is assumed Must disable Bridge all site links option Only sites that have a site link directly between them can communicate Site link bridges can be added

Guide to MCSE , Enhanced34 Not Fully Routed

Guide to MCSE , Enhanced35 Not Fully Routed with Site Link Bridges

Guide to MCSE , Enhanced36 Domain Controller and Global Catalog Placement Every domain in forest Should have at least two domain controllers Provides redundancy for authentication Can be in different sites May be necessary to collect performance statistics to determine how many domain controllers are needed at site

Guide to MCSE , Enhanced37 Domain Controller and Global Catalog Placement Goal at large site Have n+1 domain controllers n represents the number of domain controllers required to handle load

Guide to MCSE , Enhanced38 Example Placement of Domain Controllers

Guide to MCSE , Enhanced39 Domain Controller and Global Catalog Placement Global Catalog Servers Index and partial replica of objects and attributes Most frequently used throughout entire Active Directory structure Designate global catalog server At least one domain controller per site

Guide to MCSE , Enhanced40 Activity 6-6: Designating a Domain Controller as a Global Catalog Server Objective: This exercise is designed to familiarize you with the process of designating a domain controller as a global catalog Use Active Directory Sites and Services to designate a Global Catalog Server

Guide to MCSE , Enhanced41 Summary Active Directory sites are composed of one or more well-connected subnets Object connecting two or more sites is called a site link Site link cost is an arbitrary value set by administrator Used when locating closest server

Guide to MCSE , Enhanced42 Summary (continued) Placement of domain controllers is determined by the client load and availability required Global catalog servers provide a fast way to search for objects located throughout forest